Journal of Software:2009.20(9):2558-2573

(北京大学 信息科学技术学院 软件研究所,北京 100871;高可信软件技术教育部重点实验室(北京大学),北京 100871)
Adaptive Client Puzzle Scheme Against Denial-of-Service Attacks
CHEN Rui-Chuan,GUO Wen-Jia,TANG Li-Yong,CHEN Zhong
Chart / table
Similar Articles
Article :Browse 2830   Download 3300
Received:February 20, 2008    Revised:December 10, 2008
> 中文摘要: 研究传统的客户端难题方案,之后提出一种自适应客户端难题方案.该方案采用一种轻量级的协议交互 方式来获取客户端和服务器双方的实时状态信息,并据此自适应地调整客户端难题的难度.为了评估该方案的适用 性,结合传统和自适应两种客户端难题方案,在对等(P2P)网络中提出了一种抵御DoS 攻击的自适应安全框架.理论 分析和实验结果表明,甚至在高度恶意的网络环境中,自适应客户端难题方案都可以在不明显影响合法客户端性能 的前提下有效地抵御各种DoS 攻击.
Abstract:This paper studies the traditional client puzzle scheme and proposes an adaptive scheme which erforms a lightweight client-server interaction to flexibly adjust the puzzle difficulty according to the eal-time statuses of both client and server. To evaluate the applicability, the authors combine the two schemes and develop an adaptive DoS-resistant security framework for Peer-to-Peer networks. The theoretical analyses and experimental results show that the adaptive client puzzle scheme can ffectively defend against various DoS attacks without significantly influencing legitimate clients’ experiences even in a highly malicious environment.
文章编号:     中图分类号:    文献标志码:
基金项目:Supported by the National Natural Science Foundation of China under Grant No.60773163 (国家自然科学基金) Supported by the National Natural Science Foundation of China under Grant No.60773163 (国家自然科学基金)
Foundation items:
Reference text:


CHEN Rui-Chuan,GUO Wen-Jia,TANG Li-Yong,CHEN Zhong.Adaptive Client Puzzle Scheme Against Denial-of-Service Attacks.Journal of Software,2009,20(9):2558-2573