An Analytical Model for DDoS Attacks and Defense

Abstract

Distributed denial of service (DDoS) attack has been identified as one of the most serious problems on the Internet. While much of the current research focus on DDoS countermeasures, little attention has been paid on DDoS modeling, which is one of the important aspects that can help provide better solutions against DDoS attacks. This paper proposes an analytical model for the interactions between DDoS attack party and defense party, which allows us to have a deep insight of the interactions between the attack and defense parties. Many refinements of the basic analytical model such as reinforcement of the defense party and loss in defense party are given in the paper, which suit for many real DDoS scenarios. Moreover, the applications of this model demonstrate that the model can precisely estimate the effectiveness of a DDoS defense system before it encounters different attacks and quantitatively estimate the optimal level of investment on DDoS defense system. Additionally, it can also be applied to model some other network security problems such as virus and spam defense