Skip to main content
Article thumbnail
Location of Repository

Tolerating denial-of-service attacks using overlay networks – impact of overlay network topology

By Ju Wang


Proxy-network based overlays have been proposed to pro-tect Internet Applications against Denial-of-Service attacks by hiding an application's location. We study how a proxy network's topology influences the effectiveness of location-hiding. We present two theorems which quantitatively char-acterize when proxy networks are robust against attacks (at-tackers ' impact can be quickly and completely removed), and when they are vulnerable to attacks (attackers ' im-pact cannot be completely removed). Using these theorems, we study a range of proxy network topologies, and iden-tify those topologies favorable for location-hiding and resist-ing Denial-of-Service attacks. We have found that popular overlay network topologies such as Chord [25], which has been suggested for location-hiding, is in fact not a favorable topology for such purposes; we have also shown that CAN [21], a less popular overlay network, can be a good topol-ogy for location-hiding. Our theoretical results provide a set of sound design principles on proxy networks used for location-hiding. 1

Year: 2003
OAI identifier: oai:CiteSeerX.psu:
Provided by: CiteSeerX
Download PDF:
Sorry, we are unable to provide the full text but you may find it at the following location(s):
  • (external link)
  • (external link)
  • Suggested articles

    To submit an update or takedown request for this paper, please submit an Update/Correction/Removal Request.