Date Added: Jan 2011
The authors propose a novel service architecture to provide DoS resistant communication services in the Internet. The architecture consists of a large scale federated overlay network with DoS protected tunnels established between overlay nodes. Individual overlay nodes are deployed and maintained by the domains hosting them. The overlay network as a whole is shared by all participating domains. This architecture is designed to be secure against DoS attacks and can provide different levels of DoS protection as value-added communication services on a large scale.