Denial of Service Protection with Beaver

Authors Gal Badishi, Idit Keidar, Amir Herzberg, Oleg Romanov, Avital Yachin



PDF
Thumbnail PDF

File

DagSemProc.06371.4.pdf
  • Filesize: 416 kB
  • 6 pages

Document Identifiers

Author Details

Gal Badishi
Idit Keidar
Amir Herzberg
Oleg Romanov
Avital Yachin

Cite As Get BibTex

Gal Badishi, Idit Keidar, Amir Herzberg, Oleg Romanov, and Avital Yachin. Denial of Service Protection with Beaver. In From Security to Dependability. Dagstuhl Seminar Proceedings, Volume 6371, pp. 1-6, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2007) https://doi.org/10.4230/DagSemProc.06371.4

Abstract

We present Beaver, a method and architecture to ``build dams'' to
protect servers from Denial of Service (DoS) attacks. Beaver allows
efficient filtering of DoS traffic using low-cost, high-performance,
readily-available packet filtering mechanisms. Beaver improves on
previous solutions by not requiring cryptographic processing of
messages, allowing the use of efficient routing (avoiding
overlays), and establishing keys and state as needed. We present two
prototype implementations of Beaver, one as part of IPSec in a Linux
kernel, and a second as an NDIS hook driver on a Windows machine.
Preliminary measurements illustrate that Beaver withstands severe
DoS attacks without hampering the client-server communication.
Moreover, Beaver is simple and easy to deploy.

Subject Classification

Keywords
  • Denial of Service

Metrics

  • Access Statistics
  • Total Accesses (updated on a weekly basis)
    0
    PDF Downloads
Questions / Remarks / Feedback
X

Feedback for Dagstuhl Publishing


Thanks for your feedback!

Feedback submitted

Could not send message

Please try again later or send an E-mail