ScienceDirect® Home Skip Main Navigation Links
You have guest access to ScienceDirect. Find out more.
 
Home
Browse
My Settings
Alerts
Help
 Quick Search
 Search tips (Opens new window)
    Clear all fields    
advertisementadvertisement
Computer Networks
Volume 51, Issue 12, 22 August 2007, Pages 3564-3573
 
Font Size: Decrease Font Size  Increase Font Size
 Abstract - selected
Article
Purchase PDF (275 K)

  E-mail Article   
  Add to my Quick Links   
Bookmark and share in 2collab (opens in new window)
Request permission to reuse this article
  Cited By in Scopus (1)
 
 
 
Related Articles in ScienceDirect
View More Related Articles
 
View Record in Scopus
 
doi:10.1016/j.comnet.2007.02.011    How to Cite or Link Using DOI (Opens New Window)
Copyright © 2007 Elsevier B.V. All rights reserved.

A queueing analysis for the denial of service (DoS) attacks in computer networks

Yang Wanga, E-mail The Corresponding Author, Chuang Lina, E-mail The Corresponding Author, Quan-Lin Lib, E-mail The Corresponding Author and Yuguang Fangc, Corresponding Author Contact Information, E-mail The Corresponding Author

aDepartment of Computer Science and Technology, Tsinghua University, Beijing 100084, China bDepartment of Industrial Engineering, Tsinghua University, Beijing 100084, China cDepartment of Electrical and Computer Engineering, University of Florida, Gainesville, FL 32611, United States

Received 10 May 2006; 
revised 25 December 2006; 
accepted 19 February 2007. 
Responsible Editor: Christos Douligeris. 
Available online 18 March 2007.

Purchase the full-text article



References and further reading may be available for this article. To view references and further reading you must purchase this article.

Abstract

In most network security analysis, researchers mainly focus on qualitative studies on security schemes and possible attacks, and there are few papers on quantitative analysis in the current literature. In this paper, we propose one queueing model for the evaluation of the denial of service (DoS) attacks in computer networks. The network under DoS attacks is characterized by a two-dimensional embedded Markov chain model. With this model, we can develop a memory-efficient algorithm for finding the stationary probability distribution which can be used to find other interesting performance metrics such as the connection loss probability and buffer occupancy percentages of half-open connections for regular traffic and attack traffic. Different from previous works in the literature, this paper gives a more general analytical approach to the study of security measures of a computer network under DoS attacks. We hope that our approach opens a new avenue to the quantitative evaluation of more complicated security schemes in computer networks.

Keywords: DoS attack; Network security; Queueing; Connection loss probability

Article Outline

1. Introduction
2. Model description
3. Two-dimensional embedded Markov chain
4. A level-eliminating algorithm
5. Security performance metrics and numerical examples
6. Conclusions and future work
Acknowledgements
References
Vitae




Computer Networks
Volume 51, Issue 12, 22 August 2007, Pages 3564-3573
 
Home
Browse
My Settings
Alerts
Help
Elsevier.com (Opens new window)
About ScienceDirect  |  Contact Us  |  Information for Advertisers  |  Terms & Conditions  |  Privacy Policy
Copyright © 2008 Elsevier B.V. All rights reserved. ScienceDirect® is a registered trademark of Elsevier B.V.