Feedback control for resiliency in face of an attack

Distributed Denial of Service(DDoS) attacks are inevitable. The existing defensive mechanisms are relatively outdated. In this paper, we present a passive mechanism to reduce the impact of an attack on the network. We designed and implemented a robust feedback architecture, to maintain the stability of the network despite attacks. During an attack, the controller of the feedback architecture detects the irregularities in the response time and the necessary changes are made to the configuration to maintain the network in steady state. In this approach first, we model the network using black-box system identification technique. Second, we validate the model with test data by conducting various experiments such as varying the network topology. Last, we test the model with the feedback architecture built in our lab environment. Results show that the feedback architecture provides an average model fit accuracy with positive results.1

[1]  Chenyang Lu,et al.  Introduction to Control Theory And Its Application to Computing Systems , 2008 .

[2]  Lennart Ljung,et al.  System Identification: Theory for the User , 1987 .

[3]  Yixin Diao,et al.  Feedback Control of Computing Systems , 2004 .

[4]  Qian Wang,et al.  An LPV approximation for admission control of an internet web server: Identification and control , 2007 .

[5]  Ramkrishna Pasumarthy,et al.  Identification and Multivariable Gain-Scheduling Control for Cloud Computing Systems , 2017, IEEE Transactions on Control Systems Technology.

[6]  Ram Dantu,et al.  Fast Worm Containment Using Feedback Control , 2007, IEEE Transactions on Dependable and Secure Computing.

[7]  Qilu Sun,et al.  LPV Model and Its Application in Web Server Performance Control , 2008, 2008 International Conference on Computer Science and Software Engineering.

[8]  Thomas Vogel,et al.  Software Engineering Meets Control Theory , 2015, 2015 IEEE/ACM 10th International Symposium on Software Engineering for Adaptive and Self-Managing Systems.

[9]  Liuping Wang,et al.  Control Oriented System Identification for Performance Management in Virtualized Software System , 2014 .

[10]  Joseph L. Hellerstein,et al.  Using Control Theory to Achieve Service Level Objectives In Performance Management , 2002, Real-Time Systems.

[11]  Jie Li,et al.  Resilience of Routing in Parallel Link Networks , 2016, GameSec.

[12]  R. Firoozian Feedback Control Theory , 2009 .

[13]  A. Robertsson,et al.  Design and evaluation of load control in Web server systems , 2004, Proceedings of the 2004 American Control Conference.

[14]  Liuping Wang,et al.  Hammerstein-Wiener nonlinear model based predictive control for relative QoS performance and resource management of software systems , 2012 .

[15]  Liuping Wang,et al.  Hammerstein-Weiner nonlinear model based predictive control for QoS management in complex software systems , 2012 .

[16]  Joseph L. Hellerstein,et al.  Using Control Theory to Achieve Service Level Objectives In Performance Management , 2001, 2001 IEEE/IFIP International Symposium on Integrated Network Management Proceedings. Integrated Network Management VII. Integrated Management Strategies for the New Millennium (Cat. No.01EX470).

[17]  Alex Simpkins,et al.  System Identification: Theory for the User, 2nd Edition (Ljung, L.; 1999) [On the Shelf] , 2012, IEEE Robotics & Automation Magazine.