FastPass: Providing First-Packet Delivery
نویسندگان
چکیده
This paper introduces FastPass, an architecture that thwarts flooding attacks by providing destinations with total control over their upstream network capacity. FastPass explores an extreme design point, providing complete resistance to directed flooding attacks. FastPass builds upon prior work on network capabilities and addresses the oft-noted problem that in such schemes, a sender must first get one packet through with no protection against DoS. FastPass provides cryptographic availability tokens to senders that routers verify before expiditing their delivery. We present two variants of the tokens. The first uses light-weight public key cryptography and is practical in high-speed routers with modest hardware additions. The second uses a symmetric hashchaining scheme and is easily implemented in software. In sharp contrast to prior systems, our evaluation shows that hosts using FastPass can quickly communicate regardless of the size of the attack directed against the nodes.
منابع مشابه
Bypassing Network Flooding Attacks using FastPass
We describe the design and implementation of FastPass, a next-generation network architecture that thwarts bandwidth flooding attacks by providing destinations with finegrained control over their upstream network capacity. Prior attempts to achieve network flood resilience have required destinations to successfully receive an initial unprotected packet (capability-based designs) or have relied ...
متن کاملOn the Use of Architectural Products for Cost Estimation
The Department of Defense Architecture Framework (DoDAF) provides a standard set of views that illustrate specific attributes of a system. These views give different levels of detail and purpose that allow engineers to express operational, system, technical, and architectural properties for specific purposes. The twenty six different views available can be useful and at the same time overwhelmi...
متن کاملEfficient Multicast Packet Authentication
Providing authentication mechanisms for IP-Multicast streams is paramount for the development of large scale commercial multicast content delivery applications. This need is particularly strong for the delivery of real time content, such as live video/audio news events or financial stock quote distribution. However, this turns out to be a quite challenging problem for many reasons. First, the a...
متن کاملOn the Exploration of Adaptive Mechanisms Providing Reliability in Clustered WSNs for Power Plant Monitoring
Wireless Sensor Networks (WSNs) are used in almost every sensing and detection environment instead of wired devices in the current world, all the more in power plant monitoring applications. In such a kind of environment, providing reliability is a challenging task, since WSN makes use of low powered sensors. There are many existing works that provide reliable transmission in WSN (predominantly...
متن کاملReliable Proactive Routing Protocol for Wireless Sensor Networks
Providing reliable and efficient communication under fading channels is one of the major technical challenges in wireless sensor networks (WSNs), especially in industrial WSNs (IWSNs) with dynamic and harsh environments. Reliable Reactive Routing Enhancement (R3E) to increase the resilience to link dynamics for WSNs/IWSNs. R3E is designed to enhance existing reactive routing protocols to provid...
متن کامل