Title :
Markovian Modeling and Security Measure Analysis for Networks under Flooding DoS Attacks
Author :
Baumann, Hendrik ; Sandmann, Werner
Author_Institution :
Dept. of Appl. Stochastics & Oper. Res., Clausthal Univ. of Technol., Clausthal-Zellerfeld, Germany
Abstract :
Network flooding is among the most prevalent modes of denial-of-service (DoS) attacks. It can seriously degrade the network operation to the point of being unable to serve any legitimate user as intended, because all resources are occupied with serving malicious attack requests. We model flooding DoS attacks by a three-dimensional continuous-time Markov chain (CTMC) that accounts for the environment in which the network under attack operates and incorporates a random dropping policy as a potential defense mechanism. The state space is structured such that the generator matrix is block tridiagonal and the CTMC becomes numerically tractable by matrix analytic methods. This enables us to compute security measures accurately and efficiently. Numerical results for varying parameter settings are provided in order to study flooding DoS attacks.
Keywords :
Markov processes; computer network security; matrix algebra; random processes; 3D continuous-time Markov chain; Markovian modeling; block tridiagonal generator matrix; defense mechanism; denial-of-service attacks; flooding DoS attacks; malicious attack request; matrix analytic method; network flooding; network operation; network under attack; random dropping policy; security measure analysis; state space structure; Analytical models; Computational modeling; Computer crime; Loss measurement; Markov processes; Solid modeling;
Conference_Titel :
Parallel, Distributed and Network-Based Processing (PDP), 2012 20th Euromicro International Conference on
Conference_Location :
Garching
Print_ISBN :
978-1-4673-0226-5
DOI :
10.1109/PDP.2012.29
