Dependability Modeling and Analysis of Random Port Hopping

Since effective Denial of Service (DoS) solutions are based on the quite expensive commercial devices that perform stateful filtering, in general, they are not always available for stateless traffic, and are not suitable for all organizations. The random port hopping (RPH) by Badishi et al. (2005, 2007) provides a robust communication protocol to decentralize influences by malicious DoS attacks, and is regarded as a low-cost and dependable packet filtering, where the port number used for communication is changed randomly. However, the RPH has not been used yet as a standard communication protocol in the real world, because the utility and limitation of RPH against general DoS attack patterns are still unclear. In this paper, we develop quantitative dependability models of RPH by means of the discrete-time Markov chain (DTMC) and refine the existing RPH protocol in terms of the communication success rate.

[1]  Tadashi Dohi,et al.  Sensitivity Analysis of Random Port Hopping , 2010, 2010 7th International Conference on Ubiquitous Intelligence & Computing and 7th International Conference on Autonomic & Trusted Computing.

[2]  Christina Hattingh,et al.  End-to-end qos network design , 2005 .

[3]  Idit Keidar,et al.  Denial of Service ? Leave it to Beaver , 2007 .

[4]  Idit Keidar,et al.  Denial of Service Protection with Beaver , 2006, From Security to Dependability.

[5]  M. Abliz Internet Denial of Service Attacks and Defense Mechanisms , 2011 .

[6]  Carl E. Landwehr,et al.  Basic concepts and taxonomy of dependable and secure computing , 2004, IEEE Transactions on Dependable and Secure Computing.

[7]  H.C.J. Lee,et al.  Port hopping for resilient networks , 2004, IEEE 60th Vehicular Technology Conference, 2004. VTC2004-Fall. 2004.

[8]  Marina Papatriantafilou,et al.  Mitigating Distributed Denial of Service Attacks in Multiparty Applications in the Presence of Clock Drifts , 2012, IEEE Trans. Dependable Secur. Comput..

[9]  Idit Keidar,et al.  Keeping Denial-of-Service Attackers in the Dark , 2007, IEEE Transactions on Dependable and Secure Computing.

[10]  Kishor S. Trivedi Probability and Statistics with Reliability, Queuing, and Computer Science Applications , 1984 .