Home

About

Advanced Search

Browse by Discipline

Scientific Societies

E-print Alerts

Add E-prints

E-print Network
FAQHELPSITE MAPCONTACT US


  Advanced Search  

 
OverDoSe: A Generic DDoS Protection Service Using an Overlay Network
 

Summary: OverDoSe: A Generic DDoS Protection
Service Using an Overlay Network
Elaine Shi Ion Stoica David Andersen
Adrian Perrig
February 2006
CMU-CS-06-114
School of Computer Science
Carnegie Mellon University
Pittsburgh, PA 15213
Abstract
We present the design and implementation of OverDoSe, an overlay network offering generic
DDoS protection for targeted sites. OverDoSe clients and servers are isolated at the IP level.
Overlay nodes route packets between a client and a server, and regulate traffic according to the
server's instructions. Through the use of light-weight security primitives, OverDoSe achieves
resilience against compromised overlay nodes with a minimal performance overhead. OverDoSe
can be deployed by a single ISP who wishes to offer DDoS protection as a value-adding service to
its customers.
Keywords: overlay network, Distributed Denial-of-Service, computational puzzle, compro-
mised overlay nodes, request channel
1 Introduction

  

Source: Andersen, Dave - School of Computer Science, Carnegie Mellon University
Carnegie Mellon University, School of Computer Science

 

Collections: Computer Technologies and Information Sciences