Issue No. 02 - April-June (2009 vol. 6)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/TDSC.2008.73
Jelena Mirkovic , University of Southern California Information Sciences Institute, Marina Del Rey
Alefiya Hussain , Sparta, Inc, El Segundo
Sonia Fahmy , Purdue University, West Lafayette
Peter Reiher , UCLA, Los Angeles
Roshan K. Thomas , Sparta, Inc, Centreville
Researchers in the denial-of-service (DoS) field lack accurate, quantitative, and versatile metrics to measure service denial in simulation and testbed experiments. Without such metrics, it is impossible to measure severity of various attacks, quantify success of proposed defenses, and compare their performance. Existing DoS metrics equate service denial with slow communication, low throughput, high resource utilization, and high loss rate. These metrics are not versatile because they fail to monitor all traffic parameters that signal service degradation. They are not quantitative because they fail to specify exact ranges of parameter values that correspond to good or poor service quality. Finally, they are not accurate since they were not proven to correspond to human perception of service denial. We propose several DoS impact metrics that measure the quality of service experienced by users during an attack. Our metrics are quantitative: they map QoS requirements for several applications into measurable traffic parameters with acceptable, scientifically determined thresholds. They are versatile: they apply to a wide range of attack scenarios, which we demonstrate via testbed experiments and simulations. We also prove metrics' accuracy through testing with human users.
Network-level security and protection, communication/networking and information technology, computer systems organization, measurement techniques, performance of systems.
A. Hussain, J. Mirkovic, P. Reiher, S. Fahmy and R. K. Thomas, "Accurately Measuring Denial of Service in Simulation and Testbed Experiments," in IEEE Transactions on Dependable and Secure Computing, vol. 6, no. , pp. 81-95, 2008.