Defending against denial-of-service attacks with puzzle auctions

Proceedings - IEEE Symposium on Security and Privacy

Volumn 2003-January, Issue , 2003, Pages 78-92

  Wang, XiaoFeng ^a   Reiter, M K ^a  

^a CARNEGIE MELLON UNIVERSITY   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

COMPUTER CRIME; COMPUTER OPERATING SYSTEMS; LINUX; NETWORK SECURITY; TRANSMISSION CONTROL PROTOCOL;

AUCTION MECHANISMS; BIDDING STRATEGY; CLIENT PUZZLES; COMPUTING POWER; FULLY COMPATIBLE; LINUX KERNEL; SYN FLOODING ATTACK; TCP PROTOCOL;

DENIAL-OF-SERVICE ATTACK;

EID: 84954449334     PISSN: 10816011     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/SECPRI.2003.1199329     Document Type: Conference Paper

References (23)

1. M. Abadi, M. Burrow, M. Manasse, and T. Wobber. Moderately hard, memory-bound functions. In Proceedings of the 10th Annual Network and Distributed System Security Symposium, 2003.
2. T. Aura, P. Nikander, and J. Leiwo. Dos-resistant authentication with client puzzles. In Proceedings of the Cambridge Security Protocols Worshop 2000. LNCS, Springer-Verlag, 2000.
3. M. Bellare and P. Rogaway. Random oracle are practical: A paradigm for designing efficient protocols. In Proceedings of First ACM Annual Conference on Computer and Communication Security, 1993.
4. S. Bellovin. Defending against sequence number attacks. In RFC 1948, May, 1996.
5. D. Boneh and M. Naor. Timed commitments (extended abstract). In Proceedings of Advances in Cryptology - CRYPTO'00, volume 1880 of Lecture Notes in Computer Science, pages 236-254. Springer-Verlag, 2000.
6. CERT. Computer emergency response team, CERT advisory ca-2001-01: Denial-of-service developments. In http://staff.washington.edu/dittrich/misc/ddos, 2000.
7. CERT. Denial of service attacks. In http://www.cert.org/tech-tips/denial-of-service.html, June 4 2001.
8. CERT. Advisory ca-96.21: Tcp syn flooding and IP spoofing attacks. September 24 1996.
9. D. Dean and A. Stubblefield. Using client puzzles to protect TLS. In Proceedings of 10th Annual USENIX Security Symposium, 2001.
10. S. Dietrich, N. Long, and D. Dittrich. Analyzing distributed denial of service attack tools: The shaft case. In Proceedings of 14th Systems Administration Conference, LISA 2000, 2000.
11. D. Dittrich. Distributed denial of service (ddos) attacks/tools resource page. In http://staff.washington.edu/dittrich/misc/ddos, 2000.
12. C. Dwork and M. Naor. Pricing via processing or combating junk mail. In E. Brickell, editor, Proceedings of ADVANCES IN CRYPTOLOGY - CRYPTO 92, volume 1328 of Lecture Notes in Computer Science, pages 139-147. Springer-Verlag, 1992.
13. M. K. Franklin and D. Malkhi. Auditable metering with lightweight security. In R. Hirschfeld, editor, Proceedings of Financial Cryptography 97 (FC 97), Lecture Notes in Computer Science. Springer-Verlag, 1997.
14. J. A. Garay and M. Jakobsson. Timed release of standard digital signatures. In Proceedings of Financial Cryptography, 2002.
15. X. Geng and A. Whinston. Defeating distributed denial of service attacks. IEEE IT Professional, 2(4):36-41, July-August 2000.
16. D. M. Goldschlag and S. G. Stubblebine. Publically verifiable lotteries: Applications of delaying functions (extend abstract). In Proceedings of Financial Cryptography, 1998.
17. K. Houle, G. Weaver, N. Long, and R. Thomas. Trends in denial of service attack technology. In http://www.cert.org/archive/pdf/DoS-trends.pdf, October 2001.
18. A. Juels and J. Brainard. Client puzzle: A cryptographic defense against connection depletion attacks. In S. Kent, editor, Proceedings of NDSS'99, pages 151-165, 1999.
19. J. Lemmon. Resisting syn flood dos attacks with a syn cache. In S. J. Leffler, editor, Proceedings of BSDCon 2002. USENIX, February 11-14, 2002.
20. R. C. Merkle. Secure communications over insecure channels. 21:294-299, April 1978.
21. X. Qie, R. Pang, and L. Peterson. Defensive programming: Using an annotation toolkit to build dos-resistant software. In Proceedings of the 5th OSDI Symposium, December 2002.
22. R. L. Rivest, A. Shamir, and D. Wagner. Time-lock puzzles and timed-release crypto. 10 March 1996.
23. P. Syverson. Weakly secret bit commitment: Applications to lotteries and fair exchange. In Proceedings of IEEE Computer Security Foundations Workshop, 1998.