Composite DoS attack model

Preparation for potential threats is one of the most important phases ensuring system security. It allows evaluating possible losses, changes in the attack process, the effectiveness of used countermeasures, optimal system settings, etc. In cyberattack cases, executing real experiments can be difficult for many reasons. However, mathematical or programming models can be used instead of conducting experiments in a real environment. This work proposes a composite denial of service attack model that combines bandwidth exhaustion, filtering and memory depletion models for a more real representation of similar cyber-attacks. On the basis of the introduced model, different experiments were done. They showed the main dependencies of the influence of attacker and victim’s properties on the success probability of denial of service attack. In the future, this model can be used for the denial of service attack or countermeasure optimization. Article in English. Jungtinis DoS atakų modelis Santrauka. Siekiant užkirsti kelią bet kokioms sistemų saugumo grėsmėms, vienas iš svarbiausių uždavinių yra prevencija. Tai leidžia numatyti galimus pavojus ir kovos su jais būdus, nustatyti jų efektyvumą ir pan. Tačiau realiai eksperimentuoti su turima sistema dažnai gali būti pernelyg sudėtinga, todėl daug lengviau šią problemą spręsti padeda matematiniai / programiniai modeliai. Straipsnyje siūlomas naujas DoS atakų modelis, sujungiantis kelių tipų DoS atakas (srauto ir atminties išnaudojimo, netinkamo filtrų nustatymo) ir jų įtaką viena kitai. Remiantis šiuo naujai sukurtu modeliu atlikti eksperimentai, kurių metu vertinama skirtingų atakos ir aukos savybių reikšmių įtaka bendrai atakos sėkmės tikimybei. Raktiniai žodžiai: elektroninės paslaugos trikdymo ataka; modelis; DoS; DDo

An Information Flow Method to Detect Denial of Service Vulnerabilities

Meadows recently proposed a formal cost-based framework for the analysis of denial of service, showing how to formalize some existing principles used to make cryptographic protocols more resistant to denial of service by comparing the cost to the defender against the cost to the attacker. The firrst contribution of this paper is to introduce a new security property called impassivity designed to capture the abiity of a protocol to achieve these goals in the framework of a generic value-passing process algebra called Security Process Algebra (SPPA) extended with local function calls, cryptographic primitives and special semantic features in order to handle cryptographic protocols. Impassivity is defined as an information flow property founded on bisimulation-based non-deterministic admissible interference. A sound and complete proof method for impassivity is provided. The method extends previous results of the authors on bisimulation-based non-deterministic admissible interference and its application to the analysis of cryptographic protocols. It is illustrated by its application to the TCP/IP protocol. Key Words: Denial of service, Protocols, A