Resource Inflation Threats to Denial of Service Countermeasures
نویسندگان
چکیده
Currency-based mechanisms have been proposed as a way to use resource fairness among contenders for a service to thwart Denial of Service (DoS) attacks. Under resource fairness, a server allocates its service to the clients in proportion to their payment of a resource, making the resource serve as a kind of currency. We consider the vulnerability of currency-based DoS defense mechanisms to various resource inflation attacks in which an attacker can substantially inflate its possession of the resource at low cost and in a way that may be either difficult or undesirable for a valid client to do. We provide a simple theoretical analysis of resource inflation attacks and investigate its application to a number of payment schemes to rank their likely vulnerability. We find that the threat of Graphics Processing Units (GPUs) for inflation attacks is especially severe: we are able to demonstrate inflation of up to 630x with common inexpensive GPUs. We also review threats from other capabilities, including multi-core processors, cloud computing, and bandwidth inflation schemes.
منابع مشابه
Security Issues and Countermeasure for VoIP
........................................................................................................... 4 Document Conventions................................................................................... 4 Introduction.................................................................................................... 5 Overview of VoIP techniques..........................................
متن کاملDenial of Service: Another Example
Although denial of service attack has been becoming a fast-growing concern in security research, previous work focused on a type of classical denial of service caused by resource exhaustion. In this paper, a different type of network denial of service attack is discussed. Since traditional models and countermeasures are not applicable, we discuss solutions that can defend this non-classical ser...
متن کاملCyber Threats Foresight Against Iran Based on Attack Vector
Cyber threats have been extraordinary increased in recent years. Cyber attackers, including government agencies or hackers, have made significant advances in the use of various tools for attacking target systems in some countries particularly on Islamic republic of Iran. The complexity of cyber threats and the devastating effects of them on critical systems highlights necessity of cyber thr...
متن کاملDenial of service in public key protocols
Network denial of service attacks have become a widespread problem on the Internet. However, denial of service is often considered to be an implementation issue by protocol designers. In this paper I present a survey of the literature on designing denial of service resistant communication protocols. I consider several different types of resources vulnerable to resource consumption attacks, and ...
متن کاملHF-Blocker: Detection of Distributed Denial of Service Attacks Based On Botnets
Abstract—Today, botnets have become a serious threat to enterprise networks. By creation of network of bots, they launch several attacks, distributed denial of service attacks (DDoS) on networks is a sample of such attacks. Such attacks with the occupation of system resources, have proven to be an effective method of denying network services. Botnets that launch HTTP packet flood attacks agains...
متن کامل