A Pay-per-Use DoS Protection Mechanism for the Web

11 years 2 months ago
A Pay-per-Use DoS Protection Mechanism for the Web
Internet service providers have resisted deploying Denial-of-Service (DoS) protection mechanisms despite numerous research results in the area. This is so primarily because ISPs cannot directly charge users for the use of such mechanisms, discouraging investment in the necessary infrastructure and operational support. We describe a pay-per-use system that provides DoS protection for web servers and clients. Our approach is based on WebSOS, an overlay-based architecture that uses reverse Turing tests to discriminate between humans and automated processes that are part of an attack. We extend WebSOS with a credential-based micropayment scheme that combines access control and payment authorization in one operation. Contrary to WebSOS, we use Graphic Turing Tests (GTTs) to prevent malicious code, such as a worm, from using a user’s micropayment wallet. Our architecture allows ISPs to accurately charge web clients and servers. Clients can dynamically decide whether to use WebSOS, based on...
Angelos Stavrou, John Ioannidis, Angelos D. Keromy
Added 30 Jun 2010
Updated 30 Jun 2010
Type Conference
Year 2004
Where ACNS
Authors Angelos Stavrou, John Ioannidis, Angelos D. Keromytis, Vishal Misra, Dan Rubenstein
Comments (0)