Title :
Denial of service protection the nozzle
Author :
Strother, Elizabeth
Author_Institution :
North Carolina State Univ., Raleigh, NC, USA
Abstract :
A denial of service attack is a dominating conversation with a network resource designed to preclude other conversations with that resource. This type of attack can cost millions of dollars when the target is a critical resource such as a Web server or domain name server. Traditional methods, such as firewalls and intrusion detection systems have failed to provide adequate protection from this type of attack. This paper presents a new protection method called a nozzle. The nozzle is based upon favorable aspects of firewalls and network pumps. It is deployed similar to a firewall such that all conversations from an untrusted user to a critical resource are monitored. The main advantage of the nozzle is the ability to provide a threshold for trusted traffic thus precluding new attacks. A nozzle consists of a series of rings. Each of which has a trusted and untrusted buffer, rules for packet placement, and rules for communication with the next level. Rings are placed in the protocol stack so they can protect particular protocols
Keywords :
authorisation; computer networks; protocols; telecommunication security; Web server; cost; denial of service protection; domain name server; firewalls; intrusion detection; network pumps; network resource; nozzle; packet placement; protocol; trusted traffic; untrusted user; Computer crime; Costs; Degradation; Ethernet networks; Intrusion detection; Network servers; Payloads; Protection; Protocols; Web server;
Conference_Titel :
Computer Security Applications, 2000. ACSAC '00. 16th Annual Conference
Conference_Location :
New Orleans, LA
Print_ISBN :
0-7695-0859-6
DOI :
10.1109/ACSAC.2000.898855
