Mobility

Defending Web Services Against Denial of Service Attacks Using Client Puzzles

Download Now Free registration required

Executive Summary

The interoperable and loosely-coupled web services architecture, while beneficial, can be resource-intensive, and is thus susceptible to Denial of Service (DoS) attacks in which an attacker can use a relatively insignificant amount of resources to exhaust the computational resources of a web service. The authors investigate the effectiveness of defending web services from DoS attacks using client puzzles, a cryptographic countermeasure which provides a form of gradual authentication by requiring the client to solve some computationally difficult problems before access is granted. In particular, they describe a mechanism for integrating a hash-based puzzle into existing web services frameworks and analyze the effectiveness of the countermeasure using a variety of scenarios on a network testbed.

  • Format: PDF
  • Size: 269.9 KB