Combating Spam and Denial-of-Service Attacks with Trusted Puzzle Solvers
نویسندگان
چکیده
Cryptographic puzzles can be used to mitigate spam and denial-of-service (DoS) attacks, as well as to implement timed-release cryptography. However, existing crypto puzzles are impractical because: (1) solving them wastes computing resources and/or human time, (2) the time it takes to solve them can vary dramatically across computing platforms, and/or (3) applications become non-interoperable due to competition for resources when solving them. We propose the use of Trusted Computing in constructing crypto puzzles. Our puzzle constructions have none of the drawbacks above and only require each client machine to be equipped with a small tamper-resistant Trusted Puzzle Solver (TPS), which may be realized using the prevalent Trusted Platform Module (TPM) with minimal modifications.
منابع مشابه
Trusted Puzzle Solvers without Clock Support against Spam and Denial-of-Service Attacks
Spam and Denial-of-Service (DoS) attacks are growing threats on the Internet. Cryptographic puzzles can be used to address the problem effectively. Additionally, the Trusted Puzzle Solver (TPS), which is similar to the Trusted Platform Module (TPM), is also proposed to help constructing crypto puzzles that may have some outstanding specialties in security and efficiency. Based on the analysis a...
متن کاملMitigating Network-Based Denial-of-Service Attacks with Client Puzzles
Over the past few years, denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks have become more of a threat than ever. These attacks are aimed at denying or degrading service for a legitimate user by any means necessary. The need to propose and research novel methods to mitigate them has become a critical research issue in network security. Recently, client puzzle protocols h...
متن کاملMoving dispersion method for statistical anomaly detection in intrusion detection systems
A unified method for statistical anomaly detection in intrusion detection systems is theoretically introduced. It is based on estimating a dispersion measure of numerical or symbolic data on successive moving windows in time and finding the times when a relative change of the dispersion measure is significant. Appropriate dispersion measures, relative differences, moving windows, as well as tec...
متن کاملHF-Blocker: Detection of Distributed Denial of Service Attacks Based On Botnets
Abstract—Today, botnets have become a serious threat to enterprise networks. By creation of network of bots, they launch several attacks, distributed denial of service attacks (DDoS) on networks is a sample of such attacks. Such attacks with the occupation of system resources, have proven to be an effective method of denying network services. Botnets that launch HTTP packet flood attacks agains...
متن کاملNot-a-Bot (NAB): Improving Service Availability in the Face of Botnet Attacks
A large fraction of email spam, distributed denial-ofservice (DDoS) attacks, and click-fraud on web advertisements are caused by traffic sent from compromised machines that form botnets. This paper posits that by identifying human-generated traffic as such, one can mitigate botnet attacks, by servicing human-generated traffic with improved reliability or higher priority. The key challenge is to...
متن کامل