Advanced search options

Advanced Search Options 🞨

Browse by author name (“Author name starts with…”).

Find ETDs with:

in
/  
in
/  
in
/  
in

Written in Published in Earliest date Latest date

Sorted by

Results per page:

Sorted by: relevance · author · university · dateNew search

You searched for subject:(client puzzles). Showing records 1 – 2 of 2 total matches.

Search Limiters

Last 2 Years | English Only

No search limiters apply to these results.

▼ Search Limiters


Queensland University of Technology

1. Kuppusamy, Lakshmi Devi. Modelling client puzzles and denial-of-service resistant protocols.

Degree: 2012, Queensland University of Technology

Denial-of-service (DoS) attacks are a growing concern to networked services like the Internet. In recent years, major Internet e-commerce and government sites have been disabled due to various DoS attacks. A common form of DoS attack is a resource depletion attack, in which an attacker tries to overload the server's resources, such as memory or computational power, rendering the server unable to service honest clients. A promising way to deal with this problem is for a defending server to identify and segregate malicious traffic as earlier as possible. Client puzzles, also known as proofs of work, have been shown to be a promising tool to thwart DoS attacks in network protocols, particularly in authentication protocols. In this thesis, we design efficient client puzzles and propose a stronger security model to analyse client puzzles. We revisit a few key establishment protocols to analyse their DoS resilient properties and strengthen them using existing and novel techniques. Our contributions in the thesis are manifold. We propose an efficient client puzzle that enjoys its security in the standard model under new computational assumptions. Assuming the presence of powerful DoS attackers, we find a weakness in the most recent security model proposed to analyse client puzzles and this study leads us to introduce a better security model for analysing client puzzles. We demonstrate the utility of our new security definitions by including two hash based stronger client puzzles. We also show that using stronger client puzzles any protocol can be converted into a provably secure DoS resilient key exchange protocol. In other contributions, we analyse DoS resilient properties of network protocols such as Just Fast Keying (JFK) and Transport Layer Security (TLS). In the JFK protocol, we identify a new DoS attack by applying Meadows' cost based framework to analyse DoS resilient properties. We also prove that the original security claim of JFK does not hold. Then we combine an existing technique to reduce the server cost and prove that the new variant of JFK achieves perfect forward secrecy (the property not achieved by original JFK protocol) and secure under the original security assumptions of JFK. Finally, we introduce a novel cost shifting technique which reduces the computation cost of the server significantly and employ the technique in the most important network protocol, TLS, to analyse the security of the resultant protocol. We also observe that the cost shifting technique can be incorporated in any Diffine{Hellman based key exchange protocol to reduce the Diffie{Hellman exponential cost of a party by one multiplication and one addition.

Subjects/Keywords: denial-of-service; client puzzles; message authentication codes; pseudo-random function; hash function; authenticated key exchange; meadows' cost-based framework; random Oracle model; standard model; denial-of-service resistant protocol

Record DetailsSimilar RecordsGoogle PlusoneFacebookTwitterCiteULikeMendeleyreddit

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6th Edition):

Kuppusamy, L. D. (2012). Modelling client puzzles and denial-of-service resistant protocols. (Thesis). Queensland University of Technology. Retrieved from https://eprints.qut.edu.au/61032/

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

Chicago Manual of Style (16th Edition):

Kuppusamy, Lakshmi Devi. “Modelling client puzzles and denial-of-service resistant protocols.” 2012. Thesis, Queensland University of Technology. Accessed November 13, 2019. https://eprints.qut.edu.au/61032/.

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

MLA Handbook (7th Edition):

Kuppusamy, Lakshmi Devi. “Modelling client puzzles and denial-of-service resistant protocols.” 2012. Web. 13 Nov 2019.

Vancouver:

Kuppusamy LD. Modelling client puzzles and denial-of-service resistant protocols. [Internet] [Thesis]. Queensland University of Technology; 2012. [cited 2019 Nov 13]. Available from: https://eprints.qut.edu.au/61032/.

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation

Council of Science Editors:

Kuppusamy LD. Modelling client puzzles and denial-of-service resistant protocols. [Thesis]. Queensland University of Technology; 2012. Available from: https://eprints.qut.edu.au/61032/

Note: this citation may be lacking information needed for this citation format:
Not specified: Masters Thesis or Doctoral Dissertation


Virginia Tech

2. McNevin, Timothy John. Mitigating Network-Based Denial-of-Service Attacks with Client Puzzles.

Degree: MS, Electrical and Computer Engineering, 2005, Virginia Tech

Over the past few years, denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks have become more of a threat than ever. These attacks are aimed at denying or degrading service for a legitimate user by any means necessary. The need to propose and research novel methods to mitigate them has become a critical research issue in network security. Recently, client puzzle protocols have received attention as a method for combating DoS and DDoS attacks. In a client puzzle protocol, the client is forced to solve a cryptographic puzzle before it can request any operation from a remote server or host. This thesis presents the framework and design of two different client puzzle protocols: Puzzle TCP and Chained Puzzles. Puzzle TCP, or pTCP, is a modification to the Transmission Control Protocol (TCP) that supports the use of client puzzles at the transport layer and is designed to help combat various DoS attacks that target TCP. In this protocol, when a server is under attack, each client is required to solve a cryptographic puzzle before the connection can be established. This thesis presents the design and implementation of pTCP, which was embedded into the Linux kernel, and demonstrates how effective it can be at defending against specific attacks on the transport layer. Chained Puzzles is an extension to the Internet Protocol (IP) that utilizes client puzzles to mitigate the crippling effects of a large-scale DDoS flooding attack by forcing each client to solve a cryptographic problem before allowing them to send packets into the network. This thesis also presents the design of Chained Puzzles and verifies its effectiveness with simulation results during large-scale DDoS flooding attacks. Advisors/Committee Members: Park, Jung-Min Jerry (committeechair), Marchany, Randolph C. (committee member), Midkiff, Scott F. (committee member).

Subjects/Keywords: Client puzzles; Denial-of-Service countermeasures; Distributed Denial-of-Service Attacks; Denial-of-Service Attacks

Record DetailsSimilar RecordsGoogle PlusoneFacebookTwitterCiteULikeMendeleyreddit

APA · Chicago · MLA · Vancouver · CSE | Export to Zotero / EndNote / Reference Manager

APA (6th Edition):

McNevin, T. J. (2005). Mitigating Network-Based Denial-of-Service Attacks with Client Puzzles. (Masters Thesis). Virginia Tech. Retrieved from http://hdl.handle.net/10919/31941

Chicago Manual of Style (16th Edition):

McNevin, Timothy John. “Mitigating Network-Based Denial-of-Service Attacks with Client Puzzles.” 2005. Masters Thesis, Virginia Tech. Accessed November 13, 2019. http://hdl.handle.net/10919/31941.

MLA Handbook (7th Edition):

McNevin, Timothy John. “Mitigating Network-Based Denial-of-Service Attacks with Client Puzzles.” 2005. Web. 13 Nov 2019.

Vancouver:

McNevin TJ. Mitigating Network-Based Denial-of-Service Attacks with Client Puzzles. [Internet] [Masters thesis]. Virginia Tech; 2005. [cited 2019 Nov 13]. Available from: http://hdl.handle.net/10919/31941.

Council of Science Editors:

McNevin TJ. Mitigating Network-Based Denial-of-Service Attacks with Client Puzzles. [Masters Thesis]. Virginia Tech; 2005. Available from: http://hdl.handle.net/10919/31941

.