How well can congestion pricing neutralize denial of service attacks?

Ashish Vulimiri, Gul A. Agha, Philip Brighten Godfrey, Karthik Lakshminarayanan

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Denial of service protection mechanisms usually require classifying malicious traffic, which can be difficult. Another approach is to price scarce resources. However, while congestion pricing has been suggested as a way to combat DoS attacks, it has not been shown quantitatively how much damage a malicious player could cause to the utility of benign participants. In this paper, we quantify the protection that congestion pricing affords against DoS attacks, even for powerful attackers that can control their packets' routes. Specifically, we model the limits on the resources available to the attackers in three different ways and, in each case, quantify the maximum amount of damage they can cause as a function of their resource bounds. In addition, we show that congestion pricing is provably superior to fair queueing in attack resilience.

Original languageEnglish (US)
Title of host publicationSIGMETRICS/Performance 2012 - Proceedings of the 2012 ACM SIGMETRICS/Performance, Joint International Conference on Measurement and Modeling of Computer Systems
Pages137-150
Number of pages14
Edition1 SPEC. ISS.
DOIs
StatePublished - 2012
Event12th Joint International Conference on Measurement and Modeling of Computer Systems, ACM SIGMETRICS/Performance 2012 - London, United Kingdom
Duration: Jun 11 2012Jun 15 2012

Publication series

NamePerformance Evaluation Review
Number1 SPEC. ISS.
Volume40
ISSN (Print)0163-5999

Other

Other12th Joint International Conference on Measurement and Modeling of Computer Systems, ACM SIGMETRICS/Performance 2012
Country/TerritoryUnited Kingdom
CityLondon
Period6/11/126/15/12

Keywords

  • DoS
  • congestion pricing
  • denial of service
  • security

ASJC Scopus subject areas

  • Software
  • Hardware and Architecture
  • Computer Networks and Communications

Fingerprint

Dive into the research topics of 'How well can congestion pricing neutralize denial of service attacks?'. Together they form a unique fingerprint.

Cite this