Sciweavers

ACSAC
2000
IEEE

Less Harm, Less Worry or How to Improve Network Security by Bounding System Offensiveness

14 years 4 months ago
Less Harm, Less Worry or How to Improve Network Security by Bounding System Offensiveness
In this paper we describe a new class of tools for protecting computer systems from security attacks. Their distinguished feature is the principle they are based on. Host or network protection is not achieved by strengthening their defenses but by weakening the enemy’s offensive capabilities. A prototype tool has been implemented that demonstrates that such an approach is feasible and effective. We show that some of the most popular DoS attacks are effectively blocked, with limited impact on the sender’s performance. Measurements of the implemented prototype show that controlling the outgoing traffic does not affect performance at the sender machine, when traffic is not hostile. If traffic is hostile, the limited slow down experienced at the source is the price to pay to make the Internet a safer place for all its users. The limited performance impact and the efficacy in attack prevention make tools like the one presented in this paper a new component of security architectures...
Danilo Bruschi, Lorenzo Cavallaro, Emilia Rosti
Added 30 Jul 2010
Updated 30 Jul 2010
Type Conference
Year 2000
Where ACSAC
Authors Danilo Bruschi, Lorenzo Cavallaro, Emilia Rosti
Comments (0)