Home

About

Advanced Search

Browse by Discipline

Scientific Societies

E-print Alerts

Add E-prints

E-print Network
FAQHELPSITE MAPCONTACT US


  Advanced Search  

 
Preventing Internet Denial-of-Service with Capabilities Tom Anderson
 

Summary: Preventing Internet Denial-of-Service with Capabilities
Tom Anderson
University of Washington
Timothy Roscoe
Intel Research at Berkeley
David Wetherall
University of Washington
Abstract
In this paper, we propose a new approach to preventing and
constraining denial-of-service (DoS) attacks. Instead of be-
ing able to send anything to anyone at any time, in our
architecture, nodes must first obtain "permission to send"
from the destination; a receiver provides tokens, or capa-
bilities, to those senders whose traffic it agrees to accept.
The senders then include these tokens in packets. This en-
ables verification points distributed around the network to
check that traffic has been certified as legitimate by both
endpoints and the path in between, and to cleanly discard
unauthorized traffic. We show that our approach addresses
many of the limitations of the currently popular approaches

  

Source: Anderson, Tom - Department of Computer Science and Engineering, University of Washington at Seattle

 

Collections: Computer Technologies and Information Sciences