Mitigating Distributed Denial of Service Attacks in Multiparty Applications in the Presence of Clock Drifts

Zhang Fu; Marina Papatriantafilou; Philippas Tsigas

doi:10.1109/TDSC.2012.18

Publication
2012
Issue No. 3 - May/June
Abstract - Mitigating Distributed Denial of Service Attacks in Multiparty Applications in the Presence of Clock Drifts

	This Article
	Subscribers, please Login Purchase article: $19 PDF HTML RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/EndNote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Zhang Fu Articles by Marina Papatriantafilou Articles by Philippas Tsigas

Mitigating Distributed Denial of Service Attacks in Multiparty Applications in the Presence of Clock Drifts

May/June 2012 (vol. 9 no. 3)

pp. 401-413

	ASCII Text	x
	Zhang Fu, Marina Papatriantafilou, Philippas Tsigas, "Mitigating Distributed Denial of Service Attacks in Multiparty Applications in the Presence of Clock Drifts," IEEE Transactions on Dependable and Secure Computing, vol. 9, no. 3, pp. 401-413, May/June, 2012.

	BibTex	x
	@article{ 10.1109/TDSC.2012.18, author = {Zhang Fu and Marina Papatriantafilou and Philippas Tsigas}, title = {Mitigating Distributed Denial of Service Attacks in Multiparty Applications in the Presence of Clock Drifts}, journal ={IEEE Transactions on Dependable and Secure Computing}, volume = {9}, number = {3}, issn = {1545-5971}, year = {2012}, pages = {401-413}, doi = {http://doi.ieeecomputersociety.org/10.1109/TDSC.2012.18}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - JOUR JO - IEEE Transactions on Dependable and Secure Computing TI - Mitigating Distributed Denial of Service Attacks in Multiparty Applications in the Presence of Clock Drifts IS - 3 SN - 1545-5971 SP401 EP413 EPD - 401-413 A1 - Zhang Fu, A1 - Marina Papatriantafilou, A1 - Philippas Tsigas, PY - 2012 KW - Clock drift KW - data communication KW - denial of service attack KW - reliability KW - application. VL - 9 JA - IEEE Transactions on Dependable and Secure Computing ER -

Zhang Fu, Chalmers University of Technology, Gothenborg

Marina Papatriantafilou, Chalmers University of Technology, Gothenborg

Philippas Tsigas, Chalmers University of Technology, Gothenborg

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/TDSC.2012.18

Network-based applications commonly open some known communication port(s), making themselves easy targets for (distributed) Denial of Service (DoS) attacks. Earlier solutions for this problem are based on port-hopping between pairs of processes which are synchronous or exchange acknowledgments. However, acknowledgments, if lost, can cause a port to be open for longer time and thus be vulnerable, while time servers can become targets to DoS attack themselves. Here, we extend port-hopping to support multiparty applications, by proposing the BIGWHEEL algorithm, for each application server to communicate with multiple clients in a port-hopping manner without the need for group synchronization. Furthermore, we present an adaptive algorithm, HOPERAA, for enabling hopping in the presence of bounded asynchrony, namely, when the communicating parties have clocks with clock drifts. The solutions are simple, based on each client interacting with the server independently of the other clients, without the need of acknowledgments or time server(s). Further, they do not rely on the application having a fixed port open in the beginning, neither do they require the clients to get a "first-contact” port from a third party. We show analytically the properties of the algorithms and also study experimentally their success rates, confirm the relation with the analytical bounds.

[1] Z. Fu, M. Papatriantafilou, and P. Tsigas, "Mitigating Distributed Denial of Service Attacks in Multiparty Applications in the Presence of Clock Drifts," Proc. IEEE Int'l Symp. Reliable Distributed Systems (SRDS), Oct. 2008.
[2] CERT Advisory CA-1997-28 IP Denial-of-Service Attacks, http://www.cert.org/advisoriesca-1997-28.html , 2010.
[3] K. Argyraki and D.R. Cheriton, "Active Internet Traffic Filtering: Real-Time Response to Denial-of-Service Attacks," Proc. Ann. Conf. USENIX Ann. Technical Conf. (ATEC '05), p. 10, 2005.
[4] R. Mahajan, S.M. Bellovin, S. Floyd, J. Ioannidis, V. Paxson, and S. Shenker, "Controlling High Bandwidth Aggregates in the Network," ACM SIGCOMM Computer Comm. Rev., vol. 32, no. 3, pp. 62-73, 2002.
[5] D. Dean, M. Franklin, and A. Stubblefield, "An Algebraic Approach to IP Traceback," ACM Trans. Information and System Security, vol. 5, no. 2, pp. 119-137, 2002.
[6] D.X. Song and A. Perrig, "Advanced and Authenticated Marking Schemes for IP Traceback," Proc. IEEE INFOCOM, vol. 2, pp. 878-886, 2001.
[7] S. Savage, D. Wetherall, A. Karlin, and T. Anderson, "Practical Network Support for IP Traceback," ACM SIGCOMM Computer Comm. Rev., vol. 30, no. 4, pp. 295-306, 2000.
[8] X. Liu, X. Yang, and Y. Lu, "To Filter or to Authorize: Network-Layer DoS Defense against Multimillion-node Botnets," Proc. SIGCOMM, pp. 195-206, 2008.
[9] A.D. Keromytis, V. Misra, and D. Rubenstein, "SOS: Secure Overlay Services," ACM SIGCOMM Computer Comm. Rev., vol. 32, no. 4, pp. 61-72, 2002.
[10] D.G. Andersen, "Mayday: Distributed Filtering for Internet Services," Proc. Fourth Conf. USENIX Symp. Internet Technologies and Systems (USITS '03), p. 3, 2003.
[11] X. Fu and J. Crowcroft, "GONE: An Infrastructure Overlay for Resilient DoS-Limiting Networking," Proc. Int'l Workshop Network and Operating Systems Support for Digital Audio and Video (NOSSDAV), 2006.
[12] A. Stavrou and A.D. Keromytis, "Countering Dos Attacks with Stateless Multipath Overlays," Proc. 12th ACM Conf. Computer and Comm. Security (CCS), pp. 249-259, 2005.
[13] T. Anderson, T. Roscoe, and D. Wetherall, "Preventing Internet Denial of Service with Capabilities," Proc. Workshop Hot Topics in Networks (HotNets-II), Nov. 2003.
[14] A. Yaar, A. Perrig, and D. Song, "SIFF: A Stateless Internet Flow Filter to Mitigate DDoS Flooding Attacks," Proc. IEEE Symp. Security and Privacy, pp. 130-143, 2004.
[15] X. Yang, D. Wetherall, and T. Anderson, "A DoS-Limiting Network Architecture," Proc. ACM SIGCOMM, Aug. 2005.
[16] X. Liu, X. Yang, and Y. Xia, "NetFence: Preventing Internet Denial of Service from Inside Out," Proc. SIGCOMM, pp. 255-266, 2010.
[17] J. Mirkovic and P. Reiher, "A Taxonomy of DDoS Attack and DDoS Defense Mechanisms," ACM SIGCOMM Computer Comm. Rev., vol. 34, no. 2, pp. 39-53, 2004.
[18] G. Badishi, A. Herzberg, and I. Keidar, "Keeping Denial-of-Service Attackers in the Dark," IEEE Trans. Dependable and Secure Computing, vol. 4, no. 3, pp. 191-204, July-Sept. 2007.
[19] Spread Spectrum Scene, http://sss-mag.comss.html, 2011.
[20] A. Lempel and H. Greenberger, "Families of Sequences with Optimal Hamming Correlation Properties," IEEE Trans. Information Theory, vol. IT-20, no. 1, pp. 90-94, Jan. 1974.
[21] G. Ge, R. Fuji-Hara, and Y. Miao, "Further Combinatorial Constructions for Optimal Frequency-Hopping Sequences," J. Combinatorial Theory Series A, vol. 113, no. 8, pp. 1699-1718, 2006.
[22] Y.M. Ryoh Fuji-Hara and M. Mishima, "Optimal Frequency Hopping Sequences: A Combinatorial Approach," IEEE Trans. Information Theory, vol. 50, no. 10, pp. 2408-2420, Oct. 2004.
[23] T. Peng, C. Leckie, and K. Ramamohanarao, "Survey of Network-Based Defense Mechanisms Countering the DoS and DDoS Problems," ACM Computing Survey, vol. 39, no. 1, p. 3, 2007.
[24] K. Hari and T. Dohi, "Sensitivity Analysis of Random Port Hopping," Proc. Seventh Int'l Conf. Ubiquitous Intelligence Computing and Seventh Int'l Conf. Autonomic and Trusted Computing (UIC/ATC), pp. 316-321, Oct. 2010.
[25] H. Lee and V. Thing, "Port Hopping for Resilient Networks," Proc. IEEE 60th Vehicular Technology Conf. (VTC2004-Fall), vol. 5, pp. 3291-3295, 2004.
[26] M. Srivatsa, A. Iyengar, J. Yin, and L. Liu, "A Client-Transparent Approach to Defend against Denial of Service Attacks," Proc. IEEE 25th Symp. Reliable Distributed Systems (SRDS '06), pp. 61-70, 2006.
[27] F. Hwang, "Fast Solutions for Consecutive-k-out-of-n: F System," IEEE Trans. Reliability, vol. R-31, no. 5, pp. 447-448, Dec. 1982.
[28] B. Huffak, D. Plummer, D. Moore, and k. Claffy, "Topology Discovery by Active Probing," Proc. Symp. Applications and the Internet Workshops (SAINT), http://portal.acm.orgcitation. cfm?id=580055.829312 , pp. 90-96, 2002.

Index Terms:

Clock drift, data communication, denial of service attack, reliability, application.

Citation:

Zhang Fu, Marina Papatriantafilou, Philippas Tsigas, "Mitigating Distributed Denial of Service Attacks in Multiparty Applications in the Presence of Clock Drifts," IEEE Transactions on Dependable and Secure Computing, vol. 9, no. 3, pp. 401-413, May-June 2012, doi:10.1109/TDSC.2012.18

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.