Markovian Modeling and Security Measure Analysis for Networks under Flooding DoS Attacks

Author

Baumann, Hendrik ; Sandmann, Werner

Author_Institution

Dept. of Appl. Stochastics & Oper. Res., Clausthal Univ. of Technol., Clausthal-Zellerfeld, Germany

fYear

2012

fDate

15-17 Feb. 2012

Firstpage

298

Lastpage

302

Abstract

Network flooding is among the most prevalent modes of denial-of-service (DoS) attacks. It can seriously degrade the network operation to the point of being unable to serve any legitimate user as intended, because all resources are occupied with serving malicious attack requests. We model flooding DoS attacks by a three-dimensional continuous-time Markov chain (CTMC) that accounts for the environment in which the network under attack operates and incorporates a random dropping policy as a potential defense mechanism. The state space is structured such that the generator matrix is block tridiagonal and the CTMC becomes numerically tractable by matrix analytic methods. This enables us to compute security measures accurately and efficiently. Numerical results for varying parameter settings are provided in order to study flooding DoS attacks.

Keywords

Markov processes; computer network security; matrix algebra; random processes; 3D continuous-time Markov chain; Markovian modeling; block tridiagonal generator matrix; defense mechanism; denial-of-service attacks; flooding DoS attacks; malicious attack request; matrix analytic method; network flooding; network operation; network under attack; random dropping policy; security measure analysis; state space structure; Analytical models; Computational modeling; Computer crime; Loss measurement; Markov processes; Solid modeling;

fLanguage

English

Publisher

ieee

Conference_Titel

Parallel, Distributed and Network-Based Processing (PDP), 2012 20th Euromicro International Conference on

Conference_Location

Garching

ISSN

1066-6192

Print_ISBN

978-1-4673-0226-5

Type

conf

DOI

10.1109/PDP.2012.29

Filename

6169564