Assessing and quantifying denial of service attacks

Assessing and quantifying denial of service attacks

Denial of service (DoS) attacks come in a variety of types and can target groups of users, individual users, or entire computer systems. With the ever-increasing reliance on networked information systems for command and control of military systems - not to mention communications infrastructures - re...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Gregg, D.M., Blackert, W.J., Heinbuch, D.V., Furnanage, D.
Format: Tagungsbericht
Sprache:eng
Schlagworte:
Access protocols
Command and control systems
Computer crime
Computer security
Degradation
Delay
Information systems
Military communication
Military computing
Protection
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page 80 vol.1
container_issue
container_start_page 76
container_title
container_volume 1
creator Gregg, D.M.
Blackert, W.J.
Heinbuch, D.V.
Furnanage, D.
description Denial of service (DoS) attacks come in a variety of types and can target groups of users, individual users, or entire computer systems. With the ever-increasing reliance on networked information systems for command and control of military systems - not to mention communications infrastructures - relatively simple attacks that degrade or deny service can have devastating effects. The critical importance of protection from DoS attacks is well recognized by the DoD and in fact, the USA National Computer Security Center defines INFOSEC to include "measures and controls to protect infrastructure against denial of service". There are basically three levels of DoS attacks, growing both in sophistication and seriousness of attack effects. The simplest attack exploits errors and bugs in the design and source code of a network operating system. The second level of attack exploits known artifacts of a particular system implementation or protocol, often due to limited storage or capacity, to introduce delay, to saturate a system, or otherwise limit accessibility. The third and most damaging level of attack uses very specific features of the network protocol to mount the attack. These attacks are specifically designed to look like normal usage. We have modeled and validated five different DoS attacks. We have executed these attack models against a validated model of a target network whose architecture and stochastic behavior is varied for analysis purposes. We are currently conducting a systems analysis using these models and are looking across the protocol stack and target network for attack effects. This paper describes the analysis of one attack's effectiveness by varying the attack rate, server time out, and connection settings. Output from our model includes probability of denied service, delay and outage time, and correlations under attack and no attack conditions. Our objective is to characterize attack effects and to ultimately derive mitigation techniques and indications and warnings.
doi_str_mv 10.1109/MILCOM.2001.985767
format Conference Proceeding
fullrecord <record><control><sourceid>ieee_6IE</sourceid><recordid>TN_cdi_ieee_primary_985767</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>985767</ieee_id><sourcerecordid>985767</sourcerecordid><originalsourceid>FETCH-ieee_primary_9857673</originalsourceid><addsrcrecordid>eNpjYJAyNNAzNDSw1Pf19HH299UzMjAw1LO0MDU3M2dm4LU0tzAAImNzIyNTIw4G3uLiLAMgMDUyNzIx42QwdiwuTi0uzsxLV0jMS1EoLE3MK8lMqwTxU1LzMhNzFPLTFIpTi8oyk1MVEktKEpOzi3kYWNMSc4pTeaE0N4OUm2uIs4duZmpqanxBUWZuYlFlPMQFxnglAQ_YNPQ</addsrcrecordid><sourcetype>Publisher</sourcetype><iscdi>true</iscdi><recordtype>conference_proceeding</recordtype></control><display><type>conference_proceeding</type><title>Assessing and quantifying denial of service attacks</title><source>IEEE Electronic Library (IEL) Conference Proceedings</source><creator>Gregg, D.M. ; Blackert, W.J. ; Heinbuch, D.V. ; Furnanage, D.</creator><creatorcontrib>Gregg, D.M. ; Blackert, W.J. ; Heinbuch, D.V. ; Furnanage, D.</creatorcontrib><description>Denial of service (DoS) attacks come in a variety of types and can target groups of users, individual users, or entire computer systems. With the ever-increasing reliance on networked information systems for command and control of military systems - not to mention communications infrastructures - relatively simple attacks that degrade or deny service can have devastating effects. The critical importance of protection from DoS attacks is well recognized by the DoD and in fact, the USA National Computer Security Center defines INFOSEC to include "measures and controls to protect infrastructure against denial of service". There are basically three levels of DoS attacks, growing both in sophistication and seriousness of attack effects. The simplest attack exploits errors and bugs in the design and source code of a network operating system. The second level of attack exploits known artifacts of a particular system implementation or protocol, often due to limited storage or capacity, to introduce delay, to saturate a system, or otherwise limit accessibility. The third and most damaging level of attack uses very specific features of the network protocol to mount the attack. These attacks are specifically designed to look like normal usage. We have modeled and validated five different DoS attacks. We have executed these attack models against a validated model of a target network whose architecture and stochastic behavior is varied for analysis purposes. We are currently conducting a systems analysis using these models and are looking across the protocol stack and target network for attack effects. This paper describes the analysis of one attack's effectiveness by varying the attack rate, server time out, and connection settings. Output from our model includes probability of denied service, delay and outage time, and correlations under attack and no attack conditions. Our objective is to characterize attack effects and to ultimately derive mitigation techniques and indications and warnings.</description><identifier>ISBN: 9780780372252</identifier><identifier>ISBN: 0780372255</identifier><identifier>DOI: 10.1109/MILCOM.2001.985767</identifier><language>eng</language><publisher>IEEE</publisher><subject>Access protocols ; Command and control systems ; Computer crime ; Computer security ; Degradation ; Delay ; Information systems ; Military communication ; Military computing ; Protection</subject><ispartof>2001 MILCOM Proceedings Communications for Network-Centric Operations: Creating the Information Force (Cat. No.01CH37277), 2001, Vol.1, p.76-80 vol.1</ispartof><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/985767$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>309,310,776,780,785,786,2052,4036,4037,27902,54895</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/985767$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Gregg, D.M.</creatorcontrib><creatorcontrib>Blackert, W.J.</creatorcontrib><creatorcontrib>Heinbuch, D.V.</creatorcontrib><creatorcontrib>Furnanage, D.</creatorcontrib><title>Assessing and quantifying denial of service attacks</title><title>2001 MILCOM Proceedings Communications for Network-Centric Operations: Creating the Information Force (Cat. No.01CH37277)</title><addtitle>MILCOM</addtitle><description>Denial of service (DoS) attacks come in a variety of types and can target groups of users, individual users, or entire computer systems. With the ever-increasing reliance on networked information systems for command and control of military systems - not to mention communications infrastructures - relatively simple attacks that degrade or deny service can have devastating effects. The critical importance of protection from DoS attacks is well recognized by the DoD and in fact, the USA National Computer Security Center defines INFOSEC to include "measures and controls to protect infrastructure against denial of service". There are basically three levels of DoS attacks, growing both in sophistication and seriousness of attack effects. The simplest attack exploits errors and bugs in the design and source code of a network operating system. The second level of attack exploits known artifacts of a particular system implementation or protocol, often due to limited storage or capacity, to introduce delay, to saturate a system, or otherwise limit accessibility. The third and most damaging level of attack uses very specific features of the network protocol to mount the attack. These attacks are specifically designed to look like normal usage. We have modeled and validated five different DoS attacks. We have executed these attack models against a validated model of a target network whose architecture and stochastic behavior is varied for analysis purposes. We are currently conducting a systems analysis using these models and are looking across the protocol stack and target network for attack effects. This paper describes the analysis of one attack's effectiveness by varying the attack rate, server time out, and connection settings. Output from our model includes probability of denied service, delay and outage time, and correlations under attack and no attack conditions. Our objective is to characterize attack effects and to ultimately derive mitigation techniques and indications and warnings.</description><subject>Access protocols</subject><subject>Command and control systems</subject><subject>Computer crime</subject><subject>Computer security</subject><subject>Degradation</subject><subject>Delay</subject><subject>Information systems</subject><subject>Military communication</subject><subject>Military computing</subject><subject>Protection</subject><isbn>9780780372252</isbn><isbn>0780372255</isbn><fulltext>true</fulltext><rsrctype>conference_proceeding</rsrctype><creationdate>2001</creationdate><recordtype>conference_proceeding</recordtype><sourceid>6IE</sourceid><sourceid>RIE</sourceid><recordid>eNpjYJAyNNAzNDSw1Pf19HH299UzMjAw1LO0MDU3M2dm4LU0tzAAImNzIyNTIw4G3uLiLAMgMDUyNzIx42QwdiwuTi0uzsxLV0jMS1EoLE3MK8lMqwTxU1LzMhNzFPLTFIpTi8oyk1MVEktKEpOzi3kYWNMSc4pTeaE0N4OUm2uIs4duZmpqanxBUWZuYlFlPMQFxnglAQ_YNPQ</recordid><startdate>2001</startdate><enddate>2001</enddate><creator>Gregg, D.M.</creator><creator>Blackert, W.J.</creator><creator>Heinbuch, D.V.</creator><creator>Furnanage, D.</creator><general>IEEE</general><scope>6IE</scope><scope>6IH</scope><scope>CBEJK</scope><scope>RIE</scope><scope>RIO</scope></search><sort><creationdate>2001</creationdate><title>Assessing and quantifying denial of service attacks</title><author>Gregg, D.M. ; Blackert, W.J. ; Heinbuch, D.V. ; Furnanage, D.</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-ieee_primary_9857673</frbrgroupid><rsrctype>conference_proceedings</rsrctype><prefilter>conference_proceedings</prefilter><language>eng</language><creationdate>2001</creationdate><topic>Access protocols</topic><topic>Command and control systems</topic><topic>Computer crime</topic><topic>Computer security</topic><topic>Degradation</topic><topic>Delay</topic><topic>Information systems</topic><topic>Military communication</topic><topic>Military computing</topic><topic>Protection</topic><toplevel>online_resources</toplevel><creatorcontrib>Gregg, D.M.</creatorcontrib><creatorcontrib>Blackert, W.J.</creatorcontrib><creatorcontrib>Heinbuch, D.V.</creatorcontrib><creatorcontrib>Furnanage, D.</creatorcontrib><collection>IEEE Electronic Library (IEL) Conference Proceedings</collection><collection>IEEE Proceedings Order Plan (POP) 1998-present by volume</collection><collection>IEEE Xplore All Conference Proceedings</collection><collection>IEEE Electronic Library (IEL)</collection><collection>IEEE Proceedings Order Plans (POP) 1998-present</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Gregg, D.M.</au><au>Blackert, W.J.</au><au>Heinbuch, D.V.</au><au>Furnanage, D.</au><format>book</format><genre>proceeding</genre><ristype>CONF</ristype><atitle>Assessing and quantifying denial of service attacks</atitle><btitle>2001 MILCOM Proceedings Communications for Network-Centric Operations: Creating the Information Force (Cat. No.01CH37277)</btitle><stitle>MILCOM</stitle><date>2001</date><risdate>2001</risdate><volume>1</volume><spage>76</spage><epage>80 vol.1</epage><pages>76-80 vol.1</pages><isbn>9780780372252</isbn><isbn>0780372255</isbn><abstract>Denial of service (DoS) attacks come in a variety of types and can target groups of users, individual users, or entire computer systems. With the ever-increasing reliance on networked information systems for command and control of military systems - not to mention communications infrastructures - relatively simple attacks that degrade or deny service can have devastating effects. The critical importance of protection from DoS attacks is well recognized by the DoD and in fact, the USA National Computer Security Center defines INFOSEC to include "measures and controls to protect infrastructure against denial of service". There are basically three levels of DoS attacks, growing both in sophistication and seriousness of attack effects. The simplest attack exploits errors and bugs in the design and source code of a network operating system. The second level of attack exploits known artifacts of a particular system implementation or protocol, often due to limited storage or capacity, to introduce delay, to saturate a system, or otherwise limit accessibility. The third and most damaging level of attack uses very specific features of the network protocol to mount the attack. These attacks are specifically designed to look like normal usage. We have modeled and validated five different DoS attacks. We have executed these attack models against a validated model of a target network whose architecture and stochastic behavior is varied for analysis purposes. We are currently conducting a systems analysis using these models and are looking across the protocol stack and target network for attack effects. This paper describes the analysis of one attack's effectiveness by varying the attack rate, server time out, and connection settings. Output from our model includes probability of denied service, delay and outage time, and correlations under attack and no attack conditions. Our objective is to characterize attack effects and to ultimately derive mitigation techniques and indications and warnings.</abstract><pub>IEEE</pub><doi>10.1109/MILCOM.2001.985767</doi></addata></record>
fulltext fulltext_linktorsrc
identifier ISBN: 9780780372252
ispartof 2001 MILCOM Proceedings Communications for Network-Centric Operations: Creating the Information Force (Cat. No.01CH37277), 2001, Vol.1, p.76-80 vol.1
issn
language eng
recordid cdi_ieee_primary_985767
source IEEE Electronic Library (IEL) Conference Proceedings
subjects Access protocols
Command and control systems
Computer crime
Computer security
Degradation
Delay
Information systems
Military communication
Military computing
Protection
title Assessing and quantifying denial of service attacks
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-28T17%3A24%3A11IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-ieee_6IE&rft_val_fmt=info:ofi/fmt:kev:mtx:book&rft.genre=proceeding&rft.atitle=Assessing%20and%20quantifying%20denial%20of%20service%20attacks&rft.btitle=2001%20MILCOM%20Proceedings%20Communications%20for%20Network-Centric%20Operations:%20Creating%20the%20Information%20Force%20(Cat.%20No.01CH37277)&rft.au=Gregg,%20D.M.&rft.date=2001&rft.volume=1&rft.spage=76&rft.epage=80%20vol.1&rft.pages=76-80%20vol.1&rft.isbn=9780780372252&rft.isbn_list=0780372255&rft_id=info:doi/10.1109/MILCOM.2001.985767&rft_dat=%3Cieee_6IE%3E985767%3C/ieee_6IE%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rft_ieee_id=985767&rfr_iscdi=true