Project Webpage: Funded by: 23 5 4 mod _ kaPoW: Mitigating Denial-of-Service with Transparent Proof-of-Work Ed Kaiser & Wu-chang.

Slides:



Advertisements
Similar presentations
PHP I.
Advertisements

Web Content Control Application Providing Secure & Reliable Internet Access December 2010.
WEB DESIGN TABLES, PAGE LAYOUT AND FORMS. Page Layout Page Layout is an important part of web design Why do you think your page layout is important?
CHAPTER 15 WEBPAGE OPTIMIZATION. LEARNING OBJECTIVES How to test your web-page performance How browser and server interactions impact performance What.
Michelle J. Gosselin, Jennifer Schommer Guanzhong Wang.
1 Configuring Internet- related services (April 22, 2015) © Abdou Illia, Spring 2015.
Languages for Dynamic Web Documents
A Security Pattern for a Virtual Private Network Ajoy Kumar and Eduardo B. Fernandez Dept. of Computer Science and Eng. Florida Atlantic University Boca.
CIS101 Introduction to Computing Week 05. Agenda Your questions Exam next week - Excel Introduction to the Internet & HTML Online HTML Resources Using.
EEC-484/584 Computer Networks Discussion Session for HTTP and DNS Wenbing Zhao
CIS101 Introduction to Computing Week 05. Agenda Your questions CIS101 Survey Introduction to the Internet & HTML Online HTML Resources Using the HTML.
INTERNET DATABASE. Internet and E-commerce Internet – a worldwide collection of interconnected computer network Internet – a worldwide collection of interconnected.
Introduction to HTML 2006 CIS101. What is the Internet? Global network of computers that are connected and communicate via a series of Protocols Protocols.
Introduction to HTML 2006 INT197B. What is the Internet? Global network of computers that are connected and communicate via a series of Protocols Protocols.
Introduction to HTML 2004 CIS101. What is the Internet? Global network of computers that are connected and communicate via a series of Protocols Protocols.
HTTP Performance Objective: In this problem, we consider the performance of HTTP, comparing non-persistent HTTP with persistent HTTP. Suppose the page.
1 Web Content Delivery Reading: Section and COS 461: Computer Networks Spring 2007 (MW 1:30-2:50 in Friend 004) Ioannis Avramopoulos Instructor:
Introduction to eValid Presentation Outline What is eValid? About eValid, Inc. eValid Features System Architecture eValid Functional Design Script Log.
 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.
COMPUTER TERMS PART 1. COOKIE A cookie is a small amount of data generated by a website and saved by your web browser. Its purpose is to remember information.
Chapter 2 Introduction to HTML5 Internet & World Wide Web How to Program, 5/e Copyright © Pearson, Inc All Rights Reserved.
CIS101 Introduction to Computing Week 06. Agenda Your questions Excel Exam during second hour Our status after the snow day Introduction to the Internet.
1 CS428 Web Engineering Lecture 18 Introduction (PHP - I)
Web Programming Language Dr. Ken Cosh Week 1 (Introduction)
CRYPTOGRAPHIC DATA INTEGRITY ALGORITHMS
INTRODUCTION TO WEB DATABASE PROGRAMMING
1 CS 3870/CS 5870 Static and Dynamic Web Pages ASP.NET and IIS.
JavaScript and The Document Object Model MMIS 656 Web Design Technologies Acknowledgements: 1.Notes from David Shrader, NSU GSCIS 2.Some material adapted.
The Case for Public Work Wu-chang Feng, Ed Kaiser Supported by:
1 Guide to Novell NetWare 6.0 Network Administration Chapter 11.
Implementing ISA Server Publishing. Introduction What Are Web Publishing Rules? ISA Server uses Web publishing rules to make Web sites on protected networks.
Dynamic Firewalls and Service Deployment Models for Grid Environments Gian Luca Volpato, Christian Grimm RRZN – Leibniz Universität Hannover Cracow Grid.
©2008 Gotham Digital Science Secure Parameter Filter (SPF) (AKA Protecting Vulnerable Applications with IIS7) Justin Clarke, Andrew Carey Nairn.
Creating Web Applications Using ASP.NET Chapter Microsoft Visual Basic.NET: Reloaded 1.
Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®
9 Chapter Nine Compiled Web Server Programs. 9 Chapter Objectives Learn about Common Gateway Interface (CGI) Create CGI programs that generate dynamic.
FreeCache A system of cooperating caches to move large files of free content closer to users. Ralf Muehlen.
CN1176 Computer Support Kemtis Kunanuraksapong MSIS with Distinction MCT, MCTS, MCDST, MCP, A+
CO1552 Web Application Development HTML Forms, Events and an introduction to JavaScript.
Application Block Diagram III. SOFTWARE PLATFORM Figure above shows a network protocol stack for a computer that connects to an Ethernet network and.
1 MSCS 237 Overview of web technologies (A specific type of distributed systems)
Overview Web Session 3 Matakuliah: Web Database Tahun: 2008.
1 Robust Defenses for Cross-Site Request Forgery Adam Barth, Collin Jackson, John C. Mitchell Stanford University 15th ACM CCS.
INTRODUCTION TO WEB APPLICATION Chapter 1. In this chapter, you will learn about:  The evolution of the Internet  The beginning of the World Wide Web,
Module 7: Advanced Application and Web Filtering.
Empirical Quantification of Opportunities for Content Adaptation in Web Servers Michael Gopshtein and Dror Feitelson School of Engineering and Computer.
Sid Stamm, Zulfikar Ramzan and Markus Jokobsson Erkang Xu.
1 WWW. 2 World Wide Web Major application protocol used on the Internet Simple interface Two concepts –Point –Click.
Web Design and Development. World Wide Web  World Wide Web (WWW or W3), collection of globally distributed text and multimedia documents and files 
Module: Software Engineering of Web Applications Chapter 2: Technologies 1.
What is Web Information retrieval from web Search Engine Web Crawler Web crawler policies Conclusion How does a web crawler work Synchronization Algorithms.
Trevor Jim Nikhil Swamy Michael Hicks Defeating Script Injection Attacks with Browser-Enforced Embedded Policies Jason FroehlichSeptember 24, 2008.
 Web pages originally static  Page is delivered exactly as stored on server  Same information displayed for all users, from all contexts  Dynamic.
COSC 2328 – Web Programming.  PHP is a server scripting language  It’s widely-used and free  It’s an alternative to Microsoft’s ASP and Ruby  PHP.
Overview on Web Caching COSC 513 Class Presentation Instructor: Prof. M. Anvari Student name: Wei Wei ID:
World Wide Web has been created to share the text document across the world. In static web pages the requesting user has no ability to interact with the.
Search Engine and Optimization 1. Introduction to Web Search Engines 2.
SMOOTHWALL FIREWALL By Nitheish Kumarr. INTRODUCTION  Smooth wall Express is a Linux based firewall produced by the Smooth wall Open Source Project Team.
Presented by Deepak Varghese Reg No: Introduction Application S/W for server load balancing Many client requests make server congestion Distribute.
1 Chapter 1 INTRODUCTION TO WEB. 2 Objectives In this chapter, you will: Become familiar with the architecture of the World Wide Web Learn about communication.
Web Programming Language
TMG Client Protection 6NPS – Session 7.
Web Application Vulnerabilities, Detection Mechanisms, and Defenses
Some Common Terms The Internet is a network of computers spanning the globe. It is also called the World Wide Web. World Wide Web It is a collection of.
Web Caching? Web Caching:.
Database Driven Websites
Chapter 27 WWW and HTTP.
Lecture 5: Functions and Parameters
Architecture of the web
Introduction to JavaScript
Presentation transcript:

Project Webpage: Funded by: mod _ kaPoW: Mitigating Denial-of-Service with Transparent Proof-of-Work Ed Kaiser & Wu-chang Feng 1 The Work Function The ProblemThe ChallengesThe Solution Transparency 7 Challenge Difficulty 6 Backwards Compatibility 8 Efficiency Find an answer A that satisfies: where; H is a one-way hash function (i.e. SHA1) with uniformly distributed output D C is a client-specific server-assigned difficulty N C is a client-specific server-generated nonce, generated by: H(D C, N C, A)  0 mod D C (1) N C = E K (IP C, URL, D C ) (2) Unwanted traffic like Denial-of-Service attacks remain a problem for networked systems. Proof-of-Work is a defense that prioritizes service requests based on the clients’ willingness to solve computational challenges. Existing Proof-of-Work schemes have not made much progress towards deployment because in order to work they require the wide-scale use of special client software. Embed the Proof-of-Work challenges and responses within the URLs of protected web content. Clients use JavaScript to solve the work functions. The server uses an Apache module to prioritize HTTP requests based on the solution in the URL; valid solution  high priority missing solution  low priority error invalid solution  low priority error zero difficulty solution  low priority Transparency so that clients do not need to download and install special software. Backwards-compatibility so clients that cannot solve challenges may still participate. Bind work functions to client, server, and time. Efficiency to minimize overhead. Tailor challenges with client-specific difficulty to prioritize clients based on their past behavior. using; E an efficient encryption algorithm (i.e. the XTEA block cipher) K the secret key held by the server IP C the client’s network identity URL the resource descriptor contained in the request D C the same client-specific server-assigned difficulty as above Client browsers use the Solve() script as needed; image URLs are solved as the DOM is loaded but hyperlinks are only solved when clicked. This is driven through scripts; user input is not needed. The error page’s script automatically solves the work function and refreshes using the correct URL; the error page is not seen by users. Webpages are modified only upon egress from the module; content servers operate as normal. Modified URLs default to difficulty zero (D C = 0) so that legacy clients without JavaScript enabled can access the content on the low priority mirror; all clients have a method to access content. The module operates independent to content production and does not require any changes to the format or content of webpages, whether they are static or dynamically generated; the module flexibly modifies outgoing webpages. The server benefits over the baseline with it’s ability to efficiently reject bad solutions. The overhead of appending challenges to URLs is only significant for large files containing hundreds of URLs. Error: Invalid PoW <BODY ONLOAD='Solve(document.links[0]); window.location.replace(document.links[0].href)' > Invalid PoW The requested URL did not have a valid Proof-of-Work attached. If you are reading this page, it is likely that you do not have JavaScript enabled. If you would still like to try to access the content, please click the following link: The Error Page Sample Content Page Sample Content Page This webpage demonstrates an image and link protected by Proof-of-Work. are solved when the page is loaded to avoid delay. In contrast, PoW-protected links are solved only when the link is clicked. A Modified Content Page Internet Clients Append challenges to URLs Redirect to Error Page mod _ kaPoW No Yes The client-specific difficulty D C is assigned by the server based upon the maximum of either the client’s contribution to the current aggregate load or the client’s slowly decaying load history. The history is stored efficiently using a counting Bloom Filter indexed by the client’s identity IP C. Each entry measures a client’s cumulative load from successful requests (i.e. those that had valid solutions). Invalid A ? Missing N C or D C ? D C = 0 ? Low Priority Mirror High Priority Mirror

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.