Using Routing and Tunneling to Combat DoS Attacks
نویسندگان
چکیده
Thorough defense against DoS attacks is extremely difficult without incurring significant changes to the Internet architecture. We present a series of changes aimed at establishing protection boundaries to reduce the effectiveness of most flooding DoS attacks against servers. Only minimal and local changes are required to current network architectures. We show that our scheme is highly beneficial even if deployed at a single ISP, with additional benefits arising from multiple-ISP deployment. Finally, we show that the changes can be implemented with off-the-shelf components.
منابع مشابه
Department of Electrical Engineering Technical Report Sos: Secure Overlay Services
Denial of service (DoS) attacks continue to threaten the reliability of networking systems. Previous approaches to protect networks from DoS attacks are reactive in that they wait for an attack to be launched before taking appropriate measures to protect the network. This leaves the door open for other attacks that use more sophisticated methods to mask their traffic. We propose an architecture...
متن کاملMitigating Denial Of Services Using Secure Overlay Service Model
Denial of service (DoS) and Distributed Denial of Service (DDoS) attacks continue to threaten the reliability of networking systems. Previous approaches for protecting networks from DoS attacks are reactive in that they wait for an attack to be launched before taking appropriate measures to protect the network. This leaves the door open for other attacks that use more sophisticated methods to m...
متن کاملA Mechanism for Detecting and Identifying DoS attack in VANET
VANET (Vehicular Ad-hoc Network) which is a hy- brid network (combination of infrastructure and infra- structure-less networks) is an emergent technology with promising future as well as great challenges especially in security. By the other hand this type of network is very sensible to safety problem. This paper focuses on a new mechanism for DoS (denial of service) attacks on the physical and ...
متن کاملLow-Rate TCP-Targeted DoS Attack Disrupts Internet Routing
Compared to attacks against end hosts, Denial of Service (DoS) attacks against the Internet infrastructure such as those targeted at routers can be more devastating due to their global impact on many networks. We discover that the recently identified low-rate TCP-targeted DoS attacks can have severe impact on the Border Gateway Protocol (BGP). As the interdomain routing protocol on today’s Inte...
متن کاملA Mechanism for Detecting and Identifying DoS attack in VANET
VANET (Vehicular Ad-hoc Network) which is a hy- brid network (combination of infrastructure and infra- structure-less networks) is an emergent technology with promising future as well as great challenges especially in security. By the other hand this type of network is very sensible to safety problem. This paper focuses on a new mechanism for DoS (denial of service) attacks on the physical and ...
متن کامل