We consider the problem of overcoming (Distributed) Denial of Service (DoS) attacks by realistic adversaries that can eavesdrop on messages, or parts thereof, but with some delay. We show a protocol that mitigates DoS attacks by eavesdropping adversaries, using only available, efficient packet filtering mechanisms based mainly on (addresses and) port numbers. Our protocol avoids the use of fixed ports, and instead performs 'pseudo-random port hopping'. We model the underlying packet-filtering services and define measures for the capabilities of the adversary and for the success rate of the protocol. Using these, we analyze the proposed protocol, and show that it provides effective DoS prevention for realistic attack and deployment scenarios. © Springer-Verlag Berlin Heidelberg 2005.
CITATION STYLE
Badishi, G., Herzberg, A., & Keidar, I. (2005). Keeping denial-of-service attackers in the dark. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 3724 LNCS, pp. 18–32). https://doi.org/10.1007/11561927_4
Mendeley helps you to discover research relevant for your work.