Preventing Internet denial-of-service with capabilities

In this paper, we propose a new approach to preventing and constraining denial-of-service (DoS) attacks. Instead of being able to send anything to anyone at any time, in our architecture, nodes must first obtain "permission to send" from the destination; a receiver provides tokens, or capabilities, to those senders whose traffic it agrees to accept. The senders then include these tokens in packets. This enables verification points distributed around the network to check that traffic has been certified as legitimate by both endpoints and the path in between, and to cleanly discard unauthorized traffic. We show that our approach addresses many of the limitations of the currently popular approaches to DoS based on anomaly detection, traceback, and pushback. Further, we argue that our approach can be readily implemented in today's technology, is suitable for incremental deployment, and requires no more of a security infrastructure than that already needed to fix BGP's security weaknesses. Finally, our proposal facilitates innovation in application and networking protocols, something increasingly curtailed by existing DoS measures.

[1]  Alex C. Snoeren,et al.  Hash-based IP traceback , 2001, SIGCOMM '01.

[2]  Mischa Schwartz,et al.  ACM SIGCOMM computer communication review , 2001, CCRV.

[3]  D. Estrin,et al.  RSVP: a new resource reservation protocol , 1993, IEEE Communications Magazine.

[4]  Stefan Savage,et al.  Inferring Internet denial-of-service activity , 2001, TOCS.

[5]  Paul Ferguson,et al.  Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing , 1998, RFC.

[6]  David Moore,et al.  Code-Red: a case study on the spread and victims of an internet worm , 2002, IMW '02.

[7]  Steven M. Bellovin,et al.  Implementing Pushback: Router-Based Defense Against DDoS Attacks , 2002, NDSS.

[8]  Benjamin M. Compaine,et al.  Rethinking The Design Of The Internet: The End-To-End Arguments Vs. The Brave New World , 2001 .

[9]  John S. Heidemann,et al.  A framework for classifying denial of service attacks , 2003, SIGCOMM '03.

[10]  David E. Culler,et al.  A blueprint for introducing disruptive technology into the Internet , 2003, CCRV.

[11]  Steven M. Bellovin,et al.  ICMP Traceback Messages , 2003 .

[12]  Dawn Xiaodong Song,et al.  Advanced and authenticated marking schemes for IP traceback , 2001, Proceedings IEEE INFOCOM 2001. Conference on Computer Communications. Twentieth Annual Joint Conference of the IEEE Computer and Communications Society (Cat. No.01CH37213).

[13]  Eddie Kohler,et al.  The Click modular router , 1999, SOSP.

[14]  Robert Stone,et al.  CenterTrack: An IP Overlay Network for Tracking DoS Floods , 2000, USENIX Security Symposium.

[15]  Paul Barford,et al.  A signal analysis of network traffic anomalies , 2002, IMW '02.

[16]  Heejo Lee,et al.  On the effectiveness of route-based packet filtering for distributed DoS attack prevention in power-law internets , 2001, SIGCOMM '01.

[17]  David G. Andersen,et al.  Proceedings of Usits '03: 4th Usenix Symposium on Internet Technologies and Systems Mayday: Distributed Filtering for Internet Services , 2022 .

[18]  Ratul Mahajan,et al.  Controlling high bandwidth aggregates in the network , 2002, CCRV.

[19]  H. T. Kung,et al.  Credit-Based Flow Control for ATM Networks , 1994, SIGCOMM 1994.

[20]  David Moore,et al.  Internet quarantine: requirements for containing self-propagating code , 2003, IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428).

[21]  Angelos D. Keromytis,et al.  SOS: secure overlay services , 2002, SIGCOMM '02.

[22]  Heejo Lee,et al.  On the effectiveness of route-based packet filtering for distributed DoS attack prevention in power-law internets , 2001, SIGCOMM 2001.

[23]  Anna R. Karlin,et al.  Practical network support for IP traceback , 2000, SIGCOMM.

[24]  David D. Clark,et al.  Rethinking the design of the Internet , 2001, ACM Trans. Internet Techn..

[25]  Stefan Savage,et al.  The Spread of the Sapphire/Slammer Worm , 2003 .