Skip to main content
SpringerLink
Log in

A Denial-of-Service Resistant DHT

  • Conference paper
Distributed Computing (DISC 2007)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 4731))

Included in the following conference series:

Abstract

We consider the problem of designing scalable and robust information systems based on multiple servers that can survive even massive denial-of-service (DoS) attacks. More precisely, we are focusing on designing a scalable distributed hash table (DHT) that is robust against so-called past insider attacks. In a past insider attack, an adversary knows everything about the system up to some time point t 0 not known to the system. After t 0, the adversary can attack the system with a massive DoS attack in which it can block a constant fraction of the servers of its choice. Yet, the system should be able to survive such an attack in a sense that for any set of lookup requests, one per non-blocked (i.e., non-DoS attacked) server, every lookup request to a data item that was last updated after t 0 can be served by the system, and processing all the requests just needs polylogarithmic time and work at every server. We show that such a system can be designed.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Andersen, D.G.: Mayday: Distributed filtering for internet services. In: 4th Usenix Symp. on Internet Technologies and Systems (2003)

    Google Scholar 

  2. Awerbuch, B., Scheideler, C.: Towards a scalable and robust DHT. In: Proc. of the 18th ACM Symp. on Parallel Algorithms and Architectures (SPAA), ACM Press, New York (2006), http://www14.in.tum.de/personen/scheideler

    Google Scholar 

  3. Druschel, P., Rowstron, A.: Pastry: Scalable, distributed object location and routing for large-scale peer-to-peer systems. In: Middleware 2001. Proc. of the 18th IFIP/ACM International Conference on Distributed Systems Platforms, ACM Press, New York (2001)

    Google Scholar 

  4. Dittrich, D., Mirkovic, J., Dietrich, S., Reiher, P.: Internet Denial of Service: Attack and Defense Mechanisms. Prentice Hall PTR, Englewood Cliffs (2005)

    Google Scholar 

  5. Karger, D., Lehman, E., Leighton, T., Levine, M., Lewin, D., Panigrahi, R.: Consistent hashing and random trees: Distributed caching protocols for relieving hot spots on the World Wide Web. In: Proc. of the 29th ACM Symp. on Theory of Computing (STOC), pp. 654–663. ACM Press, New York (1997)

    Google Scholar 

  6. Kargl, F., Maier, J., Weber, M.: Protecting web servers from distributed denial of service attacks. World Wide Web, pp. 514–524 (2001)

    Google Scholar 

  7. Karp, R., Shenker, S., Schindelhauer, C., Vöcking, B.: Randomized rumor spreading. In: Proc. of the 41st IEEE Symp. on Foundations of Computer Science (FOCS), pp. 565–574. IEEE Computer Society Press, Los Alamitos (2000)

    Chapter  Google Scholar 

  8. Keromytis, A.D., Misra, V., Rubenstein, D.: SOS: Secure Overlay Services. In: Proc. of ACM SIGCOMM, pp. 61–72. ACM Press, New York (2002)

    Google Scholar 

  9. Lakshminarayanan, K., Adkins, D., Perrig, A., Stoica, I.: Taming ip packet flooding attacks (2003)

    Google Scholar 

  10. Lawton, G.: Stronger domain name system thwarts root-server attacks. IEEE Computer, 14–17 (May 2007)

    Google Scholar 

  11. Mehlhorn, K., Vishkin, U.: Randomized and deterministic simulations of PRAMs by parallel machines with restricted granularity of parallel mamories. Acta Informatica 21, 339–374 (1984)

    Article  MATH  MathSciNet  Google Scholar 

  12. Mirkovic, J., Reiher, P.: A taxonomy of ddos attacks and defense mechanisms. ACM SIGCOMM Computer Communications Review 34(2) (2004)

    Google Scholar 

  13. Morein, W.G., Stavrou, A., Cook, D.L., Keromytis, A.D., Misra, V., Rubenstein, D.: Using graphic turing tests to counter automated ddos attacks against web servers. In: Proc. of the 10th ACM Int. Conference on Computer and Communications Security (CCS), pp. 8–19. ACM Press, New York (2003)

    Chapter  Google Scholar 

  14. Naor, M., Wieder, U.: Novel architectures for P2P applications: the continuous-discrete approach. In: Proc. of the 15th ACM Symp. on Parallel Algorithms and Architectures (SPAA), ACM Press, New York (2003)

    Google Scholar 

  15. Oikonomou, G., Mirkovic, J., Reiher, P., Robinson, M.: A framework for collaborative ddos defense. In: Jesshope, C., Egan, C. (eds.) ACSAC 2006. LNCS, vol. 4186, Springer, Heidelberg (2006)

    Google Scholar 

  16. Padmanabhan, V.N., Sripanidkulchai, K.: The case for cooperative networking. In: Proc. of the 1st International Workshop on Peer-to-Peer Systems (IPTPS) (2002)

    Google Scholar 

  17. Plaxton, G., Rajaraman, R., Richa, A.W.: Accessing nearby copies of replicated objects in a distributed environment. In: Proc. of the 9th ACM Symp. on Parallel Algorithms and Architectures (SPAA), pp. 311–320. ACM Press, New York (1997)

    Chapter  Google Scholar 

  18. Ratnasamy, S., Francis, P., Handley, M., Karp, R., Shenker, S.: A scalable content-addressable network. In: Proc. of the ACM SIGCOMM 2001, ACM Press, New York (2001)

    Google Scholar 

  19. Stading, T., Maniatis, P., Baker, M.: Peer-to-peer caching schemes to address flash crowds. In: Proc. of the 1st International Workshop on Peer-to-Peer Systems (IPTPS) (2002)

    Google Scholar 

  20. Stavron, A., Rubenstein, D., Sahn, S.: A lightweight robust P2P system to handle flash crowds. In: Proc. of the IEEE Intl. Conf. on Network Protocols (ICNP), IEEE Computer Society Press, Los Alamitos (2002)

    Google Scholar 

  21. Stavrou, A., Cook, D.L., Morein, W.G., Keromytis, A.D., Misra, V., Rubenstein, D.: Websos: An overlay-based system for protecting web servers from denial of service attacks (2005)

    Google Scholar 

  22. Stoica, I., Morris, R., Karger, D., Kaashoek, M.F., Balakrishnan, H.: Chord: A scalable peer-to-peer lookup service for Internet applications. In: Proc. of the ACM SIGCOMM 2001, ACM Press, New York (2001), http://www.pdos.lcs.mit.edu/chord/

    Google Scholar 

  23. Yang, X., Wetherall, D., Anderson, T.: A dos-limiting network architecture. In: Proc. of the ACM SIGCOMM, ACM Press, New York (2005)

    Google Scholar 

  24. Zhao, B.Y., Kubiatowicz, J., Joseph, A.: Tapestry: An infrastructure for fault-tolerant wide-area location and routing. Technical report, UCB/CSD-01-1141, University of California at Berkeley (2001), See also http://www.cs.berkeley.edu/~ravenben/tapestry

Download references

Author information

Authors and Affiliations

  1. Dept. of Computer Science, Johns Hopkins University, Baltimore, MD 21218, USA

    Baruch Awerbuch

  2. Institut für Informatik, Technische Universität München, 85748 Garching, Germany

    Christian Scheideler

Authors
  1. Baruch Awerbuch
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Christian Scheideler
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Andrzej Pelc

Rights and permissions

Reprints and permissions

Copyright information

© 2007 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Awerbuch, B., Scheideler, C. (2007). A Denial-of-Service Resistant DHT. In: Pelc, A. (eds) Distributed Computing. DISC 2007. Lecture Notes in Computer Science, vol 4731. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-75142-7_6

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-75142-7_6

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-75141-0

  • Online ISBN: 978-3-540-75142-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation