Browse > Article

Puzzle Model and Application for Flooding of Service Tolerance of Security Server System  

Kim Young Soo (국민대학교 정보관리학과)
Suh Jung Seok (나사렛대학교 인터넷정보학과)
Publication Information
Journal of the Korea Institute of Information and Communication Engineering / v.8, no.7, 2004 , pp. 1493-1500 More about this Journal
Abstract
Today's Commercial security server system which provide secrecy, integrity and availability may still be vulnerable to denial-of-service attacks. Authentication system whith use a public key cryptography and process RSA encryption is relatively slow and the slowness has become a major security threat specifically in service flooding attacks caused by authentication requests. The service flooding attacks render the server incapable of providing its service to legitimitive clients. Therefore the importance of implementing systems that prevent denial of service attacks and provide service to legitimitive users cannot be overemphasized. In this paper, we propose a puzzle protocol which applies to authentication model. our gradually strengthening authentication model improves the availability and continuity of services and prevent denial of service attacks and we implement flooding of service tolerance system to verify the efficiency of our model. This system is expected to be ensure in the promotion of reliability.
Keywords
보안시스템;서비스거부공격;공개키암호화;인증시스템;퍼즐프로토콜;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 Tuomas, A., N. Pekka and L. Jussipekka,'DOS-resistant Authentication with ClientPuzzles,' Proceedings of the InternationalWorkshop on Security Protocols, April 2000
2 Dean, D. and A. Stubblefield, 'Using ClientPuzzles to Protect TLS,' in lOth AnnualUSENIX Security Symposium, 2001
3 Boneh, D,, M. Franklin, 'Identity basedencryption from the Weil paring,' Advancesin Cryptology: Crypto, pp.213-229, 2001
4 김영수, 최홍식 '통합분산환경에서 타입정보를이용한 지속성객체의 보안 모델 및 응용' 한국해양정보통신학회지, 제8권 제3호, pp661-669, 2004
5 Shari, L., 'A Framework for SecurityRequirements,' Computer & Security, Vol.10,pp.511-523, 1991
6 김영수, '메시지보안시스템의 인증 프로토콜설계 및 검증,' 박사학위논문, 국민대학교대학원, 2003
7 Krawcyzk, H., 'The Order of Encryptionand Authentication for ProtectingCommunications,' In Proc. Crypto '01, 2001
8 Kargl, F., J. Maier, and M. Weber,'Protecting Web Servers from DistributedDenial of Service Attacks.' in World WideWeb, pp. 252-262, 2002
9 Pasi, E., 'Denial of Service in Public KeyProtocols,' Helsinki University of Technology 2001
10 Catherine, M., 'A formal framework andevaluation method for network denial ofservice,' In Proc. 12th IEEE ComputerSecurity Foundations Workshop, pp.4-13,1999
11 Jhon, B., J. Ari, 'Client Puzzles: ACryptographic Countermeasure AgainstConnection Depletion Attacks,' Proceedingsof the Network and Distributed SystemsSecurity Symposium, Feb., 1999