Mitigating Iris-Based Replay Attacks

Strategies against Replay Attacks

The goal of this paper is to present a set of design principles for avoiding replay attacks in cryptographic protocols. The principles are easily applied to real protocols and they do not consume excessive computing power or communications bandwidth. In particular, we describe how to type-tag messages with unique cryptographic functions, how to inexpensively implement the full information princ...

Mitigating DDoS attacks with cluster-based filtering

A Taxonomy of Replay Attacks

This paper presents a taxonomy of replay attacks on cryptographic protocols in terms of message origin and destination. The taxonomy is independent of any method used to analyze or prevent such attacks. It is also complete in the sense that any replay attack is composed entirely of elements classi ed by the taxonomy. The classi cation of attacks is illustrated using both new and previously know...

Mitigating congestion based DoS attacks with an enhanced AQM technique

Denial of Service (DoS) attacks are currently one of the biggest risks any organization connected to the Internet can face. Hence, the congestion handling techniques at the edge router(s), such as Active Queue Management (AQM) schemes must take into account such attacks. Ideally, an AQM scheme should (a) ensure that each network flow gets its fair share of bandwidth, and (b) identify attack flo...

Protecting mobile agents from external replay attacks

This paper presents a protocol for the protection of mobile agents against external replay attacks. This kind of attacks are performed by malicious platforms when dispatching an agent multiple times to a remote host, thus making it reexecute part of its itinerary. Current proposals aiming to address this problem are based on storing agent identifiers, or trip markers, inside agent platforms, so...