{"title":"分析智能DDoS攻击下的安全覆盖业务架构","authors":"D. Xuan, S. Chellappan, Xun Wang, Shengquan Wang","doi":"10.1109/ICDCS.2004.1281606","DOIUrl":null,"url":null,"abstract":"Distributed denial of service (DDoS) attacks are currently major threats to communication in the Internet. A secure overlay services (SOS) architecture has been proposed to provide reliable communication between clients and a target under DDoS attacks. The SOS architecture employs a set of overlay nodes arranged in three hierarchical layers that controls access to the target. Although the architecture is novel and works well under simple congestion based attacks, we observe that it is vulnerable under more intelligent attacks. We generalize the SOS architecture by introducing more flexibility in layering to the original architecture. We define two intelligent DDoS attack models and develop an analytical approach to study the impacts of the number of layers, number of neighbors per node and the node distribution per layer on the system performance under these two attack models. Our data clearly demonstrate that performance is indeed sensitive to the design features and the different design features interact with each other to impact overall system performance.","PeriodicalId":348300,"journal":{"name":"24th International Conference on Distributed Computing Systems, 2004. Proceedings.","volume":"246 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2004-03-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"18","resultStr":"{\"title\":\"Analyzing the secure overlay services architecture under intelligent DDoS attacks\",\"authors\":\"D. Xuan, S. Chellappan, Xun Wang, Shengquan Wang\",\"doi\":\"10.1109/ICDCS.2004.1281606\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Distributed denial of service (DDoS) attacks are currently major threats to communication in the Internet. A secure overlay services (SOS) architecture has been proposed to provide reliable communication between clients and a target under DDoS attacks. The SOS architecture employs a set of overlay nodes arranged in three hierarchical layers that controls access to the target. Although the architecture is novel and works well under simple congestion based attacks, we observe that it is vulnerable under more intelligent attacks. We generalize the SOS architecture by introducing more flexibility in layering to the original architecture. We define two intelligent DDoS attack models and develop an analytical approach to study the impacts of the number of layers, number of neighbors per node and the node distribution per layer on the system performance under these two attack models. Our data clearly demonstrate that performance is indeed sensitive to the design features and the different design features interact with each other to impact overall system performance.\",\"PeriodicalId\":348300,\"journal\":{\"name\":\"24th International Conference on Distributed Computing Systems, 2004. Proceedings.\",\"volume\":\"246 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2004-03-24\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"18\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"24th International Conference on Distributed Computing Systems, 2004. Proceedings.\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICDCS.2004.1281606\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"24th International Conference on Distributed Computing Systems, 2004. Proceedings.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICDCS.2004.1281606","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Analyzing the secure overlay services architecture under intelligent DDoS attacks
Distributed denial of service (DDoS) attacks are currently major threats to communication in the Internet. A secure overlay services (SOS) architecture has been proposed to provide reliable communication between clients and a target under DDoS attacks. The SOS architecture employs a set of overlay nodes arranged in three hierarchical layers that controls access to the target. Although the architecture is novel and works well under simple congestion based attacks, we observe that it is vulnerable under more intelligent attacks. We generalize the SOS architecture by introducing more flexibility in layering to the original architecture. We define two intelligent DDoS attack models and develop an analytical approach to study the impacts of the number of layers, number of neighbors per node and the node distribution per layer on the system performance under these two attack models. Our data clearly demonstrate that performance is indeed sensitive to the design features and the different design features interact with each other to impact overall system performance.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
