On the accuracy of formal verification of selective defenses for TDoS attacks

Telephony Denial of Service (TDoS) attacks target telephony services, such as Voice over IP (VoIP), not allowing legitimate users to make calls. There are few defenses that attempt to mitigate TDoS attacks, most of them using IP filtering, with limited applicability. In our previous work, we proposed to use selective strategies for mitigating HTTP Application-Layer DDoS Attacks demonstrating their effectiveness in mitigating different types of attacks. Developing such types of defenses is challenging as there are many design options, eg, which dropping functions and selection algorithms to use. Our first contribution is to demonstrate both experimentally and by using formal verification that selective strategies are suitable for mitigating TDoS attacks. We used our formal model to help decide which selective strategies to use with much less effort than carrying out experiments. Our second contribution is a detailed comparison of the results obtained from our formal models and the results obtained by carrying out experiments. We demonstrate that formal methods is a powerful tool for specifying defenses for mitigating Distributed Denial of Service attacks allowing to increase our confidence on the proposed defense before actual implementation.

[1]  Xiao-Yu Wan,et al.  A SIP DoS Flooding Attack Defense Mechanism Based on Custom Weighted Fair Queue Scheduling , 2010, 2010 International Conference on Multimedia Technology.

[2]  S. Khanna,et al.  Adaptive Selective Verification , 2008, IEEE INFOCOM 2008 - The 27th Conference on Computer Communications.

[3]  Mahesh Viswanathan,et al.  On Statistical Model Checking of Stochastic Systems , 2005, CAV.

[4]  Vivek Nigam,et al.  Formal Specification and Verification of a Selective Defense for TDoS Attacks , 2016, WRLA.

[5]  José Meseguer,et al.  Twenty years of rewriting logic , 2010, J. Log. Algebraic Methods Program..

[6]  Panagiotis Galiotos,et al.  Call-Level VoIP Traffic Modelling Based on Data from a Real-Life VoIP Service Provider , 2015, 2015 IEEE Globecom Workshops (GC Wkshps).

[7]  José Meseguer,et al.  PMaude: Rewrite-based Specification Language for Probabilistic Object Systems , 2006, QAPL.

[8]  José Meseguer,et al.  Probabilistic Modeling and Analysis of DoS Protection for the ASV Protocol , 2009, Electron. Notes Theor. Comput. Sci..

[9]  Yu Cheng,et al.  Detection and prevention of SIP flooding attacks in voice over IP networks , 2012, 2012 Proceedings IEEE INFOCOM.

[10]  Saverio Niccolini,et al.  Protecting SIP against Very Large Flooding DoS Attacks , 2009, GLOBECOM 2009 - 2009 IEEE Global Telecommunications Conference.

[11]  Catherine A. Meadows,et al.  A formal framework and evaluation method for network denial of service , 1999, Proceedings of the 12th IEEE Computer Security Foundations Workshop.

[12]  Adam Lipowski,et al.  Roulette-wheel selection via stochastic acceptance , 2011, ArXiv.

[13]  José Meseguer,et al.  Statistical Model Checking for Composite Actor Systems , 2012, WADT.

[14]  Sanjeev Khanna,et al.  Adaptive Selective Verification: An Efficient Adaptive Countermeasure to Thwart DoS Attacks , 2012, IEEE/ACM Transactions on Networking.

[15]  Chi Zhou,et al.  Sketch-Based SIP Flooding Detection Using Hellinger Distance , 2009, GLOBECOM 2009 - 2009 IEEE Global Telecommunications Conference.

[16]  José Meseguer,et al.  Model-Checking DoS Amplification for VoIP Session Initiation , 2009, ESORICS.

[17]  Chang-Yong Lee,et al.  Design and implementation of SIP-aware DDoS attack detection system , 2009, ICIS '09.

[18]  Saurabh Bagchi,et al.  SCIDIVE: a stateful and cross protocol intrusion detection architecture for voice-over-IP environments , 2004, International Conference on Dependable Systems and Networks, 2004.

[19]  Vitaly Shmatikov,et al.  Game-based analysis of denial-of-service prevention protocols , 2005, 18th IEEE Computer Security Foundations Workshop (CSFW'05).

[20]  Vivek Nigam,et al.  A Selective Defense for Mitigating Coordinated Call Attacks , 2016 .

[21]  Vivek Nigam,et al.  A Selective Defense for Application Layer DDoS Attacks , 2014, 2014 IEEE Joint Intelligence and Security Informatics Conference.

[22]  Iguatemi E. Fonseca,et al.  Shade: uma estratégia seletiva para mitigar ataques DDOS na camada de aplicação em redes definidas por software , 2016 .

[23]  Yu Cheng,et al.  SIP Flooding Attack Detection with a Multi-Dimensional Sketch Design , 2014, IEEE Transactions on Dependable and Secure Computing.

[24]  José Meseguer,et al.  PVeStA: A Parallel Statistical Model Checking and Quantitative Analysis Tool , 2011, CALCO.

[25]  Zhang Li,et al.  A SIP DoS flooding attack defense mechanism based on priority class queue , 2010, 2010 IEEE International Conference on Wireless Communications, Networking and Information Security.

[26]  Avishai Mandelbaum,et al.  Statistical Analysis of a Telephone Call Center , 2005 .

[27]  José Meseguer,et al.  Stable Availability under Denial of Service Attacks through Formal Patterns , 2012, FASE.

[28]  Lothar Thiele,et al.  A Mathematical Analysis of Tournament Selection , 1995, ICGA.