OverDoSe: A Generic DDoS Protection Service Using an Overlay Network
journal contributionposted on 01.01.2003 by Elaine Shi, Ion Stoica, David G. Andersen, Adrian Perrig
Any type of content formally published in an academic journal, usually following a peer-review process.
We present the design and implementation of OverDoSe, an overlay network offering generic DDoS protection for targeted sites. OverDoSe clients and servers are isolated at the IP level. Overlay nodes route packets between a client and a server, and regulate traffic according to the server’s instructions. Through the use of light-weight security primitives, OverDoSe achieves resilience against compromised overlay nodes with a minimal performance overhead. OverDoSe can be deployed by a single ISP who wishes to offer DDoS protection as a value-adding service to its customers.