2 research outputs found
ShutUp: End-to-End Containment of Unwanted Traffic
While the majority of Denial-of-Service (DoS) defense proposals
assume a purely infrastructure-based architecture, some recent
proposals suggest that the attacking endhost may be enlisted
as part of the solution, through tamper-proof software,
network-imposed incentives, or user altruism. While intriguing,
these proposals ultimately raise the deployment bar by requiring
both the infrastructure and endhosts to cooperate. In this
paper, we explore the design of a pure end-to-end architecture
based on tamper-proof endhost software implemented for instance
with trusted platforms and virtual machines. We present
the design of a ?Shutup Service?, whereby the recipient of unwanted
traffic can ask the sender to slowdown or stop. We show
that this service is effective in stopping DoS attacks, and in significantly
slowing down other types of unwanted traffic such as
worms. The Shutup service is incrementally deployable with
buy-in from OS or antivirus vendors, requiring only minimal
changes to the endhost software stack and no changes to the protocol
stack. We show through experimentation that the service
is effective and has little impact on legitimate traffic