Modeling of two-tier DDoS by combining different type of DDoS models

Abstract

Modeling of Distributed Denial of Service (DDoS) attacks is a multidimensional problem as different resources are used at the same time. Existing DDoS attacks models analyze usage of only one resource as most attack relay on exhausting one specific resource. However intersection of legal user flaw and attacks or multiple attacks' flows requires a composite view to the problem. In this paper we present a model for modeling a two-tier DDoS attack. We assume three different kinds of resources are exhausted at the same moment and they influence each other, therefore cannot be modeled as separate ones. Results of executed research reveal the usage of two-tier model rather than one-tier model pays off in precise for smaller scale attacks, while big scale attacks are more concentrated on one resource exhaustion and the intersection is not as important.