How well can congestion pricing neutralize denial of service attacks?

Ashish Vulimiri; Gul A. Agha; Philip Brighten Godfrey; Karthik Lakshminarayanan

doi:10.1145/2254756.2254775

How well can congestion pricing neutralize denial of service attacks?

Ashish Vulimiri, Gul A. Agha, Philip Brighten Godfrey, Karthik Lakshminarayanan

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

Denial of service protection mechanisms usually require classifying malicious traffic, which can be difficult. Another approach is to price scarce resources. However, while congestion pricing has been suggested as a way to combat DoS attacks, it has not been shown quantitatively how much damage a malicious player could cause to the utility of benign participants. In this paper, we quantify the protection that congestion pricing affords against DoS attacks, even for powerful attackers that can control their packets' routes. Specifically, we model the limits on the resources available to the attackers in three different ways and, in each case, quantify the maximum amount of damage they can cause as a function of their resource bounds. In addition, we show that congestion pricing is provably superior to fair queueing in attack resilience.

Original language	English (US)
Title of host publication	SIGMETRICS/Performance 2012 - Proceedings of the 2012 ACM SIGMETRICS/Performance, Joint International Conference on Measurement and Modeling of Computer Systems
Pages	137-150
Number of pages	14
Edition	1 SPEC. ISS.
DOIs	https://doi.org/10.1145/2254756.2254775
State	Published - 2012
Event	12th Joint International Conference on Measurement and Modeling of Computer Systems, ACM SIGMETRICS/Performance 2012 - London, United Kingdom Duration: Jun 11 2012 → Jun 15 2012

Publication series

Name	Performance Evaluation Review
Number	1 SPEC. ISS.
Volume	40
ISSN (Print)	0163-5999

Other

Other	12th Joint International Conference on Measurement and Modeling of Computer Systems, ACM SIGMETRICS/Performance 2012
Country/Territory	United Kingdom
City	London
Period	6/11/12 → 6/15/12

Keywords

DoS
congestion pricing
denial of service
security

ASJC Scopus subject areas

Software
Hardware and Architecture
Computer Networks and Communications

Online availability

10.1145/2254756.2254775

Library availability

Discover UIUC Full Text

Cite this

Vulimiri, A., Agha, G. A., Godfrey, P. B., & Lakshminarayanan, K. (2012). How well can congestion pricing neutralize denial of service attacks? In SIGMETRICS/Performance 2012 - Proceedings of the 2012 ACM SIGMETRICS/Performance, Joint International Conference on Measurement and Modeling of Computer Systems (1 SPEC. ISS. ed., pp. 137-150). (Performance Evaluation Review; Vol. 40, No. 1 SPEC. ISS.). https://doi.org/10.1145/2254756.2254775

How well can congestion pricing neutralize denial of service attacks? / Vulimiri, Ashish; Agha, Gul A.; Godfrey, Philip Brighten et al.
SIGMETRICS/Performance 2012 - Proceedings of the 2012 ACM SIGMETRICS/Performance, Joint International Conference on Measurement and Modeling of Computer Systems. 1 SPEC. ISS. ed. 2012. p. 137-150 (Performance Evaluation Review; Vol. 40, No. 1 SPEC. ISS.).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Vulimiri, A, Agha, GA , Godfrey, PB & Lakshminarayanan, K 2012, How well can congestion pricing neutralize denial of service attacks? in SIGMETRICS/Performance 2012 - Proceedings of the 2012 ACM SIGMETRICS/Performance, Joint International Conference on Measurement and Modeling of Computer Systems. 1 SPEC. ISS. edn, Performance Evaluation Review, no. 1 SPEC. ISS., vol. 40, pp. 137-150, 12th Joint International Conference on Measurement and Modeling of Computer Systems, ACM SIGMETRICS/Performance 2012, London, United Kingdom, 6/11/12. https://doi.org/10.1145/2254756.2254775

Vulimiri A, Agha GA , Godfrey PB, Lakshminarayanan K. How well can congestion pricing neutralize denial of service attacks? In SIGMETRICS/Performance 2012 - Proceedings of the 2012 ACM SIGMETRICS/Performance, Joint International Conference on Measurement and Modeling of Computer Systems. 1 SPEC. ISS. ed. 2012. p. 137-150. (Performance Evaluation Review; 1 SPEC. ISS.). doi: 10.1145/2254756.2254775

Vulimiri, Ashish ; Agha, Gul A. ; Godfrey, Philip Brighten et al. / How well can congestion pricing neutralize denial of service attacks?. SIGMETRICS/Performance 2012 - Proceedings of the 2012 ACM SIGMETRICS/Performance, Joint International Conference on Measurement and Modeling of Computer Systems. 1 SPEC. ISS. ed. 2012. pp. 137-150 (Performance Evaluation Review; 1 SPEC. ISS.).

@inproceedings{6137f81c2aef4b588673020c5a00a596,

title = "How well can congestion pricing neutralize denial of service attacks?",

abstract = "Denial of service protection mechanisms usually require classifying malicious traffic, which can be difficult. Another approach is to price scarce resources. However, while congestion pricing has been suggested as a way to combat DoS attacks, it has not been shown quantitatively how much damage a malicious player could cause to the utility of benign participants. In this paper, we quantify the protection that congestion pricing affords against DoS attacks, even for powerful attackers that can control their packets' routes. Specifically, we model the limits on the resources available to the attackers in three different ways and, in each case, quantify the maximum amount of damage they can cause as a function of their resource bounds. In addition, we show that congestion pricing is provably superior to fair queueing in attack resilience.",

keywords = "DoS, congestion pricing, denial of service, security",

author = "Ashish Vulimiri and Agha, {Gul A.} and Godfrey, {Philip Brighten} and Karthik Lakshminarayanan",

year = "2012",

doi = "10.1145/2254756.2254775",

language = "English (US)",

isbn = "9781450310970",

series = "Performance Evaluation Review",

number = "1 SPEC. ISS.",

pages = "137--150",

booktitle = "SIGMETRICS/Performance 2012 - Proceedings of the 2012 ACM SIGMETRICS/Performance, Joint International Conference on Measurement and Modeling of Computer Systems",

edition = "1 SPEC. ISS.",

note = "12th Joint International Conference on Measurement and Modeling of Computer Systems, ACM SIGMETRICS/Performance 2012 ; Conference date: 11-06-2012 Through 15-06-2012",