A Method for Protecting the Internet using TCP and IP Puzzles
OHSU # 0714
Denial-of-service attacks are increasing being used by internet hackers trying to disrupt to operations of a targeted company or to draw attention to themselves. One technique for defending against these types of attacks is to use IP puzzles. Previous puzzle mechanisms do not use control feedback in managing the difficulty of the puzzles given to the client. By making puzzles static against load, these mechanisms can either pass back puzzles that are too easy for clients or puzzles that are too hard. In the former case, this renders puzzles ineffective in controlling resource attacks. In the latter case, they force clients to do an inordinate amount of extra, unnecessary work and lead to server underutilization. We propose the use of adaptive puzzles that are controlled by a variety of linear and non-linear control feedback algorithms.
The Internet Security Software market grew 18% from 2000 to 2001 to reach USD 6 billion. The market is projected to experience an annual growth rate of 16%, to increase the size of the global market to approximately USD 11 billion by 2005. (source: IDC, March 4, 2002)
- Wu-chang Feng, CSE
For more information, contact:
Technology Development Manager