A Cost-Based Framework for Analysis of Denial of Service in Networks
نویسنده
چکیده
Denial of service is becoming a growing concern. As computer systems communicate more and more with others that they know less and less, they become increasingly vulnerable to hostile intruders who may take advantage of the very protocols intended for the establishment and authentication of communication to tie up resources and disable servers. This paper shows how some principles that have already been used to make cryptographic protocols more resistant to denial of service by trading o the cost to defender against the cost to the attacker can be formalized based on a modi cation of the Gong-Syverson fail-stop model of cryptographic protocols, and indicates the ways in which existing cryptographic protocol analysis tools could be modi ed to operate within this formal framework. We also indicate how this framework could be extended to protocols that do not make use of strong authentication.
منابع مشابه
HF-Blocker: Detection of Distributed Denial of Service Attacks Based On Botnets
Abstract—Today, botnets have become a serious threat to enterprise networks. By creation of network of bots, they launch several attacks, distributed denial of service attacks (DDoS) on networks is a sample of such attacks. Such attacks with the occupation of system resources, have proven to be an effective method of denying network services. Botnets that launch HTTP packet flood attacks agains...
متن کاملIntrusion Detection in IOT based Networks Using Double Discriminant Analysis
Intrusion detection is one of the main challenges in wireless systems especially in Internet of things (IOT) based networks. There are various attack types such as probe, denial of service, remote to local and user to root. In addition to known attacks and malicious behaviors, there are various unknown attacks that some of them have similar behavior with respect to each other or mimic the norma...
متن کاملDetecting Denial of Service Message Flooding Attacks in SIP based Services
Increasing the popularity of SIP based services (VoIP, IPTV, IMS infrastructure) lead to concerns about its security. The main signaling protocol of next generation networks and VoIP systems is Session Initiation Protocol (SIP). Inherent vulnerabilities of SIP, misconfiguration of its related components and also its implementation deficiencies cause some security concerns in SIP based infra...
متن کاملDesign of a Reliable Facility Location Model for Health Service Networks
This paper proposes a novel facility location model for health service network design by considering different key elements including the reliability aspects, service capacity, congestion, service quality, surrounding public infrastructures, geographical accessibility and several types of cost such as investment, transportation and operational costs. We formulate the problem as a robust scenari...
متن کاملA Multi Objective Graph Based Model for Analyzing Survivability of Vulnerable Networks
In the various fields of disaster management, choosing the best location for the Emergency Support & Supply Service Centers (ESSSCs) and the survivability of the network that provides the links between ESSSCs and their environment has a great role to be paid enough attention. This paper introduces a graph based model to measure the survivability of the linking's network. By values computed for ...
متن کاملDoS-Resistant Attribute-Based Encryption in Mobile Cloud Computing with Revocation
Security and privacy are very important challenges for outsourced private data over cloud storages. By taking Attribute-Based Encryption (ABE) for Access Control (AC) purpose we use fine-grained AC over cloud storage. In this paper, we extend previous Ciphertext Policy ABE (CP-ABE) schemes especially for mobile and resource-constrained devices in a cloud computing environment in two aspects, a ...
متن کامل