ABSTRACT
Many distributed services are susceptible to attacks by malicious clients that can significantly degrade their performance. Scalable distributed services make use of a variety of techniques which are vulnerable to such attacks. We explore the survivability of services when attacks target the scalability techniques employed by the services. In particular, we explore how the effectiveness of caching can be degraded when malicious clients manipulate cache management algorithms. We present an attack resistant replacement algorithm and show that it is much more effective in dealing with attacks compared to other widely deployed replacement algorithms.
- Edward G. Coffman Jr., and Peter J. Denning, "Operating Systems Theory", Prentice-Hall, Inc., 1973. Google ScholarDigital Library
- Susanne Albers, "Competitive Online Algorithms", ISSN 1395-2048 BRICS lecture series, 1996.Google Scholar
- Paolo Lorenzetti, Luigi Rizzo, and Lorenzo Vicisano, "Replacement Policies For A Proxy Cache", IEEE/ACM Transactions on networking, 1998.Google Scholar
- Boeing proxy logs. http://www.web-caching.com/traces-logs.htmlGoogle Scholar
- Carlos R. Cunha, Azer Bestavros, and Mark E. Crovella "Characteristics of WWW Client-based Traces", Technical Report BU-CS-95-010, Boston University Computer Science Department, 1995. Google ScholarDigital Library
- Squid Web Proxy Cache, http://www.squid-cache.org.Google Scholar
- IRCACHE - the NLANR Web Caching Project, http://www.ircache.netGoogle Scholar
- Jun Xu, "Sustaining Availability Of Web Services Under Severe Denial Of Service Attacks", Technical Report GIT-CC-01-10, 2001.Google Scholar
- David Moore, Geoffrey M. Voelker, and Stefan Savage, "Inferring Internet Denial Of Service Activity", Proceedings of the 2001 USENIX security symposium, 2001. Google ScholarDigital Library
- Denial of Service (DOS) Attack Resources, http://www.denialinfo.com.Google Scholar
- Martin F. Arlitt, and Carey L. Williamson, "Trace Driven Simulation of Document Caching Strategies for Internet Web Servers", The Society for Computer Simulation SIMULATION Journal, Jan. 1997.Google ScholarCross Ref
- Peng Liu and Lunquan Li, "A Game Theoretic Approach to Attack Prediction", Technical Report, PSU-S2-2002-01, Penn State University, 2002.Google Scholar
- Evangelos P. Markatos, "Main Memory Caching Of Web Documents", Proceedings of the Fifth International WWW Conference, 1996. Google ScholarDigital Library
- Economics and Statistics Administration, U.S. Department of Commerce "Digital Economy 2000" June 2000.Google Scholar
- D.J. Bernstein, and Eric Schenk, "SYN Cookies Firewall Project", http://www.bronzesoft.org/projects/scfw.Google Scholar
- X. Axelsson, "Research in Intrusion Detection Systems: A survey", TR 98-17, Chalmers University, Sweden, 1999.Google Scholar
- Elizabeth J. O'Neil, Patrick E. O'Neil and Gerhard Weikum, "The LRU-K Page Replacement Algorithm for Database Disk Buffering", Proc. ACM SIGMOD, 1993. Google ScholarDigital Library
- N. Megiddo and D. S. Modha, "ARC: A Self-tuning, Low Overhead Replacement Cache", Proc. 2nd Usenix Conference on File and Storage Technologies (FAST 03), 2003. Google ScholarDigital Library
- A.Sundaram, "An introduction to intrusion detection", ACM Crossroads 2.4 1996. Google ScholarDigital Library
- Stefan Savage, David Wetherall, Anna Karlin, and Tom Anderson, "Practical Network Support for IP Traceback", Proceedings of ACM SIGCOMM 2000. Google ScholarDigital Library
- Frank Kargl, and Joern Maier, "Protecting Web Servers from Distributed Denial of Service Attacks", Tenth International World Wide Web Conference, May 2001. Google ScholarDigital Library
- Evangelos P. Markatos, "Main Memory Caching of Web Documents", Computer Networks and ISDN Systems, 1996. Google ScholarDigital Library
- Azer Bestavros et. al., "Application-Level Document Caching in the Internet", Proceedings of the IEEE SDNE 1995. Google ScholarDigital Library
- Attack resistant cache replacement for survivable services
Recommendations
Secure Hierarchy-Aware Cache Replacement Policy (SHARP): Defending Against Cache-Based Side Channel Atacks
ISCA '17: Proceedings of the 44th Annual International Symposium on Computer ArchitectureIn cache-based side channel attacks, a spy that shares a cache with a victim probes cache locations to extract information on the victim's access patterns. For example, in evict+reload, the spy repeatedly evicts and then reloads a probe address, ...
Attack Resilience of Cache Replacement Policies
IEEE INFOCOM 2021 - IEEE Conference on Computer CommunicationsCaches are pervasively used in computer networks to speed up access by reusing previous communications, where various replacement policies are used to manage the cached contents. The replacement policy of a cache plays a key role in its performance, and ...
A Distributed Security Approach against ARP Cache Poisoning Attack
CySSS '22: Proceedings of the 1st Workshop on Cybersecurity and Social SciencesThe Address Resolution Protocol (ARP) has a critical function in the Internet protocol suite, however, it was not designed for security as it does not verify that a response to an ARP request really comes from an authorized party. This weak point in the ...
Comments