The majority of requests for the Domain Name System (DNS) entries, web, or even peer-to-peer (p2p) content in today's Internet are not served by origin servers, but rather by intermediate caches. As such, they pose an attractive target for malicious attackers. This project will address the problem of cache-targeted DoS attacks on a broad front: (i) by developing and studying a new generation of large-scale cache-targeted pollution attacks, (ii) by designing fundamental knowledge in creating deployable anti-pollution mechanisms, and (iii) by designing and implementing counter-DoS solutions for three imminent threats: web, p2p, and local DNS cache-targeted pollution attacks.
The proposed pollution attacks pose a challenging problem for the entire Internet community: (i) they are capable of degrading overall network performance without flooding network resources; (ii) they possess a dangerous level of indirection; (iii) they pollute the cache with unpopular, rather than bogus files; (iv) they may operate at much longer time-scales than classical DoS attacks operate and are thus invisible for state-of-the-art counter-DoS schemes. By leveraging data streaming computation techniques, our goal is to attain a scalable solution by significantly reducing the amount of state needed to maintain, and to make the detection system itself resilient to DoS attacks. The involvement of industrial partners in this project will accelerate the transfer of the research results into operation. In particular, we will collaborate closely with the UltraDNS Corporation which provides DNS services for over 20% of the world domains, including top-level domains as well as numerous private organizations.