Call for Paper - January 2022 Edition
IJCA solicits original research papers for the January 2022 Edition. Last date of manuscript submission is December 20, 2021. Read More

Using Software Puzzle for Reducing DDos/Dos Cost on SSL/TLS

Print
PDF
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Year of Publication: 2016
Authors:
Pankaj Kumar, S. S. Ahluwalia, Tharun Kumar S. V.
10.5120/ijca2016911734

Pankaj Kumar, S S Ahluwalia and Tharun Kumar S V.. Using Software Puzzle for Reducing DDos/Dos Cost on SSL/TLS. International Journal of Computer Applications 151(4):23-27, October 2016. BibTeX

@article{10.5120/ijca2016911734,
	author = {Pankaj Kumar and S. S. Ahluwalia and Tharun Kumar S. V.},
	title = {Using Software Puzzle for Reducing DDos/Dos Cost on SSL/TLS},
	journal = {International Journal of Computer Applications},
	issue_date = {October 2016},
	volume = {151},
	number = {4},
	month = {Oct},
	year = {2016},
	issn = {0975-8887},
	pages = {23-27},
	numpages = {5},
	url = {http://www.ijcaonline.org/archives/volume151/number4/26222-2016911734},
	doi = {10.5120/ijca2016911734},
	publisher = {Foundation of Computer Science (FCS), NY, USA},
	address = {New York, USA}
}

Abstract

In cyber-security Denial-of-service and distributed Dos are the major threats, DOS and DDOS works by denying service users approved as genuine, traffic is jammed by the overwhelming illegal traffic frequencies. an attacker inflates its capability of attacks with fast puzzle solving software and graphics processing unit (GPU) hardware to significantly weaken the effectiveness of server. In this paper, we show to prevent DOS/DDOS attackers from inflating their challenge solving capabilities. To stop this, we introduce a client puzzle referred to as software puzzle.

In this paper the puzzle is generated randomly by selecting CPU only code, with time stamps .the generated puzzle cannot be easily solved through GPU with in real time

References

  1. J. Larimer. (Oct. 28, 2014). Pushdo SSL DDoS Attacks. [Online].Available: http://www.iss.net/threats/pushdoSSLDDoS.html
  2. C. Douligeris and A. Mitrokotsa, “DDoS attacks and defense mechanisms:Classification and state-of-the-art,” Comput. Netw., vol. 44, no. 5,pp. 643–666, 2004.
  3. A. Juels and J. Brainard, “Client puzzles: A cryptographic countermeasure against connection depletion attacks,” in Proc. Netw. Distrib. Syst. Secur. Symp., 1999, pp. 151–165.
  4. T. J. McNevin, J.-M. Park, and R. Marchany, “pTCP: A client puzzleprotocol for defending against resource exhaustion denial of serviceattacks,” Virginia Tech Univ., Dept. Elect. Comput. Eng., Blacksburg,VA, USA, Tech. Rep. TR-ECE-04-10, Oct. 2004.
  5. R. Shankesi, O. Fatemieh, and C. A. Gunter, “Resource inflation threatsto denial of service countermeasures,” Dept. Comput. Sci., UIUC,Champaign, IL, USA, Tech. Rep., Oct. 2010. [Online]. Available:http://hdl.handle.net/2142/17372
  6. J. Green, J. Juen, O. Fatemieh, R. Shankesi, D. Jin, and C. A. Gunter,“Reconstructing Hash Reversal based Proof of Work Schemes,” in Proc.4th USENIX Workshop Large-Scale Exploits Emergent Threats, 2011.
  7. Y. I. Jerschow and M. Mauve, “Non-parallelizable and non-interactiveclient puzzles from modular square roots,” in Proc. Int. Conf. Availability,Rel. Secur., Aug. 2011, pp. 135–142.
  8. R. L. Rivest, A. Shamir, and D. A. Wagner, “Time-lockpuzzles and timed-release crypto,” Dept. Comput. Sci.,Massachusetts Inst. Technol., Cambridge, MA, USA, Tech.Rep. MIT/LCS/TR-684, Feb. 1996. [Online]. Available:http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.110.570

Keywords

Software Puzzle, GPU, Denial of Service, Distributed Denial of Service (DDoS), CPHS, MD5, DES