TY - GEN
T1 - Stealthy DGoS Attack under Passive and Active Measurements
AU - Chiu, Cho Chun
AU - He, Ting
N1 - Funding Information:
This work was supported by the National Science Foundation under award CCF-1813219.
Publisher Copyright:
© 2020 IEEE.
PY - 2020/12
Y1 - 2020/12
N2 - As a tool to infer the internal state of a network that cannot be measured directly (e.g., the Internet and all-optical networks), network tomography has been extensively studied under the assumption that the measurements truthfully reflect the end-to-end performance of measurement paths, which makes the resulting solutions vulnerable to manipulated measurements. In this work, we investigate the impact of manipulated measurements via a recently proposed attack model called the stealthy DeGrading of Service (DGoS) attack, which aims at maximally degrading path performances without exposing the manipulated links to network tomography. While existing studies on this attack assume that network tomography only measures the paths actively used for data transfer (by passively recording the performance of data packets), our model allows network tomography to measure a larger set of paths, e.g., by sending probes on some paths not carrying data flows. By developing and analyzing the optimal attack strategy, we quantify the maximum damage of such an attack and shed light on possible defenses.
AB - As a tool to infer the internal state of a network that cannot be measured directly (e.g., the Internet and all-optical networks), network tomography has been extensively studied under the assumption that the measurements truthfully reflect the end-to-end performance of measurement paths, which makes the resulting solutions vulnerable to manipulated measurements. In this work, we investigate the impact of manipulated measurements via a recently proposed attack model called the stealthy DeGrading of Service (DGoS) attack, which aims at maximally degrading path performances without exposing the manipulated links to network tomography. While existing studies on this attack assume that network tomography only measures the paths actively used for data transfer (by passively recording the performance of data packets), our model allows network tomography to measure a larger set of paths, e.g., by sending probes on some paths not carrying data flows. By developing and analyzing the optimal attack strategy, we quantify the maximum damage of such an attack and shed light on possible defenses.
UR - http://www.scopus.com/inward/record.url?scp=85100382445&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85100382445&partnerID=8YFLogxK
U2 - 10.1109/GLOBECOM42002.2020.9322176
DO - 10.1109/GLOBECOM42002.2020.9322176
M3 - Conference contribution
AN - SCOPUS:85100382445
T3 - 2020 IEEE Global Communications Conference, GLOBECOM 2020 - Proceedings
BT - 2020 IEEE Global Communications Conference, GLOBECOM 2020 - Proceedings
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 2020 IEEE Global Communications Conference, GLOBECOM 2020
Y2 - 7 December 2020 through 11 December 2020
ER -