How Much Bandwidth Can Attack Bots Commandeer?

Abstract

In a shared channel model for Internet links, bandwidth is shared by principled users who abide by communal principles for snaring and using bandwidth and unprincipled scofflaws who seek to commandeer as much of the bandwidth as possible to effect disruptions such as spam and DoS attacks. Attacks are magnified by the spread of bots that surreptitiously take over the functioning of legitimate users. In such settings the natural filtering by router policies at ingress nodes and the rate of growth of link capacities towards the backbone play key roles in determining what fraction of the bandwidth is eventually commandeered. These considerations are presented in detail for a tree topology with users scattered at the leaves and with varying link capacity assignments and idealised router policies.