file.pdf (565.81 kB)

OverDoSe: A Generic DDoS Protection Service Using an Overlay Network

Download (565.81 kB)
journal contribution
posted on 01.01.2003 by Elaine Shi, Ion Stoica, David G. Andersen, Adrian Perrig
We present the design and implementation of OverDoSe, an overlay network offering generic DDoS protection for targeted sites. OverDoSe clients and servers are isolated at the IP level. Overlay nodes route packets between a client and a server, and regulate traffic according to the server’s instructions. Through the use of light-weight security primitives, OverDoSe achieves resilience against compromised overlay nodes with a minimal performance overhead. OverDoSe can be deployed by a single ISP who wishes to offer DDoS protection as a value-adding service to its customers.

History

Date

01/01/2003

Exports