Abstract

There is a critical need for a common evaluation methodology for distributed denial-of-service (DDoS) defenses, to enable their independent evaluation and comparison. We describe our work on developing this methodology, which consists of: (i) a benchmark suite defining the elements necessary to recreate DDoS attack scenarios in a testbed setting, (ii) a set of performance metrics that express a defense system's effectiveness, cost, and security, and (iii) a specification of a testing methodology that provides guidelines on using benchmarks and summarizing and interpreting performance measures. We identify three basic elements of a test scenario: (i) the attack, (ii) the legitimate traffic, and (iii) the network topology including services and resources. The attack dimension defines the attack type and features, while the legitimate traffic dimension defines the mix of the background traffic that interacts with the attack …

Metadata

publication

MILCOM 2006-2006 IEEE Military Communications conference, 1-10, 2006

year

2006

publication date

2006/10/23

authors

Jelena Mirkovic, Erinc Arikan, Songjie Wei, Roshan Thomas, Sonia Fahmy, Peter Reiher

link

https://ieeexplore.ieee.org/abstract/document/4086729/

resource_link

https://www.cs.purdue.edu/homes/fahmy/papers/MilBench.pdf

conference

MILCOM 2006-2006 IEEE Military Communications conference

pages

1-10

publisher

IEEE