adaptive dos defense
Post on 14-Jan-2016
45 Views
Preview:
DESCRIPTION
TRANSCRIPT
Adaptive DoS DefenseOmid Fatemieh, Fariba Khan, Michael B.
Greenwald, Carl A. Gunter, Sanjeev Khanna, Jose Messeguer, and Santosh Venkantesh
Denial of Service Protection
Sponsored by ONR, NSF and MacArthur Foundation
University of Illinois at Urbana-Champaign
www.iti.uiuc.edu
Information Trust Institute
seclab.uiuc.edu
• Defense mechanism questions:• When should they be triggered?• What is the desired level of strictness?• How should the parameters be set to achieve the desired level of strictness?• What are the trade-offs?
• Two possibilities for mechanisms:• Protection is intrinsic or has no cost (e.g. IPSec, Syn Cookies)• Protection has costs (e.g. Client Puzzles, Filtering Schemes)
• Need to control trade-offs• Need adaptation strategy
Classification from Adaptation Perspective1. Network –based Filtering
2. Target-based Filtering3. Capabilities4. Proof-of-work
Selective Verification Trade-offs • Server capacity: s REQ/sec
• Clients’ rate: r ≤ s/2c ; c ≥ 1• Attackers’ rate up to s2a ; (c ≥ 3 lg a)• Client: Set j=0
• Send 2j REQ messages to server• If no ACK in T time units, j=j+1• If j ≤ a+c go to step 2, else exit
• Server: Every T seconds choose uniformly at random sT pkts from receiving buffer; Discard remaining pkts• Omniscient case: Clients and server have global knowledge about attack• Summary of analysis results: Client’s chance of success is equal to, and bandwidth consumption is O(a/c) times, the omniscient case
Adaptive Selective Verification
Research Directions
• Mitigate DoS attacks that target computationally expensive protocols• Intelligently trade bandwidth resources for CPU resources• Idea: process only a random subset of requests. Ask clients to send n duplicates for each request.• Adapting n
• Cost(n) = CCPU * processed requests +
CBW * incoming requests• Goal: At regular intervals, determine n such that Cost(n) is minimized:
• Bandwidth limitations• Elevator rise but soft landing
1. Better understand the inherent trade-offs in DoS defense solutions2. Use the adaptation-aware DoS classification and trade-off analyses to propose for each category:
2.1. Procedures that, with minimal change, can be applied to existing approaches to make them adaptive2.2. Design guidelines that would help the introduction of next generation protocols with adaptation in mind
Filter
RTT
CapabilityCapability
Rate Limit
Rate Limit
Rate Limit
Category Examples
1 Pushback (Sigcomm ’02), Max-Min Server Centric Throttles (IEEE/ACM Trans. Netw. ’05)
2 SC (Sigcomm ’00), NAC (WWW ’02), Pi (Oakland ’03), HCF (CCS ’03)
3 SIFF (Oakland ’04), TVA (Sigcomm ’05)
4 Selective Verification (NDSS ’04), RTTs (EUROCRYPT ‘03), Crypto Puzzles (Oakland ‘03)
S
Legitimate Client
Attacker
C
A
S
A getsreducedchannel
A
S makes channels lossy
L adds redundancy
Selective Verification
C
top related