Denial of Service Protection with Beaver

13 years 6 months ago

Download drops.dagstuhl.de

We present Beaver, a method and architecture to "build dams" to protect servers from Denial of Service (DoS) attacks. Beaver allows efficient filtering of DoS traffic using low-cost, high-performance, readily-available packet filtering mechanisms. Beaver improves on previous solutions by not requiring cryptographic processing of messages, allowing the use of efficient routing (avoiding overlays), and establishing keys and state as needed. We present two prototype implementations of Beaver, one as part of IPSec in a Linux kernel, and a second as an NDIS hook driver on a Windows machine. Preliminary measurements illustrate that Beaver withstands severe DoS attacks without hampering the client-server communication. Moreover, Beaver is simple and easy to deploy.

Gal Badishi, Idit Keidar, Amir Herzberg, Oleg Roma

Real-time Traffic

Beaver | DAGSTUHL 2006 | DAGSTUHL 2007 | DoS Traffic | Packet Filtering Mechanisms |

claim paper

» Denial of service or denial of security

» Protecting web servers from distributed denial of service attacks

» A Method to Implement a Denial of Service Protection Base

» The Protection of QoS for Multimedia Transmission against Denial of Service Attacks

» Flash crowds and denial of service attacks characterization and implications for CDNs and ...

» Analysis of a Denial of Service Attack on TCP

» Honeypots for Distributed Denial of Service Attacks

» WDA A Web farm Distributed Denial Of Service attack attenuator

Post Info
More Details (n/a)

Added	30 Oct 2010
Updated	30 Oct 2010
Type	Conference
Year	2006
Where	DAGSTUHL
Authors	Gal Badishi, Idit Keidar, Amir Herzberg, Oleg Romanov, Avital Yachin

Comments (0)

Sciweavers

Denial of Service Protection with Beaver

Beaver | DAGSTUHL 2006 | DAGSTUHL 2007 | DoS Traffic | Packet Filtering Mechanisms |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers