Abstract
Denial of service attack is an attempt from any authorized or unauthorized entity to allocate resources excessively to prevent normal operation of the system. A method will be presented to specify and enforce a resource allocation policy to prevent denial of service attacks. Resource allocation policy can be formally derived from a waiting time policy where maximum acceptable response times for different processes are specified.
This is a preview of subscription content, log in via an institution.
Preview
Unable to display preview. Download preview PDF.
References
International standard ISO 7498-2. information processing systems — Open systems interconnection — Basic reference model — Part 2: Security architecture, 1988.
Denial of service attack via ping. CERT Advisory CA-96.26, December 1996. Available at ftp:info.cert.org/pub/cert_advisories/CA-96.26.ping.
TCP SYN flooding and IP spoofing attacks. CERT Advisory CA-96.21, September 1996. Available at ftp:info.cert.org/pub/cert_advisories/CA-96.21.tcp_syn_flooding.
M. Adabi, M. Burrows, B. Lampson, and G. Plotkin. A calcululs for access control in distributed systems. In J. Fagenbaum, editor, Advances in Cryptology-Crypto'91, LNCS 576. Springer-Verlag, 1991.
D. Bailey. A philosophy of security management. In M. D. Abrams, S. Jajodia, and H. J. Podell, editors, Information Security — An Integrated Collection of Essays. IEEE Computer Society Press, Los Alamitos, CA, USA, 1995.
H. Chetto and M. Chetto. Some results of earliest deadline first algorithm. IEEE Transactions on Software Engineering, 15(10):1261–1269, 1989.
J. Glasgow, G. MacEwen, and P. Panangaden. A logic for reasoning about security. ACM Transactions on Computer Systems, 10(3):226–264, August 1992.
V. Gligor. A note on the denial-of-service problem. In 1983 IEEE Symposium on Research in Security and Privacy, 1983.
M. Harrison, W. Ruzzo, and J. Ullman. Protection in operating systems. Communications of the ACM, 19(8):461–471, 1976.
K. J. Keus and M. Ullman. Availability: Theory and fundamentals for practical evaluation and use. In Proceedings of the 10th Annual Computer Scurity Applications Conference, 1994.
J. Laprie. Dependability: Basic Concepts and Terminology in English French, German, Italian and Japanese. Springer-Verlag, 1992.
J. Leiwo and Y. Zheng. Layered protection of availability. In Proceedings of the 1997 Pacific Asian Conference on Information Systems, Brisbane, Australia, April 1997.
J. K. Millen. A resource allocation model for denial of service. In 1992 IEEE Symposium on Research in Security and Privacy, Oakland, California, May 1992.
R. Needham. Denial of service. In Proceedings of the 1st ACM Conference on Computer and Communications Security, 1994.
D. B. Parker. A new framework for information security to avoid information anarchy. In Proceedings of the IFIP TC11 11th international conference of Information Security, Cape Town, South Africa, May 1995.
A. Reed. Computer disaster: The impact on business in the 1990s. In Proceedings of the IFIP TC11 8th International Conference on Information Security, Singapore, May 1992.
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1997 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Leiwo, J., Zheng, Y. (1997). A method to implement a denial of service protection base. In: Varadharajan, V., Pieprzyk, J., Mu, Y. (eds) Information Security and Privacy. ACISP 1997. Lecture Notes in Computer Science, vol 1270. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0027946
Download citation
DOI: https://doi.org/10.1007/BFb0027946
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-63232-0
Online ISBN: 978-3-540-69237-9
eBook Packages: Springer Book Archive