TY - GEN
T1 - Detecting Service Violations and DoS Attacks
AU - Habib, Ahsan
AU - Hefeeda, Mohamed M.
AU - Bhargava, Bharat K.
N1 - Publisher Copyright:
© 2003 Proceedings of the Symposium on Network and Distributed System Security, NDSS 2003. All Rights Reserved.
PY - 2003
Y1 - 2003
N2 - Denial of Service (DoS) attacks are a serious threat for the Internet. DoS attacks can consume memory, CPU, and network resources and damage or shut down the operation of the resource under attack (victim). The quality of service (QoS) enabled networks, which offer different levels of service, are vulnerable to QoS attacks as well as DoS attacks. The aim of a QoS attack is to steal network resources, e.g., bandwidth, or to degrade the service perceived by users. We present a classification and a brief explanation of the approaches used to deal with the DoS and QoS attacks. Furthermore, we propose network monitoring techniques to detect service violations and to infer DoS attacks. Finally, a quantitative comparison among all schemes is conducted, in which, we highlight the merits of each scheme and estimate the overhead (both processing and communication) introduced by it. The comparison provides guidelines for selecting the appropriate scheme, or a combination of schemes, based on the requirements and how much overhead can be tolerated.
AB - Denial of Service (DoS) attacks are a serious threat for the Internet. DoS attacks can consume memory, CPU, and network resources and damage or shut down the operation of the resource under attack (victim). The quality of service (QoS) enabled networks, which offer different levels of service, are vulnerable to QoS attacks as well as DoS attacks. The aim of a QoS attack is to steal network resources, e.g., bandwidth, or to degrade the service perceived by users. We present a classification and a brief explanation of the approaches used to deal with the DoS and QoS attacks. Furthermore, we propose network monitoring techniques to detect service violations and to infer DoS attacks. Finally, a quantitative comparison among all schemes is conducted, in which, we highlight the merits of each scheme and estimate the overhead (both processing and communication) introduced by it. The comparison provides guidelines for selecting the appropriate scheme, or a combination of schemes, based on the requirements and how much overhead can be tolerated.
UR - https://www.scopus.com/pages/publications/84942761066
M3 - Conference contribution
AN - SCOPUS:84942761066
T3 - Proceedings of the Symposium on Network and Distributed System Security, NDSS 2003
BT - Proceedings of the Symposium on Network and Distributed System Security, NDSS 2003
PB - The Internet Society
T2 - 10th Symposium on Network and Distributed System Security, NDSS 2003
Y2 - 6 February 2003 through 6 February 2003
ER -