TY - JOUR
T1 - Denial of Service Protection with Beaver
AU - Badishi, Gal
AU - Herzberg, Amir
AU - Keidar, Idit
AU - Romanov, Oleg
AU - Yachin, Avital
N1 - Publisher Copyright:
© 2007 Dagstuhl Seminar Proceedings. All rights reserved.
PY - 2007
Y1 - 2007
N2 - We present Beaver, a method and architecture to “build dams” to protect servers from Denial of Service (DoS) attacks. Beaver allows efficient filtering of DoS traffic using low-cost, high-performance, readily-available packet filtering mechanisms. Beaver improves on previous solutions by not requiring cryptographic processing of messages, allowing the use of efficient routing (avoiding overlays), and establishing keys and state as needed. We present two prototype implementations of Beaver, one as part of IPSec in a Linux kernel, and a second as an NDIS hook driver on a Windows machine. Preliminary measurements illustrate that Beaver withstands severe DoS attacks without hampering the client-server communication. Moreover, Beaver is simple and easy to deploy.
AB - We present Beaver, a method and architecture to “build dams” to protect servers from Denial of Service (DoS) attacks. Beaver allows efficient filtering of DoS traffic using low-cost, high-performance, readily-available packet filtering mechanisms. Beaver improves on previous solutions by not requiring cryptographic processing of messages, allowing the use of efficient routing (avoiding overlays), and establishing keys and state as needed. We present two prototype implementations of Beaver, one as part of IPSec in a Linux kernel, and a second as an NDIS hook driver on a Windows machine. Preliminary measurements illustrate that Beaver withstands severe DoS attacks without hampering the client-server communication. Moreover, Beaver is simple and easy to deploy.
UR - http://www.scopus.com/inward/record.url?scp=85175058681&partnerID=8YFLogxK
M3 - ???researchoutput.researchoutputtypes.contributiontojournal.conferencearticle???
AN - SCOPUS:85175058681
SN - 1862-4405
VL - 6371
JO - Dagstuhl Seminar Proceedings
JF - Dagstuhl Seminar Proceedings
T2 - From Security to Dependability 2006
Y2 - 10 September 2006 through 15 September 2006
ER -