Visible to the public DeDoS: Defusing DoS with Dispersion Oriented Software

TitleDeDoS: Defusing DoS with Dispersion Oriented Software
Publication TypeConference Paper
Year of Publication2018
AuthorsDemoulin, Henri Maxime, Vaidya, Tavish, Pedisich, Isaac, DiMaiolo, Bob, Qian, Jingyu, Shah, Chirag, Zhang, Yuankai, Chen, Ang, Haeberlen, Andreas, Loo, Boon Thau, Phan, Linh Thi Xuan, Sherr, Micah, Shields, Clay, Zhou, Wenchao
Conference NameProceedings of the 34th Annual Computer Security Applications Conference
Conference LocationNew York, NY, USA
ISBN Number978-1-4503-6569-7
KeywordsCollaboration, comparability, denial-of-service, Distributed Systems, Human Behavior, Metrics, pubcrawl, Resiliency, Scalability, science of security

This paper presents DeDoS, a novel platform for mitigating asymmetric DoS attacks. These attacks are particularly challenging since even attackers with limited resources can exhaust the resources of well-provisioned servers. DeDoS offers a framework to deploy code in a highly modular fashion. If part of the application stack is experiencing a DoS attack, DeDoS can massively replicate only the affected component, potentially across many machines. This allows scaling of the impacted resource separately from the rest of the application stack, so that resources can be precisely added where needed to combat the attack. Our evaluation results show that DeDoS incurs reasonable overheads in normal operations, and that it significantly outperforms standard replication techniques when defending against a range of asymmetric attacks.

Citation Keydemoulin_dedos:_2018