A Pay-per-Use DoS Protection Mechanism For the Web

Stavrou, Angelos; Ioannidis, John; Keromytis, Angelos D.; Misra, Vishal; Rubenstein, Daniel Stuart

Internet service providers have resisted deploying Denial-of-Service (DoS) protection mechanisms despite numerous research results in the area. This is so primarily because ISPs cannot directly charge users for the use of such mechanisms, discouraging investment in the necessary infrastructure and operational support. We describe a pay-per-use system that provides DoS protection for web servers and clients. Our approach is based on WebSOS, an overlay-based architecture that uses reverse Turing tests to discriminate between humans and automated processes that are part of an attack. We extend WebSOS with a credential-based micropayment scheme that combines access control and payment authorization in one operation. Contrary to WebSOS, we use Graphic Turing Tests (GTTs) to prevent malicious code, such as a worm, from using a users' micropayment wallet. Our architecture allows ISPs to accurately charge web clients and servers. Clients can dynamically decide whether to use WebSOS, based on the prevailing network conditions.



  • thumnail for PayperuseDoSProtection.pdf PayperuseDoSProtection.pdf application/pdf 176 KB Download File

Also Published In

Applied cryptography and network security: second international conference, ACNS 2004, Yellow Mountain, China, June 8-11, 2004: proceedings

More About This Work

Academic Units
Computer Science
Lecture Notes in Computer Science, 3089
Published Here
July 5, 2012