Denial of Service Handling
- Denial of Service Handling
- the
security
quality subfactor
representing the degree to which
decreased performance and/or
operational availability
caused by denial of service (DoS) attacks is properly handled
The typical objectives of denial of service handling are to:
- Ensure that security properly addresses the malicious harm that can be
caused by denial of service (DoS) attacks
- Model the degree to which decreased performance and/or operational availability
caused by DoS attacks is:
- Prevented
- Detected
- Reacted to
- Adapted to
- Support the analysis and specification of
denial of service handling requirements
Denial of service handling is typically measured in terms
of:
- Maximum/average actual/percentage decrease in performance per DoS attack
- Maximum/average actual/percentage decrease in operational availability per DoS attack
- Maximum/average downtime per DoS attack
- Percentage of DoS attacks detected
- Percentage of DoS attacks responed to in a specific manner (e.g., failover, notification of security engineer)
Typical mechanisms for improving denial of service handling include:
- Deny access to services by unauthorized users.
- Use multiple URLs in case a denial of service attack
causes excessive service requests do a single server.
- Use a laser instead of radio for wireless communication
to limit the possibility of jamming.
The following guidelines have been found to be useful
regarding denial of service handling:
- Denial of service handling is typically called availability in the security community.
However, denial of service handling is quite different from the
traditional operational availability quality factor. Operational availability does
not address performance and only applies when the application or component
is not under attack.
- Denial of service protection deals with the following security concepts:
| Security Concept |
Value |
| Valuable Asset |
Some service |
| Malicious Harm |
Denial of that service by an attacker |
| Security Incident |
Denial of Service Attack |
| Threat |
Existence of attacker(s) with means and motive to cause denial of service attacks |
| Security Risk |
Can be low or high depending on the number of motivated attackers, their profiles,
appropriate security countermeasures, and vulnerabilities that can be exploited by attacks |