Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
SRDS
2008
IEEE
2008
IEEE
An Empirical Study of Denial of Service Mitigation Techniques
We present an empirical study of the resistance of several protocols to denial of service (DoS) attacks on client-server communication. We show that protocols that use authentication alone, e.g., IPSec, provide protection to some extent, but are still susceptible to DoS attacks, even when the network is not congested. In contrast, a protocol that uses a changing filtering identifier (FI) is usually immune to DoS attacks, as long as the network itself is not congested. This approach is called FI hopping. We build and experiment with two prototype implementations of FI hopping. One implementation is a modification of IPSec in a Linux kernel, and a second implementation comes as an NDIS hook driver on a Windows machine. We present results of experiments in which client-server communication is subject to a DoS-attack. Our measurements illustrate that FI hopping withstands severe DoS attacks without hampering the client-server communication. Moreover, our implementations show that FI ho...
Real-time TrafficClient-server Communication | Distributed And Parallel Computing | DoS Attacks | FI Hopping | SRDS 2008 |
Related Content
| Added | 01 Jun 2010 |
| Updated | 01 Jun 2010 |
| Type | Conference |
| Year | 2008 |
| Where | SRDS |
| Authors | Gal Badishi, Amir Herzberg, Idit Keidar, Oleg Romanov, Avital Yachin |
Comments (0)
Researcher Info
|
