Analyzing the Secure Overlay Services Architecture under Intelligent DDoS Attacks
Abstract
Distributed Denial of Service (DDoS) attacks are currently major threats to communication in the Internet. A secure overlay services (SOS) architecture has been proposed to provide reliable communication between clients and a target under DDoS attacks. The SOS architecture employs a set of overlay nodes arranged in three hierarchical layers that controls access to the target. Although the architecture is novel and works well under simple congestion based attacks, we observe that it is vulnerable under more intelligent attacks. We generalize the SOS architecture by introducing more flexibility in layering to the original architecture. We define two intelligent DDoS attack models and develop an analytical approach to study the impacts of the number of layers, number of neighbors per node and thenode distribution per layer on the system performance under these two attack models. Our data clearly demonstrate that performance is indeed sensitive to the design features and the different design features interact with each other to impact overall system performance.
Recommended Citation
D. Xuan et al., "Analyzing the Secure Overlay Services Architecture under Intelligent DDoS Attacks," Proceedings of the 24th International Conference on Distributed Computing Systems, Institute of Electrical and Electronics Engineers (IEEE) Computer Society, Mar 2004.
Department(s)
Computer Science
Keywords and Phrases
Intelligent DDoS Attacks; SOS Architecture; Secure Overlay Services
Document Type
Article - Conference proceedings
Document Version
Citation
File Type
text
Language(s)
English
Rights
© 2004 Institute of Electrical and Electronics Engineers (IEEE) Computer Society, All rights reserved.
Publication Date
01 Mar 2004
