Towards network denial of service resistant protocols

IFIP Advances in Information and Communication Technology

Volumn 47, Issue , 2017, Pages 301-310

  Leiwo, Jussipekka ^a   Aura, Thomas ^b   Nikander, Pekka ^b  

^a VU UNIVERSITY AMSTERDAM   (Netherlands)

^b AALTO UNIVERSITY   (Finland)

Author keywords

[No Author keywords available]

Indexed keywords

INTERNET PROTOCOLS; NETWORK SECURITY;

DISTRIBUTED SYSTEMS; HANDSHAKE PROTOCOL; NETWORK DENIAL OF SERVICE; PROTOCOL DESIGN; TCP SYN FLOODING;

DENIAL-OF-SERVICE ATTACK;

EID: 1642344572     PISSN: 18684238     EISSN: 1868422X     Source Type: Book Series    
DOI: 10.1007/978-0-387-35515-3_31     Document Type: Conference Paper

References (40)

1. T. Aura and P. Nikander. Stateless protocols. In ICICS'97, LNCS 1334. Springer-Verlag, 1997.
2. K. P. Birman. Building Secure and Reliable Applications. Manning Publications Corporation, Greenvich, CT, USA, 1996.
3. Buffer overflow in MIME-aware mail and news clients. CA-98.10.
4. Denial-of-service attack via ping. CA-96.26.
5. TCP SYN flooding and IP spoofing attacks. CA-96.21.
6. C. Cowan et al. StackGuard: Automatic adaptive detection and prevention of buffer-overflow attacks. In USENIX/Sec'98.
7. W. H. Cunningham. Optimal attack and reinforcement of a network. J. ACM, 32(3):549-561, 1985.
8. E. Dahlhaus et al. The complexity of multiway cuts. In 24th ACM STOC, 1992.
9. D. E. Denning. Information warfare and security. Addison-Wesley Longman, Inc., Reading, MA, USA, 1999.
10. Proc. DoD computer security center invitational workshop on network security. New Orleans, LA, USA, March 1985.
11. J. Glasgow, G. MacEwen, and P. Panangaden. A logic for reasoning about security. ACM TOGS, 10(3):226-264, 1992.
12. V. Gligor. A note on the denial-of-service problem. In IEEE S&P, 1983.
13. V. D. Gligor. A note on denial-of-service in operating systems. IEEE TOSE, 10(3):320-324, 1984.
14. S. Hirose and K. Matsuura. Enhancing the resistance of a provably secure key agreement protocol to a denial-of-service attack. In ICICS'99, LNCS 1726. Springer-Verlag, 1999.
15. Information technology security evaluation criteria (ITSEC), version 1.2. COM(92) 298 final, Brussels, Sept., 1992.
16. L. J.C., editor. Dependability: Basic concepts and terminology. Springer-Verlag, Vienna, AT, 1992.
17. A. J uels and J. Brainard. Client puzzles: A cryptographic counter-measure against connection depletion attacks. In 1999 ISOC NDSS.
18. P. Karn and W. Simpson. Photuris: A session-key management protocol. IETF RFC 2522, 1999.
19. P. Karn and W. Simpson. Photuris: Design criteria. In SAC'99, LNCS, Springer-Verlag, 1999.
20. K. J. Keus and M. Ullman. Availability: A central and up-to-date user requirement for it security. In 10th ACSAC, 1994.
21. K. J. Keus and M. Ullman. Availability: Theory and fundamentals for practical evaluation and use. In 1Oth A GSA C, 1994.
22. J. Leiwo, C. Gamage, and Y. Zheng. A method to implement a denial of service protection base. In ACISP'97, LNCS 1270, Springer­ Verlag, 1997.
23. J. Leiwo and Y. Zheng. Layered protection of availability. In 1997 Pacific Asia Conference on Information Systems.
24. D. Maughan, M. Schertler, M. Schneider, and J. Thrner. Internet security association and key management protocol (ISAKMP). IETF RFC 2408, 1998.
25. C. Meadows. A formal framework and evaluation method for network denial of service. In 12th IEEE CSFW, 1999.
26. J. K. Millen. A resource allocation model for denial of service. In IEEE S&P, 1992.
27. J. K. Millen. Denial of service: A perspective. In Dependable Computing for Critical Applications 4. Springer-Verlag, 1995.
28. T. C. Miller. strlcpy and strlcat-consistent, safe, string copy and concatenation. OpenBSD project, http:/jwww.openbsd.org, 1996.
29. R. Needham. Denial of service. In 1st ACM CCS, 1994.
30. R. M. Needham. Denial of service: An example. CACM, 37(11):42-46, 1994.
31. D. B. Parker. Restating the foundation of information security. In IFIP/Sec '92.
32. D. B. Parker. A new framework for information security to avoid information anarchy. In IFIP/Sec '95.
33. D. B. Parker. Fighting Computer Crime: A New Framework for Protecting Information. John Wiley & Sons, 1998.
34. C. A. Phillips. The network inhibition problem. In 25th A CM STOC; 1993.
35. F. B. Schneider, ed. Trust in Cyberspace. NAP, 1999.
36. C. L. Schuba, I. V. Krsul, M.G. Kuhn, E. H. Spafford, A. Sundaram, and D. Zamboni. Analysis of a denial of service attack on TCP. In IEEE S&P, 1997.
37. A. Silberschatz and P. B. Galvin. Operating Systems Concepts. Addison-Wesley, Reading, MA, USA, 1994.
38. W. A. Simpson. IKE/ISAKMP considered harmful.;login;, 24(6):48-58, 1999.
39. M. Stoer and F. Wagner. A simple min-cut algorithm. J.ACM, 44(4):585-591, 1997.
40. C.-F. Yu and V. D. Gligor. A specification and verification method for preventing denial of service. IEEE TOSE, 16(6):581-592, 1990.