Resisting Denial of Service Attacks by Puzzle Outsourcing

Channel:
Microsoft Research
Subscribers:
349,000
Published on ● Video Link: https://www.youtube.com/watch?v=QVaz_HhSB68


Duration: 57:25
44 views
0

One proposed approach to deter denial of service attacks is to require clients to solve computational puzzles before connecting to a server. Unfortunately, standard puzzle schemes impose a higher cost on legitimate clients than on attackers, because legitimate clients must often solve puzzles online while users are waiting, but attackers can solve puzzles offline using hijacked machines. We propose a new type of puzzle scheme that lowers costs for servers and for legitimate clients (but not for attackers). Our scheme outsources puzzle creation to a robust external service that we call a bastion. Many servers can rely on puzzles distributed by a single bastion, and a bastion need not know which servers rely on its services. Our outsourcing technique helps to eliminate puzzle distribution as a point of compromise. Our design has three main advantages over prior approaches. First, it is more resistant to DoS attacks aimed at the puzzle mechanism itself, withstanding over 80 more attack traffic than previous methods in our experiments. Second, our scheme is cheap enough to apply at the IP packet level, though it can be used at any level of the protocol stack. Third, our scheme allows clients to solve puzzles offline, thereby reducing the need for users to wait while their computers solve puzzles. [Joint work with Brent Waters, Ari Juels, and Alex Halderman.]



Other Videos By Microsoft Research


2016-09-05Social Network Analysis meets the Semantic Web: What FOAF Reveals About LiveJournal
2016-09-05Distributed Multi-robot Exploration and Mapping
2016-09-051.Vision: Extraordinary Computing Experiences & 2. Robots for the Masses: Fiction or Reality
2016-09-05Modeling and Facilitating Human Communication [1/5]
2016-09-05Reducing Errors in Computer Recognition of Handwritten Material
2016-09-05Information wants to be free (but is everywhere in chains)
2016-09-05The art and technology of electronic textiles
2016-09-05Quantum Loop Gas Approach to Topological Phases of Correlated Electrons
2016-09-05Computational History In Action: Discovering Gutenberg's Printing Process
2016-09-05A World Filled With Cameras: Security at the Cost of Freedom? Or Can We Have Both?
2016-09-05Resisting Denial of Service Attacks by Puzzle Outsourcing
2016-09-05Transition Invariants
2016-09-05Declarative querying of sensor networks through automatic service planning
2016-09-05Folklore of Network Protocol Design (Anita Borg Lecture)
2016-09-05Toolkit for Construction and Maintenance of Extensible Proof Search Tactics
2016-09-05ME++
2016-09-05Structural Comparison of Executable Objects
2016-09-05Indifference is Death: Responsibility, Leadership, & Innovation
2016-09-05TQFTs and tight contact structures on 3-manifolds      
2016-09-05Wireless Embedded Networks/The Ecosystem and Cool Challenges
2016-09-05Data Mining & Machine Learning to empower business strategy


Tags:
microsoft research