a denial of service resistant dht n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
A Denial-of-Service Resistant DHT PowerPoint Presentation
Download Presentation
A Denial-of-Service Resistant DHT

Loading in 2 Seconds...

play fullscreen
1 / 10

A Denial-of-Service Resistant DHT - PowerPoint PPT Presentation


  • 73 Views
  • Uploaded on

A Denial-of-Service Resistant DHT. Christian Scheideler Technische Universität München Joint work with Baruch Awerbuch, JHU. Motivation. On Feb 6, a major DoS attack was launched against the root servers of the DNS system. d. d. Internet. d. d. d. d.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'A Denial-of-Service Resistant DHT' - vinson


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
a denial of service resistant dht

A Denial-of-Service Resistant DHT

Christian Scheideler

Technische Universität München

Joint work with Baruch Awerbuch, JHU

motivation
Motivation

On Feb 6, a major DoS attack was launched

against the root servers of the DNS system

d

d

Internet

d

d

d

d

dos resistant information system
DoS-resistant Information System

Problem: DNS-approach of full replication not feasible in large information systems

off-the-shelfservers

Internet

dos resistant information system1
DoS-resistant Information System

Scalable information system: storage over-head limited to logarithmic factor

d

Internet

d

d

fundamental dilemma
Fundamental Dilemma
  • Scalability: minimize replication of information
  • Robustness: maximize resources needed by attacker

d

Internet

d

d

fundamental dilemma1
Fundamental Dilemma
  • Limitation to „legal“ attacks / information hiding
  • Information hiding difficult under insider attacks

d

Internet

d

d

dos resistent information system

You are fired!

DoS-resistent Information System

Past-Insider-Attack: Attacker knows every-thing about system till (unknown) time t0

Goal:scalable information system so that everything that was inserted or updated aftert0 is safe (w.h.p.) against any past-insider DoS attack that can shut down any -fraction of the servers, for some >0, and create any legal set of requests

past insider dos attack
Past Insider DoS Attack

Dilemma:

  • Explicit data structure: problems with consistency and robustness
  • Fixed hash function: consistency much easier to maintain, but easy to attack
  • Random placement: difficult to attack, but also difficult to search for data

Combine hashing with random placement!!

dos resistant dht
DoS-resistant DHT

Our solution is a DHT-based system on

  • n completely interconnected, reliable servers
  • with O(log n) data redundancy (coding)

Theorem: Under any -bounded past-insider attack (for some constant >0), our lookup protocol can serve any set of requests (one per server) in polylog time s.t. every request to a data item inserted or updated aftert0 is served correctly, w.h.p.

conclusion
Conclusion

Application: DoS-resistant platform for e-commerce or critical information services (Akamai)

Regular paper: DISC 2007.

Any questions?