Attacks Against Distributed Systems

In the previous lesson, we saw that an important security goal of a peer-to-peer system is available, meaning that the system must ensure timely and reliable access of data to its legitimate users. So, the disruption of access is an attack on availability by overwhelming the resources of the system by flooding the server with data traffic.

Denial-of-Service

A Denial-of-Service (DOS) attack aims at preventing authorized users from accessing targeted network resources. Usually, an attacker floods the server or the network with data traffic in order to overwhelm the resources of the attacked system, and hence make a network resource unavailable to its legitimate users.

In literature, many countermeasures against DoS attacks have been proposed by Tuomas Aura et al. (2001)Tuomas Aura, Pekka Nikander, and Jussipekka Leiwo. DoS-resistant authentication with client puzzles. In Revised Papers from the 8th International Workshop on Security Protocols, pages 170 - 7, London, UK, 2001. Springer-Verlag., Adam Back (2002)Adam Back. Hashcash-a denial of service counter-measure. Technical report, 2002., Cynthia Dwork et al. (1993)Cynthia Dwork and Moni Naor. Pricing via processing or combatting junk mail. In Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology, CRYPTO '92, pages 139-47, London, UK, 1993. Springer-Verlag., and Ari Juels et al. (1999)Ari Juels and John G. Brainard. Client puzzles: A cryptographic countermeasure against connection depletion attacks. In Proceedings of the Network and Distributed System Security Symposium, San Diego, California, USA, 1999. The Internet Society. all based on so-called Proof-of-Work (see this lesson).