Analyzing single-server network inhibition

Author

Aura, Tuomas ; Bishop, Matt ; Sniegowski, Dean

Author_Institution

Lab. for Theor. Comput. Sci., Helsinki Univ. of Technol., Espoo, Finland

fYear

2000

fDate

2000

Firstpage

108

Lastpage

117

Abstract

Network inhibition is a denial-of-service attack where the adversary attempts to disconnect network elements by disabling a limited number of communication links or nodes. We analyze a common variation of network inhibition where the links have infinite capacity and the goal of the attacker is to deny connections from a single server to as many clients as possible. The problem is defined formally and shown to be NP complete. Nevertheless, we develop a practical technique for network-inhibition analysis based on logic programming with stable-model semantics. The analysis scales well up to moderate-size networks. The results are a step towards quantitative analysis of denial of service and they can be applied to the design of robust network topologies

Keywords

client-server systems; computer network management; logic programming; security of data; denial-of-service attack; logic programming; moderate-size networks; network-inhibition analysis; quantitative analysis; robust network topologies; single-server network inhibition; stable-model semantics; Adaptive systems; Availability; Communication networks; Computer crime; Computer science; Logic; Mission critical systems; Network servers; Network topology; Routing;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer Security Foundations Workshop, 2000. CSFW-13. Proceedings. 13th IEEE

Conference_Location

Cambridge

ISSN

1063-6900

Print_ISBN

0-7695-0671-2

Type

conf

DOI

10.1109/CSFW.2000.856930

Filename

856930