ACM Transactions on Computer Systems (TOCS)
Controlling high bandwidth aggregates in the network
ACM SIGCOMM Computer Communication Review
Measuring thin-client performance using slow-motion benchmarking
ACM Transactions on Computer Systems (TOCS)
Low-rate TCP-targeted denial of service attacks: the shrew vs. the mice and elephants
Proceedings of the 2003 conference on Applications, technologies, architectures, and protocols for computer communications
Persistent dropping: an efficient control of traffic aggregates
Proceedings of the 2003 conference on Applications, technologies, architectures, and protocols for computer communications
User-Centric Performance Analysis of Market-Based Cluster Batch Schedulers
CCGRID '02 Proceedings of the 2nd IEEE/ACM International Symposium on Cluster Computing and the Grid
The effect of latency on user performance in Warcraft III
NetGames '03 Proceedings of the 2nd workshop on Network and system support for games
The effects of loss and latency on user performance in unreal tournament 2003®
Proceedings of 3rd ACM SIGCOMM workshop on Network and system support for games
Exploiting the Transients of Adaptation for RoQ Attacks on Internet Resources
ICNP '04 Proceedings of the 12th IEEE International Conference on Network Protocols
Modeling Networking Protocols to Test Intrusion Detection Systems
LCN '04 Proceedings of the 29th Annual IEEE International Conference on Local Computer Networks
A DoS-limiting network architecture
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
Quantifying Skype user satisfaction
Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications
A Framework for a Collaborative DDoS Defense
ACSAC '06 Proceedings of the 22nd Annual Computer Security Applications Conference
Botz-4-sale: surviving organized DDoS attacks that mimic flash crowds
NSDI'05 Proceedings of the 2nd conference on Symposium on Networked Systems Design & Implementation - Volume 2
A service architecture for ATM: from applications to scheduling
IEEE Network: The Magazine of Global Internetworking
Automating DDoS experimentation
DETER Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test on DETER Community Workshop on Cyber Security Experimentation and Test 2007
AnomBench: a benchmark for volume-based internet anomaly detection
GLOBECOM'09 Proceedings of the 28th IEEE conference on Global telecommunications
Forwarding devices: From measurements to simulations
ACM Transactions on Modeling and Computer Simulation (TOMACS)
Combat model-based DDoS detection and defence using experimental testbed: a quantitative approach
International Journal of Intelligent Engineering Informatics
Witnessing distributed denial-of-service traffic from an attacker's network
Proceedings of the 7th International Conference on Network and Services Management
Detecting denial of service by modelling web-server behaviour
Computers and Electrical Engineering
| Hi-index | 0.00 |
To date, the measurement of user-perceived degradation of quality of service during denial of service (DoS) attacks remained an elusive goal. Current approaches mostly rely on lower level traffic measurements such as throughput, utilization, loss rate, and latency. They fail to monitor all traffic parameters that signal service degradation for diverse applications, and to map application quality-of-service (QoS) requirements into specific parameter thresholds. To objectively evaluate an attack's impact on network services, its severity and the effectiveness of a potential defense, we need precise, quantitative and comprehensive DoS impact metrics that are applicable to any test scenario. We propose a series of DoS impact metrics that measure the QoS experienced by end users during an attack. The proposed metrics consider QoS requirements for a range of applications and map them into measurable traffic parameters with acceptable thresholds. Service quality is derived by comparing measured parameter values with corresponding thresholds, and aggregated into a series of appropriate DoS impact metrics. We illustrate the proposed metrics using extensive live experiments, with a wide range of background traffic and attack variants. We successfully demonstrate that our metrics capture the DoS impact more precisely than the measures used in the past.