Sustainability of Service Provisioning Systems Under Stealth DoS Attacks

Abstract

We model a service provisioning system under attack by malicious intruders. The system consists of a bank of servers providing service to incoming requests. Malicious intruders generate fake requests attempting to degrade service provisioning—the fake traffic is assumed low rate and, thus, it is practically undetectable. Legitimate traffic may be balanced using available mechanisms in order to mitigate the damage from the attack. We characterize the guaranteed throughput region , that is, the legitimate traffic intensities that are guaranteed to be supported given specific intensities of the fake traffic. The result is first obtained under the assumption that fake traffic is routed using any static routing. Then, we relax this assumption allowing time-varying attacks. We show that depending on the resources of the malicious attacker and by the use of nonstationary attack policies, some of the servers are effectively neutralized and the guaranteed throughput is greatly compromised. We further examine the interaction between specific policies and encounter interesting phenomena, such as the Join-the-Shortest-Queue not being a maximally stable defense policy under specific time-varying attacks. The study offers defense insights, how to design the system, and how to balance the traffic to sustain such attacks.