Network Security Situation Evaluation Method for Distributed Denial of Service

Author

Fang Fang ; Liang Xiaoyan ; Wang Jia ; Tian XueJu ; Zhang Bo ; Huang JiYao ; Su Yuan

Author_Institution

Auditing Bur. of Gen. Equip. Dept., Beijing, China

fYear

2012

fDate

8-10 Dec. 2012

Firstpage

16

Lastpage

21

Abstract

The measurement of network congestion and degradation of quality of service during distributed denial of service attacks remained an elusive goal. This paper analyzes the impacts that all congested links cause on attack victim and network architecture, introduces the min-cut set and presents a new method to assess the network security situation under DDoS attacks, which computes the influence value that attacks cause on network security situation according to the distance between the congested link and victim and whether the link is in the min-cut set, and this value is used for quantitative situation assessment. The applicability of this method is verified by simulated experiments with the network simulation tool.

Keywords

computer network security; telecommunication congestion control; telecommunication links; DDoS attacks; attack victim; distributed denial of service attacks; link congestion degree metric; min-cut set; network architecture; network congestion measurement; network security situation evaluation method; network simulation tool; quality of service degradation; quantitative situation assessment; Computer crime; Degradation; Measurement; Quality of service; Routing protocols; Servers; DDoS attack; link congestion degree metric; security situation;

fLanguage

English

Publisher

ieee

Conference_Titel

Instrumentation, Measurement, Computer, Communication and Control (IMCCC), 2012 Second International Conference on

Conference_Location

Harbin

Print_ISBN

978-1-4673-5034-1

Type

conf

DOI

10.1109/IMCCC.2012.12

Filename

6428844