Queue-based analysis of DoS attacks

@article{Khan2005QueuebasedAO,
  title={Queue-based analysis of DoS attacks},
  author={S. Khan and Issa Traor{\'e}},
  journal={Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop},
  year={2005},
  pages={266-273}
}
  • S. Khan, I. Traoré
  • Published 2005
  • Computer Science
  • Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop
Computer security is very important for any organization that maintains sensitive assets electronically. This is stressed in the statistics collected by the Computer Security Institute and FBI through their annual surveys. Hence, DoS is a very important problem that needs to be dealt with seriously. DoS attacks are of two types: flooding attacks and logic attacks. When an attack has impact on a system parameter, then the parameter can be used as an attack detection metric. In this paper, we… Expand
A queueing analysis for the denial of service (DoS) attacks in computer networks
TLDR
This paper proposes one queueing model for the evaluation of the denial of service (DoS) attacks in computer networks and develops a memory-efficient algorithm for finding the stationary probability distribution which can be used to find other interesting performance metrics. Expand
A comprehensive study of queue management as a DoS counter-measure
TLDR
A mathematical model allowing us to analyse the trade-off between the attacker and the defender resources and to offer prevention mechanisms that can be used to defend against DoS attacks on connection-oriented protocols is developed. Expand
Towards a Stochastic Model for Integrated detection and filtering of DoS attacks in Cloud environments
TLDR
This paper provides a defending system in order to mitigate the Denial of Service (DoS) attack in CDC environment by combining the filtering and detection mechanisms and presented an analytical model based on queueing model to evaluate the impact of flooding attack on cloud environment regarding service availability and QoS performance. Expand
Queue Management as a DoS Counter-Measure?
TLDR
This paper reports on the relative performance of various queue strategies under a varying range of attack rates and parameter configurations, and hopes that such results will provide usable configuration guidelines for end-server or network appliance queue hardening. Expand
A queue-based analysis for Denial of Service attacks on Voice over IP proxies
TLDR
A queueing model has been suggested for evaluation of denial of service attacks on voice over IP proxies and the server under attack is modeled by a two-dimensional Markov chain, which can develop a memory effective algorithm for the calculating of stationary probability distribution. Expand
Queueing Analysis for Networks Under DoS Attack
TLDR
The steady-state probability distribution of the stochastic process describing the evolution of a queueing model of computer network under DoS attacks is obtained and some security metrics such as the loss-probability or the buffer occupancy percentage of half-open connections for attack packets are computed. Expand
Predicting the Impact of Denial of Service Attacks
Denial-of-service (DoS) attacks have become a major threat to current systems and networks in the Internet. Yet the existing infrastructure is rarely tested for potential damage caused by (D)DoSExpand
Composite Dos Attack Model
Preparation for potential threats is one of the most important phases ensuring system security. It allows evaluating possible losses, changes in the attack process, the effectiveness of usedExpand
DETECTION STRATEGIC MECHANISM AGAINST DENIAL OF SERVICE ATTACKS: DOS ATTACKS
TLDR
The scope of DDoS problem is described in possible comprehensive capacity to stimulate research into efficient creative an effective ramparts, detection mechanism and methods for such attacks. Expand
The effects of DDoS attacks on flow monitoring applications
TLDR
This paper identifies the changes in the flow data caused by a massive attack and proposes a simple queueing model that describes the behavior of the flow monitoring application and shows that the model can help to parametrize and dimension flow-based monitoring systems. Expand
...
1
2
3
...

References

SHOWING 1-10 OF 15 REFERENCES
A framework for classifying denial of service attacks
TLDR
A framework for classifying DoS attacks based on header content, and novel techniques such as transient ramp-up behavior and spectral analysis are introduced, showing that characteristics of attack ramps-up and attack spectrum are more difficult to spoof. Expand
Inferring Internet denial-of-service activity
TLDR
This article presents a new technique, called “backscatter analysis,” that provides a conservative estimate of worldwide denial-of-service activity, and believes it is the first to provide quantitative estimates of Internet-wide denial- of- service activity. Expand
Defending against denial of service attacks in Scout
TLDR
The paper describes the Escort architecture and its implementation in Scout, and reports a collection of experiments that measure the costs and benefits of using Escort to protect a web server from denial of service attacks. Expand
Denial of Service via Algorithmic Complexity Attacks
TLDR
A new class of low-bandwidth denial of service attacks that exploit algorithmic deficiencies in many common applications' data structures, and it is shown how modern universal hashing techniques can yield performance comparable to commonplace hash functions while being provably secure against these attacks. Expand
A novel approach to detection of \denial{of{service" attacks via adaptive sequential and batch{sequential change{point detection methods
TLDR
These methods employ statis- tical analysis of data from multiple layers of the network protocol for detection of very subtle tra-c changes, which are typical for these kinds of attacks. Expand
Detecting intrusions using system calls: alternative data models
TLDR
This work compares the ability of different data modeling methods to represent normal behavior accurately and to recognize intrusions and concludes that for this particular problem, weaker methods than HMMs are likely sufficient. Expand
A fast automaton-based method for detecting anomalous program behaviors
TLDR
This paper describes the FSA based technique and presents a comprehensive experimental evaluation of the technique, which can capture both short term and long term temporal relationships among system calls, and thus perform more accurate detection. Expand
Random Early Detection Gateways for Congestion Avoidance
This paper presents a scheme to implement congestion control at the gateway nodes. The superiority of such a scheme (congestion control at gateways) over end-to-end congestion control comes from theExpand
A Note on the Denial-of-Service Problem
  • V. Gligor
  • Computer Science
  • 1983 IEEE Symposium on Security and Privacy
  • 1983
TLDR
It is argued that no current protection mechanism nor model resolves this problem in any demonstrable way and the notion of interuser dependency is introduced and identified as the common cause for all problem instances. Expand
A formal specification and verification method for the prevention of denial of service
  • Che-Fu Yu, V. Gligor
  • Computer Science
  • Proceedings. 1988 IEEE Symposium on Security and Privacy
  • 1988
TLDR
The notion of user agreements is introduced and it is argued that lack of specifications for these agreements and for simultaneity conditions makes it impossible to demonstrate denial-of-service prevention, in spite of demonstrably fair service access. Expand
...
1
2
...