Exposing and eliminating vulnerabilities to denial of service attacks in secure gossip-based multicast

Author

Badishi, Gal ; Keidar, Idit ; Sasson, Amir

Author_Institution

Dept. of Electr. Eng., Technion-Israel Inst. of Technol., Haifa, Israel

fYear

2004

fDate

28 June-1 July 2004

Firstpage

223

Lastpage

232

Abstract

We propose a framework and methodology for quantifying the effect of denial of service (DoS) attacks on a distributed system. We present a systematic study of the resistance of gossip-based multicast protocols to DoS attacks. We show that even distributed and randomized gossip-based protocols, which eliminate single points of failure, do not necessarily eliminate vulnerabilities to DoS attacks. We propose Drum - a simple gossip-based multicast protocol that eliminates such vulnerabilities. Drum was implemented in Java and tested on a large cluster. We show, using closed-form mathematical analysis, simulations, and empirical tests, that Drum survives severe DoS attacks.

Keywords

mathematical analysis; multicast protocols; security of data; telecommunication security; DoS attacks; Drum; Java; denial-of-service attacks; distributed system; gossip-based multicast protocols; mathematical analysis; mathematical simulations; Analytical models; Computer crime; Degradation; Immune system; Java; Mathematical analysis; Multicast protocols; Protection; Security; Testing;

fLanguage

English

Publisher

ieee

Conference_Titel

Dependable Systems and Networks, 2004 International Conference on

Print_ISBN

0-7695-2052-9

Type

conf

DOI

10.1109/DSN.2004.1311892

Filename

1311892