Exposing and Eliminating Vulnerabilities to Denial of Service Attacks in Secure Gossip-Based Multicast.

Authors: Gal Badishi, Idit Keidar, and Amir Sasson.

In IEEE Transactions on Dependable and Secure Computing (TDSC), 3:1, March 2006.

Previous version in the International Conference on Dependable Systems and Networks (DSN), June-July 2004.

Abstract:

We propose a framework and methodology for quantifying the effect of denial of service (DoS) attacks on a distributed system. We present a systematic study of the resistance of gossip-based multicast protocols to DoS attacks. We show that even distributed and randomized gossip-based protocols, which eliminate single points of failure, do not necessarily eliminate vulnerabilities to DoS attacks. We propose Drum -- a simple gossip-based multicast protocol that eliminates such vulnerabilities. Drum was implemented in Java and tested on a large cluster. We show, using closed-form mathematical analysis, simulations, and empirical tests, that Drum survives severe DoS attacks.

Download:

Preprint of DSN paper: ps, ps.gz, pdf, pdf.gz.
Preprint of IEEE TDSC paper: ps, ps.gz, pdf, pdf.gz.
Technical Report CCIT 477, Technion Department of Electrical Engineering, June 2004: ps, ps.gz, pdf.
Talk slides (powerpoint): ppt.