TY - GEN
T1 - Keeping denial-of-service attackers in the dark
AU - Badishi, Gal
AU - Herzberg, Amir
AU - Keidar, Idit
PY - 2005
Y1 - 2005
N2 - We consider the problem of overcoming (Distributed) Denial of Service (DoS) attacks by realistic adversaries that can eavesdrop on messages, or parts thereof, but with some delay. We show a protocol that mitigates DoS attacks by eavesdropping adversaries, using only available, efficient packet filtering mechanisms based mainly on (addresses and) port numbers. Our protocol avoids the use of fixed ports, and instead performs 'pseudo-random port hopping'. We model the underlying packet-filtering services and define measures for the capabilities of the adversary and for the success rate of the protocol. Using these, we analyze the proposed protocol, and show that it provides effective DoS prevention for realistic attack and deployment scenarios.
AB - We consider the problem of overcoming (Distributed) Denial of Service (DoS) attacks by realistic adversaries that can eavesdrop on messages, or parts thereof, but with some delay. We show a protocol that mitigates DoS attacks by eavesdropping adversaries, using only available, efficient packet filtering mechanisms based mainly on (addresses and) port numbers. Our protocol avoids the use of fixed ports, and instead performs 'pseudo-random port hopping'. We model the underlying packet-filtering services and define measures for the capabilities of the adversary and for the success rate of the protocol. Using these, we analyze the proposed protocol, and show that it provides effective DoS prevention for realistic attack and deployment scenarios.
UR - http://www.scopus.com/inward/record.url?scp=33646394581&partnerID=8YFLogxK
U2 - 10.1007/11561927_4
DO - 10.1007/11561927_4
M3 - ???researchoutput.researchoutputtypes.contributiontobookanthology.conference???
AN - SCOPUS:33646394581
SN - 3540291636
SN - 9783540291633
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 18
EP - 32
BT - Distributed Computing - 19th International Conference, DISC 2005, Proceedings
T2 - 19th International Conference on Distributed Computing, DISC 2005
Y2 - 26 September 2005 through 29 September 2005
ER -