Title :
Chained puzzles: a novel framework for IP-layer client puzzles
Author :
McNevin, Timothy J. ; Park, Jung-Min ; Marchany, Randy
Author_Institution :
Adv. Res. in Inf. Assurance & Security Lab., Virginia Polytech. Inst. & State Univ., USA
Abstract :
Large-scale, high-profile distributed denial-of-service (DDoS) attacks have become common recurring events that increasingly threaten the proper functioning and continual success of the Internet. Recently, client puzzle protocols have been proposed as a mitigation technique for DoS attacks. These protocols require a client to solve a cryptographic "puzzle" before it receives any service from a remote server. By embedding the client puzzle mechanism into the lowest layer of the Internet protocol stack that is vulnerable against network DoS attacks - the network layer - we can mitigate the most virulent form of DoS attacks: flooding-based DDoS attacks. This paper describes the framework of a novel IP-layer client puzzle protocol that we call chained puzzles. We describe the framework in detail and show its effectiveness using simulation results.
Keywords :
IP networks; Internet; cryptography; protocols; telecommunication security; IP-layer client puzzles; Internet; Internet protocol stack; chained puzzles; client puzzle mechanism; client puzzle protocols; cryptographic puzzle; distributed denial-of-service; Computer crime; Computer security; Cryptographic protocols; Cryptography; Filtering; Floods; Information security; Laboratories; Large-scale systems; Network servers;
Conference_Titel :
Wireless Networks, Communications and Mobile Computing, 2005 International Conference on
Print_ISBN :
0-7803-9305-8
DOI :
10.1109/WIRLES.2005.1549426
