Reduction of quality (RoQ) attacks on Internet end-systems


Current computing systems depend on adaptation mechanisms to ensure that they remain in quiescent operating regions. These regions are often defined using efficiency, fairness, and stability properties. To that end, traditional research works in scalable server architectures and protocols have focused on promoting these properties by proposing even more sophisticated adaptation mechanisms, without the proper attention to security implications. In this paper, we exemplify such security implications by exposing the vulnerabilities of admission control mechanisms that are widely deployed in Internet end systems to reduction of quality (RoQ) attacks. RoQ attacks target the transients of a system's adaptive behavior as opposed to its limited steady-state capacity. We show that a well orchestrated RoQ attack on an end-system admission control policy could introduce significant inefficiencies that could potentially deprive an Internet end-system from much of its capacity, or significantly reduce its service quality, while evading detection by consuming an unsuspicious, small fraction of that system's hijacked capacity. We develop a control theoretic model for assessing the impact of RoQ attacks on an end-system's admission controller. We quantify the damage inflicted by an attacker through deriving appropriate metrics. We validate our findings through real Internet experiments performed in our lab.

DOI: 10.1109/INFCOM.2005.1498361


Citations per Year

99 Citations

Semantic Scholar estimates that this publication has 99 citations based on the available data.

See our FAQ for additional information.

Cite this paper

@article{Guirguis2005ReductionOQ, title={Reduction of quality (RoQ) attacks on Internet end-systems}, author={Mina Guirguis and Azer Bestavros and Ibrahim Matta and Yuting Zhang}, journal={Proceedings IEEE 24th Annual Joint Conference of the IEEE Computer and Communications Societies.}, year={2005}, volume={2}, pages={1362-1372 vol. 2} }