Defeating DDoS attacks by fixing the incentive chain

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

Defeating DDoS attacks by fixing the incentive chain

Full text

Pdf (1.99 MB)

Source

ACM Transactions on Internet Technology (TOIT) archive
Volume 7 , Issue 1 (February 2007) table of contents

Article No. 5

Year of Publication: 2007

ISSN:1533-5399

Authors

Yun Huang	University of Texas at Austin, Austin, TX
Xianjun Geng	University of Washington, Seattle, WA
Andrew B. Whinston	University of Texas at Austin, Austin, TX

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 28, Downloads (12 Months): 295, Citation Count: 0

Additional Information:

abstract references index terms review collaborative colleagues

Tools and Actions:	Review this Article Save this Article to a Binder Display Formats: BibTex EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/1189740.1189745 What is a DOI?

ABSTRACT

Cooperative technological solutions for Distributed Denial-of-Service (DDoS) attacks are already available, yet organizations in the best position to implement them lack incentive to do so, and the victims of DDoS attacks cannot find effective methods to motivate them. In this article we discuss two components of the technological solutions to DDoS attacks: cooperative filtering and cooperative traffic smoothing by caching. We then analyze the broken incentive chain in each of these technological solutions. As a remedy, we propose usage-based pricing and Capacity Provision Networks, which enable victims to disseminate enough incentive along attack paths to stimulate cooperation against DDoS attacks.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	Sulin Ba , Jan Stallaert , Andrew B. Whinston, Research Commentary: Introducing a Third Dimension in Information Systems Design--The Case for Incentive Alignment, Information Systems Research, v.12 n.3, p.225-239, September 2001 [doi>10.1287/isre.12.3.225.9712]
	2	Gal Badishi , Idit Keidar , Amir Sasson, Exposing and Eliminating Vulnerabilities to Denial of Service Attacks in Secure Gossip-Based Multicast, Proceedings of the 2004 International Conference on Dependable Systems and Networks (DSN'04), p.223, June 28-July 01, 2004
	3	Cavusoglu, H., Mishra, B. K., And Raghunathan, S. 2002. The effect of internet security breach announcements on market value of breached firms and internet security developers. Workshop on Information Systems and Economics Program, Barcelona, Spain, December.
	4	Chang, R. K. C. 2002. Defending against flooding-based distributed denial-of-service attacks: a tutorial. IEEE Comm. Mag. 40, 42--51.
	5	Currier, K. M. 2000. Comparative Statics Analysis in Economics, World Scientific Publishing Co.
	6	M. Ettredge , V. Richardson, Assessing the Risk in E-commerce, Proceedings of the 35th Annual Hawaii International Conference on System Sciences (HICSS'02)-Volume 7, p.194, January 07-10, 2002
	7	Xianjun Geng , Andrew B. Whinston, Defeating Distributed Denial of Service Attacks, IT Professional, v.2 n.4, p.36-41, July 2000 [doi>10.1109/6294.869381 ]
	8	Xianjun Geng , Ram D. Gopal , R. Ramesh , Andrew B. Whinston, Scaling Web Services with Capacity Provision Networks, Computer, v.36 n.11, p.64-72, November 2003 [doi>10.1109/MC.2003.1244537]
	9	Geng, X., Gopal, R., Ramesh, R., and Whinston, A. B. 2005. Capacity provision networks: foundations of markets for internet caching. In Proceedings of the 10th INFORMS Conference on Information Systems and Technology (CIST), San Fransisco, CA (November).
	10	Xianjun Geng , Yun Huang , Andrew B. Whinston, Defending wireless infrastructure against the challenge of DDoS attacks, Mobile Networks and Applications, v.7 n.3, p.213-223, June 2002 [doi>10.1023/A:1014526713037 ]
	11	Alok Gupta , Dale O. Stahl , Andrew B. Whinston, The economics of network management, Communications of the ACM, v.42 n.9, p.57-63, Sept. 1999 [doi>10.1145/315762.315772]
	12	Harvey, N. J. A., Jones, M. B., Saroiu, S., Theimer, M., and Wolman, A. 2003. Skipnet: A scalable overlay network with practical locality properties. In Proceedings of the Fourth USENIX Symposium on Internet Technologies and Systems, Seattle, WA (March).
	13	Huang, Y., Geng, X., and Whinston, A. B. 2003. Network mapping services for provisioning of decentralized web services: promises and issues. In Proceedings of the 2nd Workshop on e-Business, Seattle, WA (December).
	14	Ledyard, J.O. and Szakaly-Moore, K. 1994. Designing organizations for trading pollution rights, J. Eco. Behav. Org. 25, 167--196.
	15	Kleinbard, D. 2000. More sites hacked in wake of Yahoo!. CNN Money News (Feb. 8), Published on the Web, <http://money.cnn.com/2000/02/08/technology/yahoo>.
	16	Jelena Mirkovic , Sven Dietrich , David Dittrich , Peter Reiher, Internet Denial of Service: Attack and Defense Mechanisms (Radia Perlman Computer Networking and Security), Prentice Hall PTR, Upper Saddle River, NJ, 2004
	17	Naraine, R. 2002. Massive DDoS attack hit DNS root servers. Internetnews.com (Oct. 23), Published on the Web, <http://www.internetnews.com/dev-news/article.php/1486981>.
	18	Ng, T. S. E. and Zhang, H. 2002. Predicting Internet network distance with coordinates-based approaches. In Proceedings of IEEE INFOCOM 2002, New York, NY (June).
	19	Norton, W. B. 2002. A business case for ISP Peering, Published on the Web, <http://www.equinix.com/pdf/whitepapers/Business_case.pdf>.
	20	J. H. Saltzer , D. P. Reed , D. D. Clark, End-to-end arguments in system design, ACM Transactions on Computer Systems (TOCS), v.2 n.4, p.277-288, Nov. 1984 [doi>10.1145/357401.357402]
	21	Stahl, D. O. and Whinston, A. B. 1994. A general economic equilibrium model of distributed computing. In New Directions in Computational Economics, Kluwer Academic Publishers, London, UK, 175--189.
	22	Limin Wang , Vivek Pai , Larry Peterson, The effectiveness of request redirection on CDN robustness, Proceedings of the 5th symposium on Operating systems design and implementation Due to copyright restrictions we are not able to make the PDFs for this conference available for downloading , December 09-11, 2002, Boston, Massachusetts [doi>10.1145/1060289.1060321]
	23	XiaoFeng Wang , Michael K. Reiter, Mitigating bandwidth-exhaustion attacks using congestion puzzles, Proceedings of the 11th ACM conference on Computer and communications security, October 25-29, 2004, Washington DC, USA [doi>10.1145/1030083.1030118]
	24	Xiang, Y., Zhou, W., and Chowdhury, M. 2004. A survey of active and passive defence mechanisms against DDoS attacks. Tech. Rep., TR C04/02. School of Information Technology, Deakin University, Australia (March).

INDEX TERMS

Primary Classification:
K. Computing Milieux
K.4 COMPUTERS AND SOCIETY
K.4.1 Public Policy Issues
Subjects: Abuse and crime involving computers

Keywords:
Denial-of-service, incentive, pricing, security

REVIEW

"Myles F. McNally, III : Reviewer"

Want to disable an Internet content provider (ICP) like Yahoo! or Amazon? Or perhaps you are interested in attacking the Department of Defense Web site or other government sites. Then a denial of service (DoS) attack is for you. Simply overwhelm t more...

Collaborative Colleagues:

Yun Huang: colleagues

Xianjun Geng: colleagues

Andrew B. Whinston: colleagues

Adobe Acrobat

QuickTime

Windows Media Player

Real Player

Due to copyright restrictions we are not able to make the PDFs for this conference available for downloading