Detecting dos attacks and service violations in qos-enabled networks

Mohamed Hefeeda, Ahsan Habib

Research output: Chapter in Book/Report/Conference proceedingChapter

Abstract

The Internet currently plays a critical role in society, and it thus requires careful protection from malicious activities such as dental of service (DoS) attacks. DoS attacks can consume memory, CPU, and network bandwidth of a victim site, and they could hinder its operation or temporarily shut it down. The first part of this chapter is devoted to studying different types of DoS attacks and the of mechanisms proposed in the literature to defend against them. The second part of the chapter focuses on attacks on quality of service (QoS) enabled networks, which offer different levels of service. Attacks on QoS-enabled networks include stealing network resources, e.g., bandwidth, and degrading the service perceived by other users. We present network monitoring techniques to detect service violations and to infer DoS attacks in early stages. The last part of the chapter provides a quantitative comparison among all defense schemes for DoS and QoS attacks. The comparison highlights the merits of each scheme and estimates the overhead (both processing and communication) introduced by it. The comparison also provides guidelines for selecting the appropriate defense scheme, or a combination of schemes, based on the requirements and how much overhead can be tolerated.

Original languageEnglish
Title of host publicationHandbook of Security and Networks
PublisherWorld Scientific Publishing Co.
Pages191-220
Number of pages30
ISBN (Print)9789814273046, 9789814273039
DOIs
Publication statusPublished - 1 Jan 2011
Externally publishedYes

Fingerprint

Quality of service
Bandwidth
Program processors
Internet
Data storage equipment
Monitoring
Communication
Processing

ASJC Scopus subject areas

  • Computer Science(all)

Cite this

Hefeeda, M., & Habib, A. (2011). Detecting dos attacks and service violations in qos-enabled networks. In Handbook of Security and Networks (pp. 191-220). World Scientific Publishing Co.. https://doi.org/10.1142/9789814273046_0007

Detecting dos attacks and service violations in qos-enabled networks. / Hefeeda, Mohamed; Habib, Ahsan.

Handbook of Security and Networks. World Scientific Publishing Co., 2011. p. 191-220.

Research output: Chapter in Book/Report/Conference proceedingChapter

Hefeeda, M & Habib, A 2011, Detecting dos attacks and service violations in qos-enabled networks. in Handbook of Security and Networks. World Scientific Publishing Co., pp. 191-220. https://doi.org/10.1142/9789814273046_0007
Hefeeda M, Habib A. Detecting dos attacks and service violations in qos-enabled networks. In Handbook of Security and Networks. World Scientific Publishing Co. 2011. p. 191-220 https://doi.org/10.1142/9789814273046_0007
Hefeeda, Mohamed ; Habib, Ahsan. / Detecting dos attacks and service violations in qos-enabled networks. Handbook of Security and Networks. World Scientific Publishing Co., 2011. pp. 191-220
@inbook{69a7cf06ec7848c5b53df7e24f3e1c68,
title = "Detecting dos attacks and service violations in qos-enabled networks",
abstract = "The Internet currently plays a critical role in society, and it thus requires careful protection from malicious activities such as dental of service (DoS) attacks. DoS attacks can consume memory, CPU, and network bandwidth of a victim site, and they could hinder its operation or temporarily shut it down. The first part of this chapter is devoted to studying different types of DoS attacks and the of mechanisms proposed in the literature to defend against them. The second part of the chapter focuses on attacks on quality of service (QoS) enabled networks, which offer different levels of service. Attacks on QoS-enabled networks include stealing network resources, e.g., bandwidth, and degrading the service perceived by other users. We present network monitoring techniques to detect service violations and to infer DoS attacks in early stages. The last part of the chapter provides a quantitative comparison among all defense schemes for DoS and QoS attacks. The comparison highlights the merits of each scheme and estimates the overhead (both processing and communication) introduced by it. The comparison also provides guidelines for selecting the appropriate defense scheme, or a combination of schemes, based on the requirements and how much overhead can be tolerated.",
author = "Mohamed Hefeeda and Ahsan Habib",
year = "2011",
month = "1",
day = "1",
doi = "10.1142/9789814273046_0007",
language = "English",
isbn = "9789814273046",
pages = "191--220",
booktitle = "Handbook of Security and Networks",
publisher = "World Scientific Publishing Co.",

}

TY - CHAP

T1 - Detecting dos attacks and service violations in qos-enabled networks

AU - Hefeeda, Mohamed

AU - Habib, Ahsan

PY - 2011/1/1

Y1 - 2011/1/1

N2 - The Internet currently plays a critical role in society, and it thus requires careful protection from malicious activities such as dental of service (DoS) attacks. DoS attacks can consume memory, CPU, and network bandwidth of a victim site, and they could hinder its operation or temporarily shut it down. The first part of this chapter is devoted to studying different types of DoS attacks and the of mechanisms proposed in the literature to defend against them. The second part of the chapter focuses on attacks on quality of service (QoS) enabled networks, which offer different levels of service. Attacks on QoS-enabled networks include stealing network resources, e.g., bandwidth, and degrading the service perceived by other users. We present network monitoring techniques to detect service violations and to infer DoS attacks in early stages. The last part of the chapter provides a quantitative comparison among all defense schemes for DoS and QoS attacks. The comparison highlights the merits of each scheme and estimates the overhead (both processing and communication) introduced by it. The comparison also provides guidelines for selecting the appropriate defense scheme, or a combination of schemes, based on the requirements and how much overhead can be tolerated.

AB - The Internet currently plays a critical role in society, and it thus requires careful protection from malicious activities such as dental of service (DoS) attacks. DoS attacks can consume memory, CPU, and network bandwidth of a victim site, and they could hinder its operation or temporarily shut it down. The first part of this chapter is devoted to studying different types of DoS attacks and the of mechanisms proposed in the literature to defend against them. The second part of the chapter focuses on attacks on quality of service (QoS) enabled networks, which offer different levels of service. Attacks on QoS-enabled networks include stealing network resources, e.g., bandwidth, and degrading the service perceived by other users. We present network monitoring techniques to detect service violations and to infer DoS attacks in early stages. The last part of the chapter provides a quantitative comparison among all defense schemes for DoS and QoS attacks. The comparison highlights the merits of each scheme and estimates the overhead (both processing and communication) introduced by it. The comparison also provides guidelines for selecting the appropriate defense scheme, or a combination of schemes, based on the requirements and how much overhead can be tolerated.

UR - http://www.scopus.com/inward/record.url?scp=84967588272&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84967588272&partnerID=8YFLogxK

U2 - 10.1142/9789814273046_0007

DO - 10.1142/9789814273046_0007

M3 - Chapter

SN - 9789814273046

SN - 9789814273039

SP - 191

EP - 220

BT - Handbook of Security and Networks

PB - World Scientific Publishing Co.

ER -