Operating System Defense against Network Stack Denial of Service Attacks
Agency / Branch:
DOD / MDA
"In a network stack Denial-of-Service (DoS) attack, numerous network packets flood the packet queues on a computer system, rendering the processing software on that machine (the "network stack") incapable of processing normal traffic. (This is not the sameas a network bandwidth attack, in which copious packets overwhelm the capabilities of the data lines in and out of the computer.)We propose to extend the operating system (OS)-level protection of PitBull Foundation to defend against network stack attacks by assigning certain packets a Security Label (SL) with network priority. A packet with the specified SL would be guaranteedpriority in the network stack, thereby allowing a remote administrator to access and recover a system even during a CPU DoS attack. Recovery during attack is key to survivability. An administrator would be able to access a computer, either at the computer or over a network, even during a network stack DoS attack. The administrator could then take actions to recover the system and keep it operational."
Small Business Information at Submission:
Argus Systems Group, Inc.
1809 Woodfield Drive Savoy, IL 61874
Number of Employees: