Combat model-based DDoS detection and defence using experimental testbed: a quantitative approach
International Journal of Intelligent Engineering Informatics
Implementation of an emulation environment for large scale network security experiments
ACC'11/MMACTEE'11 Proceedings of the 13th IASME/WSEAS international conference on Mathematical Methods and Computational Techniques in Electrical Engineering conference on Applied Computing
Flow-based partitioning of network testbed experiments
Computer Networks: The International Journal of Computer and Telecommunications Networking
Hi-index | 0.00 |
Researchers in the denial-of-service (DoS) field lack accurate, quantitative, and versatile metrics to measure service denial in simulation and testbed experiments. Without such metrics, it is impossible to measure severity of various attacks, quantify success of proposed defenses, and compare their performance. Existing DoS metrics equate service denial with slow communication, low throughput, high resource utilization, and high loss rate. These metrics are not versatile because they fail to monitor all traffic parameters that signal service degradation. They are not quantitative because they fail to specify exact ranges of parameter values that correspond to good or poor service quality. Finally, they are not accurate since they were not proven to correspond to human perception of service denial. We propose several DoS impact metrics that measure the quality of service experienced by users during an attack. Our metrics are quantitative: they map QoS requirements for several applications into measurable traffic parameters with acceptable, scientifically determined thresholds. They are versatile: they apply to a wide range of attack scenarios, which we demonstrate via testbed experiments and simulations. We also prove metrics' accuracy through testing with human users.