Home

A2M: Access-Assured Mobile Desktop Computing

Angelos Stavrou; Ricardo A. Barrato; Angelos D. Keromytis; Jason Nieh

Title:
A2M: Access-Assured Mobile Desktop Computing
Author(s):
Stavrou, Angelos
Barrato, Ricardo A.
Keromytis, Angelos D.
Nieh, Jason
Date:
Type:
Articles
Department:
Computer Science
Permanent URL:
Part Number:
5735
Book/Journal Title:
Information Security: 12th International Conference, ISC 2009, Pisa, Italy, September 7-9, 2009: Proceedings
Book Author:
Samarati, Pierangela
Publisher:
Springer
Publisher Location:
New York
Abstract:
Continued improvements in network bandwidth, cost, and ubiquitous access are enabling service providers to host desktop computing environments to address the complexity, cost, and mobility limitations of today's personal computing infrastructure. However, distributed denial of service attacks can deny use of such services to users. We present A2M, a secure and attack-resilient desktop computing hosting infrastructure. A2M combines a stateless and secure communication protocol, a single-hop Indirection-based network (IBN) and a remote display architecture to provide mobile users with continuous access to their desktop computing sessions. Our architecture protects both the hosting infrastructure and the client's connections against a wide range of service disruption attacks. Unlike any other DoS protection system, A2M takes advantage of its low-latency remote display mechanisms and asymmetric traffic characteristics by using multi-path routing to send a small number of replicas of each packet transmitted from client to server. This packet replication through different paths, diversifies the client-server communication, boosting system resiliency and reducing end-to-end latency. Our analysis and experimental results on PlanetLab demonstrate that A2M significantly increases the hosting infrastructure's attack resilience even for wireless scenarios. Using conservative ISP bandwidth data, we show that we can protect against attacks involving thousands (150,000) attackers, while providing good performance for multimedia and web applications and basic GUI interactions even when up to 30% and 50%, respectively, of indirection nodes become unresponsive.
Subject(s):
Computer science
Item views:
317
Metadata:
text | xml

In Partnership with the Center for Digital Research and Scholarship at Columbia University Libraries/Information Services | Terms of Use