Name
Abstract | ||
|---|---|---|
We argue that open networks designed using end-to-end arguments are particularly vulnerable to flooding, and that this vulnerability persists as hardware and operating systems technologies advance. An effective end-to-end approach to counter distributed flooding attacks against public services and provide access guarantees to their clients is to establish and enforce “user agreements” among clients outside the public services they access. Among the user agreements designed to protect servers from flooding attacks, those requiring client proofs of work (e.g., client puzzles using hash functions) are both ineffective and unnecessary whenever strong access guarantees are desired. In contrast, simple rate-control agreements can be defined to provide strong guarantees based on waiting-time limits. These agreements are established by special-purpose servers and verified before request processing at network-line rate, and hence cannot be flooded. |
Year | DOI | Venue |
|---|---|---|
2003 | 10.1007/11542322_12 | Security Protocols Workshop |
Keywords | Field | DocType |
large open network,user agreement,hash function,end-to-end argument,particular service,service access,effective end-to-end approach,authorised access,certain object,client proof,public service,service instance,strong access guarantee,client puzzle,guaranteeing access,client registration,access guarantee,strong guarantee,network design,operating system | Computer access control,Internet privacy,Authentication,Message authentication code,Denial-of-service attack,Computer security,Computer science,Computer network,Hash function,Flooding (psychology),Spite,Distributed services | Conference |
Volume | ISSN | ISBN |
3364 | 0302-9743 | 3-540-28389-7 |
Citations | PageRank | References |
20 | 1.03 | 14 |
Authors | ||
2 | ||
Name | Order | Citations | PageRank |
|---|---|---|---|
| Virgil D. Gligor | 1 | 4133 | 513.94 |
| VD Gligor | 2 | 119 | 7.39 |