Welcome to Journal of University of Chinese Academy of Sciences,Today is

›› 2010, Vol. 27 ›› Issue (1): 107-116.DOI: 10.7523/j.issn.2095-6134.2010.1.014

• Research Articles • Previous Articles     Next Articles

An efficiency evaluation methodology of DoS attack and defense mechanisms based on queueing theory

WANG Bi-Da1, LIAN Yi-Feng2,3   

  1. 1. State Key Laboratory of Information Security, Graduate University of the Chinese Academy of Sciences,Beijing 100049,China;
    2. Institute of Software, Chinese Academy of Sciences, Beijing 100190, China;
    3. National Engineering Research Center of Information Security(NERCIS), Beijing 100080, China
  • Received:2009-05-15 Revised:2009-07-28 Online:2010-01-15

Abstract:

This paper presents a new efficiency evaluation methodology of DoS attack and defense mechanisms based on queueing theory. The unified index system and evaluation algorithm were proposed for various types of DoS attack and prevention. We also built queueing models to do the quantitative assessment and analyze objectively the efficiency of UDP Flood and SYN Flood. Network simulation tools were used in typical DoS attack scenarios. The rationality of the queueing models is verified through comparison of the experimental data with the results derived by the models. In addition, the utilization of this evaluation method in efficiency comparison of different types of DoS attack and defense mechanisms is illuminated through examples.

Key words: queueing theory, DoS attack and defense mechanisms, index system, efficiency evaluation

CLC Number: