Meadows, C. (1999), A Formal Framework and Evaluation Method for Network Denial of Service, in `Proceedings of the 12th IEEE Computer Security Foundations Workshop', pp. 4 -- 13.  Home/Search   Document Details and Download   Summary   Related Articles   Check

....DoS attacks is to delay committing one s resources to the protocol until the other party has provided some assurance of its honesty. One way to avoid the unnecessary public key operations is to require a weaker authentication, such as a routing based method, before the expensive computation [Mea99]. This either limits the number of attackers who can get to the public key stage or increases the cost of the attack by forcing the attacker to break the weaker mechanism first. For example, a MIPv6 binding update authentication protocol could start with a return routability test (Section 4.2) and ....

Catherine Meadows. A formal framework and evaluation method for network denial of service. In Proc. 12th 1EEE Computer Security Foundations Workshop, pages 4-13, Mordano, Italy, June 1999.1EEE Computer Society.

....in presenting possible attacks or examining real ones, have identi ed a number of di erent methods of denying service across the network. Some authors view denial of service attacks solely as an attacker s consumption of resources that prevents legitimate users from using those resources [1] [2]. Others present attacks that deny service by causing network devices required for packet delivery to function incorrectly [3] Still others present attacks that can result in denial of service when information required for proper operation is corrupted or not available [4] 5] While each of ....

....this attack was published by Schuba, et al. 1] This attack worked by consuming a speci c limited resource in the end host: the amount of memory available to store connection requests. Meadows was the rst to attempt to formalize network denial of service attacks based on resource consumption [2]. This work examined the ability of an attacking system to send messages that would result in resource consumption by the recipient, and proposed a framework for protocol designers to follow to determine the tolerance of their protocol to denial of service attacks. Meadow s model focuses primarily ....

[Article contains additional citation context not shown here]

C. Meadows, \A Formal Framework and Evaluation Method for Network Denial of Service," in PCSFW: Proceedings of The 12th Computer Security Foundations Workshop, IEEE Computer Society Press, 1999.

.... on protocol design include use of client puzzles[23, 3] stateless cookies[39] forcing clients to store server state, rearranging the order of computations in a protocol[18] and the use of a formal method framework for analyzing the properties of protocols with respect to DoS attacks[35]. The advantages of being stateless, at least in the beginning of a protocol run, were recognized in the security protocol context in [22] and [2] The latter presented a 3 message version of IKE, similar to JFK, that did not provide the same level of DoS protection as JFK does, and had no ....

C. Meadows. A formal framework and evaluation method for network denial of service. In Proc. of the 12th IEEE Computer Security Foundations Workshop, pages 4--13, June 1999.

....is thus transformed into another, more benign, class. Our self verifying messages can be seen as an instance of this approach, transforming certain Byzantine failures to more benign failures. 16 and the resources the service must expend to satisfy that request, as has been noted, for example, in [46, 60, 61]. If making a request is cheap but processing one is not, then attackers have a cost e#ective way to disrupt a service submit bogus requests to saturate server resources. A service, like COCA, where request processing involves expensive cryptographic operations and multiple rounds of ....

C. Meadows. A formal framework and evaluation method for network denial of service. In Proceedings of the 12th IEEE Computer Security Foundations Workshop, pages 4--13, Mordano, Italy, June 28--30, 1999. IEEE Computer Society Press.

....defense mechanisms to lower the impact of denial of service attacks. Vulnerability to denial of service 14 attacks often arises when the cost to process a request (or message) outweighs the cost for an adversary to make the request (or send the message) as previously noted, for example, in [58, 72, 73]. A defense against denial of service attacks can thus be based on eliminating the imbalance. This philosophy led us to instantiate in COCA the following classic defense mechanisms for combating denial of service attacks: 1. Processing only those requests that satisfy authorization checks. 2. ....

.... Defense Against Denial Of Service Attacks A large class of successful denial of service attacks work by exploiting an imbalance between the resources an attacker must expend to submit a request and the resources the service must expend to satisfy that request, as has been noted, for example, in [58, 72, 73]. If making a request is cheap but processing one is not, then attackers have a cost e#ective way to disrupt a service submit bogus requests to saturate server resources. A service, like COCA, where request processing involves expensive cryptographic operations and multiple rounds of ....

C. Meadows. A formal framework and evaluation method for network denial of service. In Proceedings of the 12th IEEE Computer Security Foundations Workshop, pages 4--13, Mordano, Italy, June 28--30, 1999. IEEE Computer Society Press.

....pointed out that denial of service is in fact an attack on resource availability. Millen believed that DoS is a problem of improper resource allocation [18] while Meadows has characterized the susceptibility of network services to DoS attacks on resources used before remote host authentication [17]. Some attacks rely on protocol weaknesses to consume resources with minimal attacker e ort, as in TCP SYN ooding [22] other attacks depend simply on the ability of an attacker to produce sucient trac to overwhelm a victim by brute force [7] In [22] the authors investigated several approaches ....

C. Meadows. A formal framework and evaluation method for network denial of service. In Proc. of the IEEE Computer Security Foundations Workshop, 1999.

....on resource availability. Millen [12, 13] pointed out that denial of service is fundamentally a problem of improper resource allocation. The recognition that denial of service is fundamentally a problem of improperly reducing availability of resources has inspired more recent work by Meadows [11], who has worked on characterizing susceptibility of network services to DoS attacks on resources used before a remote host can be authenticated. Such network based attacks are increasingly problematic. Some such attacks rely on protocol weaknesses to consume resources with minimal attacker e#ort, ....

C. Meadows. A formal framework and evaluation method for network denial of service. In Proceedings of the IEEE Computer Security Foundations Workshop, June 1999.

No context found.

Meadows, C. (1999), A Formal Framework and Evaluation Method for Network Denial of Service, in `Proceedings of the 12th IEEE Computer Security Foundations Workshop', pp. 4 -- 13.

....example, for most it is possible to specify intermediate as well as ultimate goals. Also, although most use a single model of the intruder, most of the weaker intruder models that would be used would be restrictions of this more general intruder model. Our own work has concentrated on a framework [48] that could be used to apply existing tools, appropriately modified, to the denial of service problem. We make use of the concept developed by Gong and Syverson [30] of a fail stop cryptographic protocol. Briefly, a protocol is fail stop if, whenever an attacker interferes with a message, this is ....

C. Meadows. A formal framework and evaluation method for network denial of service. In Proceedings of the 12th IEEE Computer Security Foundations Workshop. IEEE Computer Society Press, June 1999.

No context found.

C. Meadows. A formal framework and evaluation method for network denial of service. In Proceedings of the IEEE Computer Security Foundations Workshop, June 1999.

No context found.

Meadows, C.: A formal framework and evaluation method for network denial of service. In: Proc. 1999 IEEE Computer Security Foundations Workshop. pp. 4--13. 1998.

No context found.

C. Meadows. A formal framework and evaluation method for network denial of service. In Proceedings of the 12th IEEE Computer Security Foundations Workshop, pages 413, Mordano, Italy, June 2830, 1999. IEEE Computer Society Press.

No context found.

Meadows, "A Formal Framework and Evaluation Method for Network Denial of Service", PCSFW: Proceedings of The 12th Computer Security Foundations Workshop, 1999

No context found.

C. Meadows. A formal framework and evaluation method for network denial of service. In Proceedings of the 12th IEEE Computer Security Foundations Workshop, June 1999.

No context found.

C. Meadows. A formal framework and evaluation method for network denial of service. In Proceedings of the IEEE Computer Security Foundations Workshop, June 1999.

No context found.

C. Meadows. A formal framework and evaluation method for network denial of service. In Proceedings of the IEEE Computer Security Foundations Workshop, June 1999.

No context found.

C. Meadows. A formal framework and evaluation method for network denial of service. In Proceedings of the 12th IEEE Computer Security Foundations Workshop, June 1999.

No context found.

C. Meadows. "A formal framework and evaluation method for network denial of service." In Proceedings of the 12th IEEE Computer Security Foundations Workshop, June 1999.

No context found.

C. Meadows. A formal framework and evaluation method for network denial of service. In Proceedings of the 1999.

No context found.

C. Meadows. A formal framework and evaluation method for network denial of servic. In Proceedings of the 12th IEEE Computer Security Foundations Workshop, June 1999.

No context found.

C. Meadows. A formal framework and evaluation method for network denial of service. In Proceedings of the 12th IEEE Computer Security Foundations Workshop, June 1999.

No context found.

Meadows, C.: A formal framework and evaluation method for network denial of service. In: Proc. 1999 IEEE Computer Security Foundations Workshop. pp. 4--13. 1998.

No context found.

C. Meadows. A formal framework and evaluation method for network denial of service. In Proceedings of the 12th IEEE Computer Security Foundations Workshop, June 1999.

No context found.

C. Meadows, "A formal framework and evaluation method for network denial of service," In Proceedings of the 12th IEEE Computer Security Foundations Workshop, June 1999.

No context found.

Catherine Meadows. A formal framework and evaluation method for net- work denial of service. In Proceedings of the 12th IEEE Computer Security Foundations Workshop (CSFW12), pages 4 13. IEEE CS Press, June 1999.

First 50 documents

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC