4 research outputs found
Game Theoretic Resistance to Denial of Service Attacks Using Hidden Difficulty Puzzles
Denial of Service (DoS) vulnerabilities are one of the major concerns in today’s Internet. Client-puzzles offer a good mechanism to defend servers against DoS attacks. In this paper, we introduce the notion of hidden puzzle difficulty, where the attacker cannot determine the difficulty of the puzzle without expending a minimal amount of computational resource. Game theory is used to develop defense mechanisms, which make use of such puzzles. New puzzles that satisfy the requirements of the defense mechanisms have been proposed. We also show that our defense mechanisms are more effective than the ones proposed in the earlier work by Fallah
Recommended from our members
Multiplayer game for DDoS attacks resilience in ad hoc networks
This paper proposes a multiplayer game to prevent Distributed Denial of Service attack (DDoS) in ad hoc networks. The multiplayer game is based on game theory and cryptographic puzzles. We divide requests from nodes into separate groups which decreases the ability of malicious nodes to cooperate with one another in order to effectively make a DDoS attack. Finally, through our experiments we have shown that the total overhead of the multiplayer game as well as the the total time that each node needs to be served is affordable for devices that have limited resources and for environments like ad hoc networks where nodes must exchange information really fast
Puzzle-Based Learning for Cyber Security Education
Puzzle-based learning has proven to result in a better STEM learning environment in mathematics, physics, and computer science. However, no significant work has been done in computer and cyber security, only the idea of using puzzles to teach cyber security has only been introduced very recently. We introduce two different puzzle designs, truth table based and decision tree based. In both cases participants have to make decisions according to their knowledge and scenario. We conducted some informal surveys and believe that such interactive learning will help students to understand complex cyber-attack paths and countermeasures for fraud detection, cybercrime, and advanced persistent threats (APTs). Participants will learn not only to protect a specific system but also an entire class of systems with different hardware/software components and architectures, providing similar service. The survey result shows that the puzzle-based learning method has been beneficial for the students towards their learning
Puzzles criptográficos : implementación y evaluación
En este Proyecto Fin de Carrera se implementan y evalúan diferentes aplicaciones de los protocolos de pruebas de esfuerzo, también conocidos como puzzles criptográficos, que se han propuesto hasta la fecha como solución a ataques como el spam, en redes peer-to-peer, redes vehiculares, e incluso en tecnologÃa RFID (Radio Frecuency Identification). Para ello, se va a comprobar la viabilidad de algoritmos criptográficos tales como el TEA (Tiny Encryption Algorithm) y el AES (Advanced Encryption Standard) como base de las pruebas de esfuerzo computacional. En el escenario de los RFID, por ejemplo, los puzzles criptográficos implementados pretenden aliviar algunos de los problemas relacionados con la privacidad de la información almacenada en las etiquetas RFID. Los puzzles desarrollados otorgan mayor seguridad ya que en ningún momento la etiqueta transmitirá su identificador en claro. En su lugar, la etiqueta cifrará la suma XOR del identificador (ID) y el número aleatorio (n). A continuación se la enviará al lector junto con la función resumen del identificador, una parte de la clave de cifrado (ks), y el número aleatorio (n). Formando todo ello el puzzle criptográfico Puzzle=enck(ID (+) n), h(ID), ks, n. El lector deberá resolver este puzzle invirtiendo de esta manera tiempo y recursos computacionales para poder obtener el identificador de la etiqueta y acceder asà a su información almacenada en base de datos. _______________________________________________________________________________________________________________________________In this project, different applications of proof of work protocols are implemented, also known
as cryptographic puzzles, which have been proposed to combat attacks like spam in peer-topeer
networks, vehicular networks, and even in RFID technology (Radio Frequency
Identification).
In this regard, we focus on evaluating the feasibility of cryptographic algorithms such as TEA
(Tiny Encryption Algorithm) and AES (Advanced Encryption Standard) as the basis for
testing computational proofs of work protocol in resource-constraint scenarios.
For example, assuming a RFID scenario, our cryptographic puzzles aim at alleviating some
of the problems related to the privacy of the information stored in RFID tags.
Moreover, our developed puzzle-based protocol provides security because of the tag will
never transmit its identifier in clear. Instead, tags will encrypt the identifier (ID) XOR a
nonce (n) using an encryption key (ks). Thus, it will be sent to the reader together with the
hash of the identifier, a part of the encryption key (l-bits of ks), and the nonce (n). All these
parts make the cryptographic puzzle:
Puzzle=enck(ID (+) n), h(ID), ks, n
Reader should solve this puzzle so investing time and computational resources in order to get
tags’ identifiers and thereby gaining access to the information stored in the database.IngenierÃa en Informátic