Abstract
Distributed Denial of Service (DDoS) attack continues to be one of the main vulnerabilities of today's Internet. Client's puzzle mechanism is a well-known solution against such threat, however with badly tuned puzzle sizes it may harm the clients in the peaceful time, as well as produce additional difficulties during an attack. Here, we introduce a novel algorithm - DISPUTE - auto-tunable distributed puzzle mechanism with variable puzzle sizes. Main feature of it is that the server does not need to adjust any puzzle sizes, instead the clients during the "fight for" server resources find some form of equilibrium situation on the server side. We describe the algorithm and show the DISPUTE's performance using a simulation tool. The results suggest that regular (laptop) users, as well as light (sensor) users can successfully access a server even during a heavy DDoS attack.