Document Type

Technical Report

Publication Date



Denial of service attacks, Computer networks -- Security measures, Intrusion detection systems (Computer security), Internet -- Security measures


Distributed denial-of-service attacks represent a growing problem for networked systems. To tackle this problem, this paper explores the addition of a public work function to the service advertisement mechanisms used by such systems. When under attack, services advertise this function along with their location information and clients must attach a solution to the function with subsequent requests. The function, which can be made specific to the source of traffic, is publicly verifiable, allowing arbitrary network devices at the edges of the network to quickly verify that subsequent communication from the source will be accepted by the destination. We describe a number of different ways public work can augment current systems and evaluate a promising instantiation of the public work scheme using DNS.


Portland State University Computer Science Department Technical Report #07-01, 2007.

Persistent Identifier