Abstract
We state and prove the square root scaling laws for the amount of traffic injected by a covert attacker into a network from a set of homes under the assumption that traffic descriptors follow a multivariate Gaussian distribution. We numerically evaluate the obtained result under realistic settings wherein traffic is collected from real users, leveraging detectors that exploit multiple features. Under such circumstances, we observe that phase transitions predicted by the model still hold.
- D. P. Bertsekas and J. N. Tsitsiklis. Introduction to Probability. Athena Scientific, 2008.Google Scholar
- B. Jiang, P. Nain, and D. Towsley. Covert cycle stealing in a single FIFO server. To appear in ACM ToMPECS. Preprint at arXiv:2003.05135, 2021.Google Scholar
- S. Kullback. Information Theory and Statistics. Dover Publications, 1968.Google Scholar
- E. L. Lehmann and J. P. Romano. Testing Statistical Hypotheses. Springer Science & Business Media, 2006.Google Scholar
- G. Mendon¸ca, G. H. A. Santos, E. de Souza e Silva, R. M. M. Leao, D. S. Menasche, and D. Towsley. An Extremely Lightweight Approach for DDoS Detection at Home Gateways. In 2019 IEEE International Conference on Big Data, pages 5012--5021, 2019.Google ScholarCross Ref
Recommendations
SENSS Against Volumetric DDoS Attacks
ACSAC '18: Proceedings of the 34th Annual Computer Security Applications ConferenceVolumetric distributed denial-of-service (DDoS) attacks can bring any network to a halt. Because of their distributed nature and high volume, the victim often cannot handle these attacks alone and needs help from upstream ISPs. Today's Internet has no ...
DDoS attacks and defense mechanisms: classification and state-of-the-art
Denial of Service (DoS) attacks constitute one of the major threats and among the hardest security problems in today's Internet. Of particular concern are Distributed Denial of Service (DDoS) attacks, whose impact can be proportionally severe. With ...
Comments