Self-routing denial-of-service resistant capabilities using in-packet bloom filters

EC2ND 2009 - European Conference on Computer Network Defense

Volumn , Issue , 2009, Pages 46-51

  Rothenberg, Christian Esteve ^a   Jokela, Petri ^b   Nikander, Pekka ^b   Sarela, Mikko ^b   Ylitalo, Jukka ^b  

^a UNIVERSITY OF CAMPINAS   (Brazil)

^b ERICSSON RESEARCH   (Finland)

Author keywords

[No Author keywords available]

Indexed keywords

DATA STRUCTURES; NETWORK ARCHITECTURE; NETWORK SECURITY; SECURITY SYSTEMS;

BUILDING BLOCKES; COMPACT REPRESENTATION; DENIAL OF SERVICE; DISTRIBUTED DENIAL OF SERVICE ATTACK; FLOW INFORMATIONS; FORWARDING NODES; PACKET FORWARDING; SECURITY ANALYSIS;

DENIAL-OF-SERVICE ATTACK;

EID: 77954925208     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/EC2ND.2009.14     Document Type: Conference Paper

References (25)

1. T. Anderson, T. Roscoe, and D. Wetherall. Preventing internet denialof-service with capabilities. Hotnets II, pages 39-44, 2004.
2. K. Argyraki and D. Cheriton. Network capabilities: The good, the bad and the ugly. ACAi HotNe.ts-IV, Jan 2005.
3. H. Ballani, Y. Chawathe, S. Ratnasamy, T. Roscoe, and S. Shenker. Off by default. ACM HotNets IV, Aug 2005.
4. B. H. Bloom. Space/time trade-offs in hash coding with allowable errors. Commun. ACM, 1970.
5. M. Casado, T. Garfinkel, A. Akella, M. J. Freedman, D. Boneh, N. McKeown, and S. Shenker. SANE: a protection architecture for enterprise networks. In USENIX-SS'06, Berkeley, CA, USA, 2006.
6. D. E. Denning and G. M. Sacco. Timestamps in key distribution protocols. Commun. ACM, 24(8):533-536, 1981.
7. C. Dixon and T. Anderson. Phalanx: Withstanding multimillion-node botnets. Usenix NSDI, 2008.
8. A. Farrel, J.-P. Vasseur, and J. Ash. A path computation element (PCE)based architecture. IETF RFC 4655, 2006.
9. D. Hwang, M. Chaney, S. Karanam, N. Ton, and K. Gaj. Comparison of FPGA-targeted hardware implementations of eSTREAM stream cipher candidates. SASC 08, Feb 2008.
10. P. Jokela, A. Zahemszky, C. Esteve, S. Arianfar, and P. Nikander. LIPSIN: Line speed publish/subscribe inter-networking. In Proceedings of ACM SIGCOMM'09, Barcelona, Spain, Aug. 2009.
11. J. Laganier and L. Eggert. Host identity protocol (HIP) rendezvous extension. Technical report, RFC 5204, April 2008.
12. K. Lakshminarayanan, I. Stoica, and S. Shenker. Routing as a service, 2004.
13. B. Parno, A. Perrig, and D. Andersen. Snapp: stateless networkauthenticated path pinning. In ACM ASIACCS '08, 2008.
14. B. Parno, D. Wendlandt, E. Shi, A. Perrig, B. Maggs, and Y. Hu. Portcullis: Protecting connection setup from denial-of-capability attacks. In Sigcomm, 2007.
15. B. Raghavan and A. C. Snoeren. A system, for authenticated policycompliant routing. SIGCOMM CCR, 34(4): 167-178, 2004.
16. M. Särelä, T. Rinta-aho, and S. Tarkoma. RTFM: Publish/subscribe internetworking architecture. ICT Mobile Summit, 2008.
17. S. Tarkoma, D. Trossen, and M. Särelä. Black boxed rendezvous based networking. In MobiArch '08, 2008.
18. L. Von Ahn, M. Blum, N. Hopper, and J. Langford. CAPTCHA: Using hard AI problems for security. LNICS, pages 294-311, 2003.
19. D. Wendlandt, D. Andersen, and A. Perrig. Fastpass: Providing firstpacket delivery. Technical report CMU cylab, 2006.
20. T. Wolf. A credential-based data path architecture for assurable global networking. In IEEE MlLCOM, 2007.
21. T. Wollinger, J. Guajardo, and C. Paar. Security on FPGAs: State-ofthe-art implementations and attacks. ACM Trans. Embed. Comput. Syst., 3(3): 534-574, 2004.
22. A. Yaar, A. Perrig, and D. Song. Siff: A stateless internet flow filter to mitigate DDoS flooding attacks. Security and Privacy, 2004.
23. H. Yan, D. A. Maltz, T. S. E. Ng, H. Gogineni, H. Zhang, and Z. Cai. Tesseract: A 4D network control plane. In NSDI'07, 2007.
24. X. Yang, D. Wetherall, and T. Anderson. TVA: A DoS-limiting network architecture. IEEE/ACM Trans, on Networking, 16(6): 1267-1280, 2008.
25. A. Zahemszky, A. Csaszar, P. Nikander, and C. Esteve. Exploring the pubsub routing/forwarding space. In ICC FutNet09, 2009.