Gal Badishi

Learn More
We consider the problem of overcoming (Distributed) Denial of Service (DoS) attacks by realistic adversaries that can eavesdrop on messages, or parts thereof, but with some delay. We show a protocol that mitigates DoS attacks by eavesdropping adversaries, using only available, efficient packet filtering mechanisms based mainly on (addresses and) port(More)
We propose a framework and methodology for quantifying the effect of denial of service (DoS) attacks on a distributed system. We present a systematic study of the resistance of gossip-based multicast protocols to DoS attacks. We show that even distributed and randomized gossip-based protocols, which eliminate single points of failure, do not necessarily(More)
Celeste is a robust peer-to-peer object store built on top of a distributed hash table (DHT). Celeste is a working system , developed by Sun Microsystems Laboratories. During the development of Celeste, we faced the challenge of complete object deletion, and moreover, of deleting " files " composed of several different objects. This important problem is not(More)
We present an empirical study of the resistance of several protocols to denial of service (DoS) attacks on client-server communication. We show that protocols that use authenti-cation alone, e.g., IPSec, provide protection to some extent, but are still susceptible to DoS attacks, even when the network is not congested. In contrast, a protocol that uses a(More)
We improve the resistance of gossip-based multicast to (Distributed) Denial of Service (DoS) attacks using dynamic local adaptations at each node. Each node estimates the current state of the attack on the system, and then adapts its behavior according to this local estimation. The adaptation is achieved through modeling the problem of propagating messages(More)
We present Beaver, a method and architecture to " build dams " to protect servers from Denial of Service (DoS) attacks. Beaver allows efficient filtering of DoS traffic using low-cost, high-performance, readily-available packet filtering mechanisms. Beaver improves on previous solutions by not requiring cryptographic processing of messages, allowing the use(More)
  • 1