Mitigating Distributed Denial of Service Attacks in Multiparty Applications in the Presence of Clock Drifts
- 31 January 2012
- journal article
- research article
- Published by Institute of Electrical and Electronics Engineers (IEEE) in IEEE Transactions on Dependable and Secure Computing
- Vol. 9 (3), 401-413
- https://doi.org/10.1109/TDSC.2012.18
Abstract
Network-based applications commonly open some known communication port(s), making themselves easy targets for (distributed) Denial of Service (DoS) attacks. Earlier solutions for this problem are based on port-hopping between pairs of processes which are synchronous or exchange acknowledgments. However, acknowledgments, if lost, can cause a port to be open for longer time and thus be vulnerable, while time servers can become targets to DoS attack themselves. Here, we extend port-hopping to support multiparty applications, by proposing the BIGWHEEL algorithm, for each application server to communicate with multiple clients in a port-hopping manner without the need for group synchronization. Furthermore, we present an adaptive algorithm, HOPERAA, for enabling hopping in the presence of bounded asynchrony, namely, when the communicating parties have clocks with clock drifts. The solutions are simple, based on each client interacting with the server independently of the other clients, without the need of acknowledgments or time server(s). Further, they do not rely on the application having a fixed port open in the beginning, neither do they require the clients to get a "first-contact” port from a third party. We show analytically the properties of the algorithms and also study experimentally their success rates, confirm the relation with the analytical bounds.Keywords
This publication has 22 references indexed in Scilit:
- NetFenceACM SIGCOMM Computer Communication Review, 2010
- Survey of network-based defense mechanisms countering the DoS and DDoS problemsACM Computing Surveys, 2007
- A DoS-limiting network architectureACM SIGCOMM Computer Communication Review, 2005
- Optimal Frequency Hopping Sequences: A Combinatorial ApproachIEEE Transactions on Information Theory, 2004
- A taxonomy of DDoS attack and DDoS defense mechanismsACM SIGCOMM Computer Communication Review, 2004
- SOSACM SIGCOMM Computer Communication Review, 2002
- Controlling high bandwidth aggregates in the networkACM SIGCOMM Computer Communication Review, 2002
- An algebraic approach to IP tracebackACM Transactions on Information and System Security, 2002
- Practical network support for IP tracebackACM SIGCOMM Computer Communication Review, 2000
- Families of sequences with optimal Hamming-correlation propertiesIEEE Transactions on Information Theory, 1974