Keeping Denial-of-Service Attackers in the Dark

13 years 9 months ago

Download webee.technion.ac.il

Abstract. We consider the problem of overcoming (Distributed) Denial of Service (DoS) attacks by realistic adversaries that can eavesdrop on messages, or parts thereof, but with some delay. We show a protocol that mitigates DoS attacks by eavesdropping adversaries, using only available, efﬁcient packet ﬁltering mechanisms based mainly on (addresses and) port numbers. Our protocol avoids the use of ﬁxed ports, and instead performs ‘pseudo-random port hopping’. We model the underlying packet-ﬁltering services and deﬁne measures for the capabilities of the adversary and for the success rate of the protocol. Using these, we analyze the proposed protocol, and show that it provides effective DoS prevention for realistic attack and deployment scenarios.

Gal Badishi, Amir Herzberg, Idit Keidar

Real-time Traffic

Algorithms | DoS Attacks | Packet ﬁltering Mechanisms | Realistic Adversaries | WDAG 2005 |

claim paper

Post Info
More Details (n/a)

Added	28 Jun 2010
Updated	28 Jun 2010
Type	Conference
Year	2005
Where	WDAG
Authors	Gal Badishi, Amir Herzberg, Idit Keidar

Comments (0)

Sciweavers

Keeping Denial-of-Service Attackers in the Dark

Algorithms | DoS Attacks | Packet ﬁltering Mechanisms | Realistic Adversaries | WDAG 2005 |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers