Transforming the Responsibility for Trusted Denial-of-Service Mitigation in the Internet

The question addressed in this research is how to transform the cost of mitigating Denial-of-Service (DoS) attacks on the Internet from a burden on the potential victim to a burden on attackers. Reducing the cost of mitigation DoS attacks to the victims and increasing that burden on the attackers helps enhance trust in the network.

The project proposes three focal points for metrics, both technical and economic: 1) the impact on the potential victim of an attack (examining the quality of experience (QoE) of the applications at the victim and then understanding how that is reflected in the exhaustion of lower-level resources such as bandwidth, CPU, and memory); 2) the burden on potential attackers (the question to ask with respect to the attackers is the “cost” to them in terms of performance and utilization of resources); and 3) the impact on the infrastructure of the network itself (their primary resource to be evaluated is bandwidth, but also the router capacity on performance and economic level).    

WHY IS THIS RESEARCH IMPORTANT? 

The contributions of this project are both technical and economic. In particular: 

1. Putting the burden both computationally and economically on the attackers rather than the victims and their agents will significantly change the dynamics, reducing or eliminating these types of attacks when the cost becomes too great. 

2. Because it is well understood that attackers will move to less burdensome forms of attacks, understanding and eliminating whole classes of attacks and the protocols used to launch them with respect to other widely utilized protocols or protocols critical to the infrastructure, such as NTP, will significantly reduce the opportunities for successful attacks. 

3. More broadly, by bringing together both technical and economic analysis, the research has a significant impact on the commercial side of networking. As an example, if Internet providers are able to evaluate their options both technically and economically in helping to reduce unwanted and malicious traffic with either minimal negative impact on their customers or perhaps even with a positive economic and experiential effect on their customers, the benefit of this approach is that it improves the trust that society places in the Internet. The final result is an opportunity to improve overall trust in the Internet, specifically with respect to resistance to, and lowered costs of handling volumetric denial-of-service attacks. 

METHODOLOGY  

This research has an experimental methodological approach.  

In order to run the experiments and collect the data, the “Merge testbed Platform” is used (an emulation facility designed specifically for security experimentation). Because very large amounts of intentionally malicious traffic are sent, such experiments cannot be performed on a live, operational network without significant negative impact. Merge is designed not only for isolation of security experiments but also to create suites of experiments controlling for a wide variety of configurations such as topology, computation and memory sizes of the nodes, characterization of links (e.g. bandwidth, packet loss, jitter, etc.), operating systems, and so forth. 

For each of the four scenarios (TCP/HTTP, TLS/HTTPS, UDP and possibly NTP), four sets of experiments will be performed, measuring both user-level transaction completion as well as bandwidth, CPU utilization, and memory utilization, from the perspectives of the intended victims, the attackers and routers internal to the network: (1) No attacks and no mitigation, as a baseline; (2) Attacks and no mitigation, as the worst case scenario; (3) No attacks, but mitigation present, as the normal case when prepared for an attack, as the cost of mitigation; and (4) Attacks and mitigation, as the benefit of mitigation.  

With the resulting data from the experiments, the analysis involves aggregation, cross-correlation, and development of economic models.