DDoS Defense by Offense
Title | DDoS Defense by Offense |
Publication Type | Journal Article |
Year of Publication | 2010 |
Authors | Walfish, M., Vutukuru M., Balakrishnan H., Karger D. R., & Shenker S. J. |
Published in | ACM Transactions on Computer Systems |
Volume | 28 |
Issue | 1 |
Page(s) | 1-54 |
Other Numbers | 2814 |
Abstract | This article presents the design, implementation, analysis, and experimental evaluation of speak-up, a defense against application-level distributed denial-of-service (DDoS), in which attackers cripple a server by sending legitimate-looking requests that consume computational resources (e.g., CPU cycles, disk). With speak-up, a victimized server encourages all clients, resources permitting, to automatically send higher volumes of traffic. We suppose that attackers are already using most of their upload bandwidth so cannot react to the encouragement. Good clients, however, have spare upload bandwidth so can react to the encouragement with drastically higher volumes of traffic. The intended outcome of this traffic inflation is that the good clients crowd out the bad ones, thereby capturing a much larger fraction of the server's resources than before. We experiment under various conditions and find that speak-up causes the server to spend resources on a group of clients in rough proportion to their aggregate upload bandwidths, which is the intended result. |
Acknowledgment | This work was partially supported by funding provided through National Science Foundation grants CNS: 0225660 (Robust Large-Scale Distributed Systems) and CNS: 0520241 ("Internet Revolution through Flat Resolution"), by an NDSEG Graduate Fellowship, and by British Telecom. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the authors or originators and do not necessarily reflect the views of the funders. |
URL | http://www.icsi.berkeley.edu/pubs/networking/ddosdefense06.pdf |
Bibliographic Notes | ACM Transactions on Computer Systems, Vol. 28, Issue 1, No. 3, pp. 1-54. A version of this article appeared in the proceedings of ACM Special Interest Group on Data Communications Conference (SIGCOMM 2006), Pisa, Italy, pp. 303-314, September 2006. |
Abbreviated Authors | M. Walfish, M. Vutukuru, H. Balakrishnan, D. Karger, and S. Shenker |
ICSI Research Group | Networking and Security |
ICSI Publication Type | Article in journal or magazine |