Title :
Analyzing and improving the resistance of overlays against bandwidth exhaustion attacks
Author :
Rossberg, Michael ; Girlich, F. ; Schaefer, Gerald
Author_Institution :
Ilmenau Univ. of Technol., Ilmenau, Germany
Abstract :
Private overlays, such as Virtual Private Networks (VPN), offer methods for a cheap and yet secure communication over the Internet. However, as our society becomes more and more dependent on it, these structures turn into vital targets for Denial-of-Service (DoS) attacks. As so-called botnets offer an inexpensive way to generate almost arbitrary amounts of traffic, the only effective measure that can be taken by overlay mechanisms is adapting the topology for minimal impact. This article presents novel metrics to estimate the impact of DoS attacks with different strengths. In particular random, greedy, and optimal attacks are considered, whereas for the optimal attacker we show that it involves NP-hard calculations. Based on the attacker models, several prerequisites for resilient overlay topologies, like a low constant node degree and high girth, are derived and validated by a simulation study.
Keywords :
Internet; computational complexity; computer network security; optimisation; overlay networks; telecommunication network topology; telecommunication traffic; DoS attacks; Internet; NP-hard calculation; attacker models; bandwidth exhaustion attacks; botnets; communication secure; denial-of-service attacks; greedy attacks; optimal attacker; optimal attacks; overlay mechanisms; private overlays; random attacks; resilient overlay topology; virtual private networks; Computer crime; Network topology; Optimized production technology; Overlay networks; Peer to peer computing; Resilience; Topology;
Conference_Titel :
Ultra Modern Telecommunications and Control Systems and Workshops (ICUMT), 2012 4th International Congress on
Conference_Location :
St. Petersburg
Print_ISBN :
978-1-4673-2016-0
DOI :
10.1109/ICUMT.2012.6459768
