Analyzing the secure overlay services architecture under intelligent DDoS attacks

Distributed denial of service (DDoS) attacks are currently major threats to communication in the Internet. A secure overlay services (SOS) architecture has been proposed to provide reliable communication between clients and a target under DDoS attacks. The SOS architecture employs a set of overlay nodes arranged in three hierarchical layers that controls access to the target. Although the architecture is novel and works well under simple congestion based attacks, we observe that it is vulnerable under more intelligent attacks. We generalize the SOS architecture by introducing more flexibility in layering to the original architecture. We define two intelligent DDoS attack models and develop an analytical approach to study the impacts of the number of layers, number of neighbors per node and the node distribution per layer on the system performance under these two attack models. Our data clearly demonstrate that performance is indeed sensitive to the design features and the different design features interact with each other to impact overall system performance.