Back to Tuomas Aura's home page

Towards network denial of service resistant protocols

Jussipekka Leiwo
Vrije Universiteit, FIW, De Boelelaan 1081A, 1081 HV Amsterdam, The Netherlands

Pekka Nikander, Tuomas Aura
Helsinki University of Technology, FIN-02015 HUT, Finland


Networked and distributed systems have introduced a new significant threat to the availability of data and services: network denial of service attacks. A well known example is the TCP SYN flooding. In general, any statefull handshake protocol is vulnerable to similar attacks. This paper examines the network denial of service in detail and surveys and compares di erent approaches towards preventing the attacks. As a conclusion, a number of protocol design principles are identi ed essential in designing network denial of service resistant protocols, and examples provided on applying the principles.

Full paper in Postscript

  author = 	 {Jussipekka Leiwo and Pekka Nikander and Tuomas Aura},
  title = 	 {Towards network denial of service resistant protocols},
  booktitle = 	 {Proc. IFIP SEC 2000},
  ???pages = 	 {},
  year = 	 2000,
  ???editor = 	 {},
  month = 	 aug,
  ???publisher = {}