Please use this identifier to cite or link to this item: http://hdl.handle.net/10397/10734
Title: Modeling the vulnerability of feedback-control based internet services to low-rate DoS attacks
Authors: Tang, Y
Luo, X 
Hui, Q
Chang, RKC 
Keywords: Feedback control
Low-rate DoS attack
Performance degradation
Stability
Switched system
Issue Date: 2014
Publisher: Institute of Electrical and Electronics Engineers
Source: IEEE transactions on information forensics and security, 2014, v. 9, no. 3, 6670771, p. 339-353 How to cite?
Journal: IEEE transactions on information forensics and security 
Abstract: Feedback control is a critical element in many Internet services (e.g., quality-of-service aware applications). Recent research has demonstrated the vulnerability of some feedback-control based applications to low-rate denial-of-service (LRDoS) attacks, which send high-intensity requests in an ON/OFF pattern to degrade the victim's performance and evade the detection designed for traditional DoS attacks. However, the intricate interaction between LRDoS attacks and the feedback control mechanism remains largely unknown. In this paper, we address two fundamental questions: 1) what is the impact of an LRDoS attack on a general feedback-control based system and 2) how to conduct a systematic evaluation of the impact of an LRDoS attack on specific feedback-control based systems. To tackle these problems, we model the system under attack as a switched system and then examine its properties. We conduct the first theoretical investigation on the impact of the LRDoS attack on a general feedback control system. We formally show that the attack can make the system's steady-state error oscillate along with the attack period, and prove the existence of LRDoS attacks that can force the system to be far off the desired state. In addition, we propose a novel methodology to systematically characterize the impact of an LRDoS attack on specific systems, and apply it to a web server and an IBM Notes server. This investigation obtains many new insights, such as new attack scenarios, the bound of the system's states, the relationship between the bound and the LRDoS attacks, the close-formed equations for quantifying the impact, and so on. The extensive experimental results are congruent with the theoretical analysis.
URI: http://hdl.handle.net/10397/10734
ISSN: 1556-6013
EISSN: 1556-6021
DOI: 10.1109/TIFS.2013.2291970
Appears in Collections:Journal/Magazine Article

Access
View full-text via PolyU eLinks SFX Query
Show full item record

SCOPUSTM   
Citations

13
Last Week
0
Last month
0
Citations as of Sep 23, 2017

WEB OF SCIENCETM
Citations

8
Last Week
0
Last month
0
Citations as of Sep 22, 2017

Page view(s)

39
Last Week
1
Last month
Checked on Sep 24, 2017

Google ScholarTM

Check

Altmetric



Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.