ShutUp: End-to-End Containment of Unwanted Traffic
نویسندگان
چکیده
While the majority of Denial-of-Service (DoS) defense proposals assume a purely infrastructure-based architecture, some recent proposals suggest that the attacking endhost may be enlisted as part of the solution, through tamper-proof software, network-imposed incentives, or user altruism. While intriguing, these proposals ultimately raise the deployment bar by requiring both the infrastructure and endhosts to cooperate. In this paper, we explore the design of a pure end-to-end architecture based on tamper-proof endhost software implemented for instance with trusted platforms and virtual machines. We present the design of a “Shutup Service”, whereby the recipient of unwanted traffic can ask the sender to slowdown or stop. We show that this service is effective in stopping DoS attacks, and in significantly slowing down other types of unwanted traffic such as worms. The Shutup service is incrementally deployable with buy-in from OS or antivirus vendors, requiring only minimal changes to the endhost software stack and no changes to the protocol stack. We show through experimentation that the service is effective and has little impact on legitimate traffic.
منابع مشابه
ShutUp: End-to-End Containment of Unwanted Traffic
All approaches to handling unwanted traffic consider the source hostile to the interests of the recipient, and therefore enlist the cooperation of routers to block traffic. Recent advances in trusted platforms and virtual machines make the time ripe for questioning the necessity and appropriateness of involving the middle. Specifically, existing solutions overlook a simpler, more natural, appro...
متن کاملVigilante: End-to-End Containment of Internet Worms
Worm containment must be automatic because worms can spread too fast for humans to respond. Recent work has proposed network-level techniques to automate worm containment; these techniques have limitations because there is no information about the vulnerabilities exploited by worms at the network level. The authors propose Vigilante, a new end-to-end approach to contain worms automatically that...
متن کاملشیوه های توزیع بار در مهندسی ترافیک
Because of rapidly rising network traffic, ISP providers are trying to create new network structures and extend more resources to control the growth of demands. It is important to efficiently split the network bandwidth among different sources so that each user has enough bandwidth. Traffic engineering is used to achieve this goal. Performing reliable and efficient network ope...
متن کاملNetwork Parameters Evaluation in Vehicular Ad-hoc Network (VANET) Routing Protocols for Efficient Message Delivery in City Environment
Abstract- Efficient message delivery in city environment is required to ensure driver’s safety and passenger’s comfortability. In cities of developed nations, routing of data in vehicular Ad hoc Network (VANET) faces many challenges such as radio obstacles, mobility constraints and uneven nodes distribution. These factors primarily makes communication between vehicles complex. To overcome and t...
متن کاملAn OS Independent Heuristics-based Worm-containment System
We present an operating system independent and tamper-resistant worm-containment end-system. This system continuously observes outgoing network traffic over a finite-duration traffic window, and using heuristic rules executing in a secondary environment, detects infections. It automatically quarantines the infected host to stop further spread of the worm. We present four heuristic rules, and us...
متن کامل