TY - GEN
T1 - Cost-Aware Optimal Filter Assignment Policy Against Distributed Denial-of-Service Attack
AU - Biswas, Rajorshi
AU - Wu, Jie
AU - Srinivasan, Avinash
N1 - Funding Information:
ACKNOWLEDGMENTS This research was supported in part by NSF grants CNS 1824440, CNS 1828363, CNS 1757533, CNS 1618398, CNS 1651947, and CNS 1564128.
Publisher Copyright:
© 2019 IEEE.
PY - 2019/11
Y1 - 2019/11
N2 - In a denial-of-service (DoS) attack, the attacker sends out a huge number of requests to exhaust the capacity of a server. The victim cannot serve incoming requests and then DoS occurs. When the attacker stops sending requests, the victim gets back to working state. The most devastating distributed DoS attack is performed by bots, malicious programs that reside on the affected user computers. By using a special type of router called filter router (FR), the victim can protect itself. A server needs to send filters to FR for blocking attack traffic. A filter blocks both attack and user traffic which are destined for the victim at the FR. The victim needs to select a subset of FRs wisely to minimize the blockage of users. The victim's operation is not hampered if the total incoming traffic does not exceed its capacity. In this paper, we formulate a problem for selecting FRs given a budget on the number of filters. The problem considers that the victim has limited incoming bandwidth and we provide an optimal dynamic programming solution. We conduct extensive simulation in different settings. Our simulation results strengthen support for our solutions.
AB - In a denial-of-service (DoS) attack, the attacker sends out a huge number of requests to exhaust the capacity of a server. The victim cannot serve incoming requests and then DoS occurs. When the attacker stops sending requests, the victim gets back to working state. The most devastating distributed DoS attack is performed by bots, malicious programs that reside on the affected user computers. By using a special type of router called filter router (FR), the victim can protect itself. A server needs to send filters to FR for blocking attack traffic. A filter blocks both attack and user traffic which are destined for the victim at the FR. The victim needs to select a subset of FRs wisely to minimize the blockage of users. The victim's operation is not hampered if the total incoming traffic does not exceed its capacity. In this paper, we formulate a problem for selecting FRs given a budget on the number of filters. The problem considers that the victim has limited incoming bandwidth and we provide an optimal dynamic programming solution. We conduct extensive simulation in different settings. Our simulation results strengthen support for our solutions.
UR - http://www.scopus.com/inward/record.url?scp=85079320117&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85079320117&partnerID=8YFLogxK
U2 - 10.1109/RWS47064.2019.8972008
DO - 10.1109/RWS47064.2019.8972008
M3 - Conference contribution
AN - SCOPUS:85079320117
T3 - Proceedings - 2019 Resilience Week, RWS 2019
SP - 57
EP - 63
BT - Proceedings - 2019 Resilience Week, RWS 2019
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 2019 Resilience Week, RWS 2019
Y2 - 4 November 2019 through 7 November 2019
ER -