Title :
Adaptive Selective Verification
Author :
Khanna, Saarthak ; Venkatesh, Santosh S. ; Fatemieh, O. ; Khan, Faraz ; Gunter, Carl A.
Author_Institution :
Pennsylvania Univ., Philadelphia, PA
Abstract :
We consider Denial of Service (DoS) attacks within the province of a shared channel model in which attack rates may be large but are bounded and client request rates vary within fixed bounds. In this setting it is shown that the clients can respond effectively to an attack by using bandwidth as a payment scheme and time-out windows to adaptively boost request rates. The server will be able to process client requests with high probability while pruning out most of the attack by selective random sampling. Our protocol, which we call Adaptive Selective Verification (ASV) is shown to be efficient in terms of bandwidth consumption using both a theoretical model and network simulations. It differs from previously-investigated adaptive mechanisms for bandwidth-based payment by requiring very limited state on the server.
Keywords :
bandwidth allocation; client-server systems; formal verification; probability; protocols; telecommunication security; ASV protocol; DoS attacks; adaptive selective verification; bandwidth consumption; client-server system; denial-of-service attacks; probability; Bandwidth; Communications Society; Computer crime; Costs; Network servers; Performance analysis; Protection; Protocols; Sampling methods; Web server;
Conference_Titel :
INFOCOM 2008. The 27th Conference on Computer Communications. IEEE
Conference_Location :
Phoenix, AZ
Print_ISBN :
978-1-4244-2025-4
DOI :
10.1109/INFOCOM.2008.101
