TY - GEN
T1 - How well can congestion pricing neutralize denial of service attacks?
AU - Vulimiri, Ashish
AU - Agha, Gul A.
AU - Godfrey, Philip Brighten
AU - Lakshminarayanan, Karthik
PY - 2012
Y1 - 2012
N2 - Denial of service protection mechanisms usually require classifying malicious traffic, which can be difficult. Another approach is to price scarce resources. However, while congestion pricing has been suggested as a way to combat DoS attacks, it has not been shown quantitatively how much damage a malicious player could cause to the utility of benign participants. In this paper, we quantify the protection that congestion pricing affords against DoS attacks, even for powerful attackers that can control their packets' routes. Specifically, we model the limits on the resources available to the attackers in three different ways and, in each case, quantify the maximum amount of damage they can cause as a function of their resource bounds. In addition, we show that congestion pricing is provably superior to fair queueing in attack resilience.
AB - Denial of service protection mechanisms usually require classifying malicious traffic, which can be difficult. Another approach is to price scarce resources. However, while congestion pricing has been suggested as a way to combat DoS attacks, it has not been shown quantitatively how much damage a malicious player could cause to the utility of benign participants. In this paper, we quantify the protection that congestion pricing affords against DoS attacks, even for powerful attackers that can control their packets' routes. Specifically, we model the limits on the resources available to the attackers in three different ways and, in each case, quantify the maximum amount of damage they can cause as a function of their resource bounds. In addition, we show that congestion pricing is provably superior to fair queueing in attack resilience.
KW - DoS
KW - congestion pricing
KW - denial of service
KW - security
UR - http://www.scopus.com/inward/record.url?scp=84864717730&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84864717730&partnerID=8YFLogxK
U2 - 10.1145/2254756.2254775
DO - 10.1145/2254756.2254775
M3 - Conference contribution
AN - SCOPUS:84864717730
SN - 9781450310970
T3 - Performance Evaluation Review
SP - 137
EP - 150
BT - SIGMETRICS/Performance 2012 - Proceedings of the 2012 ACM SIGMETRICS/Performance, Joint International Conference on Measurement and Modeling of Computer Systems
T2 - 12th Joint International Conference on Measurement and Modeling of Computer Systems, ACM SIGMETRICS/Performance 2012
Y2 - 11 June 2012 through 15 June 2012
ER -