Modelling Denial of Service Attacks on JFK with Meadows's Cost-Based Framework

Conferences in Research and Practice in Information Technology Series

Volumn 54, Issue , 2006, Pages 125-134

  Smith, J ^a   González Nieto, J M ^a   Boyd, C ^a  

^a QUEENSLAND UNIVERSITY OF TECHNOLOGY   (Australia)

Author keywords

Cryptographic protocols; Denial of service; Security analysis methodologies

Indexed keywords

CLIENT PUZZLES; CRYPTOGRAPHIC PROTOCOLS; DENIAL OF SERVICE; DENIAL OF SERVICE ATTACKS; IP ADDRESSS; KEY AGREEMENT PROTOCOL; MODELLING FRAMEWORK; SECURITY ANALYSIS;

COST BENEFIT ANALYSIS; COSTS; GRID COMPUTING; NETWORK SECURITY; TRANSMISSION CONTROL PROTOCOL;

COMPUTER CRIME;

EID: 84872811083     PISSN: 14451336     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Article

References (23)

1. Abadi, M., Blanchet, B. & Fournet, C. (2003), 'Just Fast Keying in the π-calculus', www. http://www.cse.ucsc.edu/~abadi/Papers/ pijfk.pdf.
2. Abadi, M., Burrows, M., Manasse, M. & Wobber, T. (2003), Moderately Hard, Memory-bound Functions, in 'Proceedings of the 10th Annual Neywork and Distributed System Security Symposium', Internet Society.
3. Aiello, W., Bellovin, S. M., Blaze, M., Canetti, R., Ioannidis, J., Keromytis, A. D. & Reingold, O. (2004), 'Just fast keying: Key agreement in a hostile network', ACM Transactions on Information and System Security 7(2), 242 - 273.
4. Aura, T. & Nikander, P. (1997), Stateless Connections, in 'ICICS '97: Proceedings of the First International Conference on Information and Communication Security', Vol. 1334 of Lecture Notes in Computer Science, Springer-Verlag, pp. 87 - 97.
5. Aura, T., Nikander, P. & Leiwo, J. (2001), DOSResistant Authentication with Client Puzzles, in 'Revised Papers from the 8th International Workshop on Security Protocols', Vol. 2133 of Lecture Notes in Computer Science, Springer-Verlag, pp. 170 - 177.
6. Canetti, R. & Krawczyk, H. (2001), Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels, in 'EUROCRYPT '01: Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques', Lecture Notes in Computer Science Vol. 2045, Springer-Verlag, pp. 453 - 474.
7. Castelluccia, C., Mykletun, E. & Tsudik, G. (2005), Improving Secure Server Performance by Rebalancing SSL/TLS Handshakes, Cryptology ePrint Archive 2005/037, IACR. URL: http://eprint.iacr.org/2005/037
8. Dean, D. & Stubblefield, A. (2001), Using Client Puzzles to Protect TLS, in 'Proceedings of the 10th Annual USENIX Security Symposium'.
9. Dwork, C. & Naor, M. (1993), Pricing via Processing or Combatting Junk Mail, in 'CRYPTO '92: Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology', Springer-Verlag, pp. 139 - 147.
10. Feng, W., Kaiser, E., Feng, W. & Luu, A. (2005), The Design and Implementation of Network Puzzles, in 'Proceedings of INFOCOM 2005', IEEE. To Appear.
11. Gong, L. & Syverson, P. (1995), Fail-stop protocols: An approach to designing secure protocols, in 'Preprints of the 5th International Conference on Dependable Computing for Critical Applications', pp. 44 - 54.
12. Harkins, D. & Carrel, D. (1998), The Internet Key Exchange (IKE), RFC 2409, Internet Engineering Task Force.
13. Juels, A. & Brainard, J. (1999), Client Puzzles: A Cryptographic Countermeasure Against Connection Depletion Attacks, in 'Proceedings of the Network and Distributed Systems Security Symposium (NDSS)', pp. 151 - 165.
14. Karn, P. R. & Simpson, W. A. (1999), Photuris: Session-Key Management Protocol, RFC 2522, IETF.
15. Kaufman, C. (2004), Internet Key Exchange (IKEv2) Protocol, Internet-Draft 17, Internet Engineering Task Force.
16. Lim, C. H. & Lee, P. J. (1997), A key recovery attack on discrete log-based schemes using a prime order subgroup., in 'Advances in Cryptology- CRYPTO '97', Vol. 1294 of Lecture Notes in Computer Science, Springer-Verlag, pp. 249 - 263.
17. Meadows, C. (1999), A Formal Framework and Evaluation Method for Network Denial of Service, in 'Proceedings of the 12th IEEE Computer Security Foundations Workshop', pp. 4 - 13.
18. Meadows, C. (2001), 'A Cost-Based Framework for Analysis of Denial of Service in Networks', Journal of Computer Security 9(1), 143 - 164.
19. Ramachandran, V. (2002), Analyzing DoS-Resistance of Protocols Using a Cost-Based Framework, Technical Report YALEU/DCS/TR-1239, Yale University, Department of Computer Science.
20. Simpson, W. A. (1999), 'IKE/ISAKMP Considered Harmful', USENIX;login 24(6).
21. Wang, X. & Reiter, M. K. (2003), Defending Against Denial-of-Service Attacks with Puzzle Auctions, in 'Proceedings of the 2003 IEEE Symposium on Security and Privacy', IEEE Computer Society.
22. Wang, X. & Reiter, M. K. (2004), Mitigating bandwidth-exhaustion attacks using congestion puzzles, in 'CCS '04: Proceedings of the 11th ACM conference on Computer and communications security', ACM Press, Washington DC, USA, pp. 257 - 267.
23. Waters, B., Juels, A., Halderman, J. A. & Felten, E. W. (2004), New Client Outsourcing Techniques for DoS Resistance, in 'CCS '04: Proceedings of the 11th ACM conference on Computer and communications security', ACM Press, Washington DC, USA, pp. 246 - 256.