Title: Evaluation of puzzle-enabled proxy-assisted denial-of-service protection for web services

Authors: Jothi Rangasamy; Lakshmi Kuppusamy; Gopi Krishnan; Velmurugan

Addresses: Society for Electronic Transactions and Security (SETS), Chennai, India ' Society for Electronic Transactions and Security (SETS), Chennai, India ' Society for Electronic Transactions and Security (SETS), Chennai, India ' Society for Electronic Transactions and Security (SETS), Chennai, India

Abstract: Denial-of-service (DoS) attacks are a fast growing, severe menace to the availability of desired services. In this work, we investigate the efficacy of a cryptographic DoS countermeasure, namely, client puzzles which can be used to achieve a weak authentication as it forces the client to solve a somewhat-difficult computational problem in order to get serviced. We aim to make a web service more resilient to DoS attacks by using a reverse proxy between clients and the service provider. Unlike previous works, we integrate puzzles into reverse proxy and demonstrate that the proposed approach is indeed effective and advantageous in protecting the web servers from both flooding and semantic-type attacks.

Keywords: web services; DoS attacks; denial-of-service protection; client puzzles; HTTP; reverse proxy; cryptography; network security; flooding attacks; semantic-type attacks.

DOI: 10.1504/IJICS.2017.082842

International Journal of Information and Computer Security, 2017 Vol.9 No.1/2, pp.114 - 129

Received: 08 Jan 2016
Accepted: 01 Aug 2016

Published online: 13 Mar 2017 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article