Sciweavers

DAGSTUHL
2006

Denial of Service Protection with Beaver

14 years 1 months ago
Denial of Service Protection with Beaver
We present Beaver, a method and architecture to "build dams" to protect servers from Denial of Service (DoS) attacks. Beaver allows efficient filtering of DoS traffic using low-cost, high-performance, readily-available packet filtering mechanisms. Beaver improves on previous solutions by not requiring cryptographic processing of messages, allowing the use of efficient routing (avoiding overlays), and establishing keys and state as needed. We present two prototype implementations of Beaver, one as part of IPSec in a Linux kernel, and a second as an NDIS hook driver on a Windows machine. Preliminary measurements illustrate that Beaver withstands severe DoS attacks without hampering the client-server communication. Moreover, Beaver is simple and easy to deploy.
Gal Badishi, Idit Keidar, Amir Herzberg, Oleg Roma
Added 30 Oct 2010
Updated 30 Oct 2010
Type Conference
Year 2006
Where DAGSTUHL
Authors Gal Badishi, Idit Keidar, Amir Herzberg, Oleg Romanov, Avital Yachin
Comments (0)