Size Constraint Group Testing and DoS Attacks

  • My T. ThaiEmail author
Part of the SpringerBriefs in Optimization book series (BRIEFSOPTI)


In this chapter, we introduce the first application of group testing in detecting application Denial-of-Service (DoS) attack , which aims at disrupting application service rather than depleting the network resource. This attack has emerged as one of the greatest threat to network services. Owing to its high similarity to legitimate traffic and much lower launching overhead than classic DoS attack, this new assault type cannot be efficiently detected or prevented by existing detection solutions. To identify application DoS attack, we present a novel group testing (GT)-based approach deployed on back-end servers, which not only offers a theoretical method to obtain short detection delay and low false positive/negative rate, but also provides an underlying framework against general network attacks. This new application requires a new class of group testing, called size constraint group testing.


Average Response Time Client Request Virtual Server Testing Round Danger Mode 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Sekar V, Duffield N, van der Merwe K, Spatscheck O, Zhang. H (2006) LADS: large-scale automated DDoS detection system. In: USENIX annual technical conference 2006Google Scholar
  2. 2.
    Kandula S, Katabi D, Jacob M, Berger AW (2005) Botz-4-sale: surviving organized DDoS attacks that mimic flash crowds 2nd NSDI. MA, Boston, May 2005Google Scholar
  3. 3.
    Ranjan S, Swaminathan R, Uysal M, Knightly E (2006) DDos-resilient scheduling to counter application layer attacks under imperfect detection. In Proceedings of the IEEE infocom, barcelona, Spain, April, 2006Google Scholar
  4. 4.
    Kim Y, Lau WC, Chuah MC, Chao HJ (2004) Packetscore: statisticsbased overload control against distributed denial-of-service attacks. In: Proceedings of infocom, HongKong, 2004Google Scholar
  5. 5.
    Du DZ, Hwang FK (2006) Pooling designs: group testing in molecular biology. World Scientific, SingaporeGoogle Scholar
  6. 6.
    Atallah MJ, Goodrich MT, Tamassia R (2005) Indexing information for data forensics, ACNS. Lecture notes in computer science vol 3531. Springer, Heidelberg, pp 206–221Google Scholar
  7. 7.
    Ricciulli L, Lincoln P, Kakkar P (1999) TCP SYN flooding defense. In: Proceedings of CNDSGoogle Scholar
  8. 8.
    Gligor VD (2003) Guaranteeing access in spite of distributed service-flooding attacks. In: Proceedings of the security protocols workshopGoogle Scholar
  9. 9.
    Kargl F, Maier J, Weber M (2001) Protecting web servers from distributed denial of service attacks. In WWW ’01: Proceedings of the 10th international conference on World Wide Web. ACM Press, New York, USA, pp 514–524Google Scholar
  10. 10.
    Thai MT, Xuan Y, Shin I, Znati T (2008) On detection of malicious users using group testing techniques. In: Proceedings of IEEE international conference on distributed computing systems (ICDCS)Google Scholar
  11. 11.
    Sharma P, Shah P, Bhattacharya S (2003) Mirror hopping approach for selective denial of service prevention in WORDS’03Google Scholar
  12. 12.
    Service provider infrastructure security: detecting, tracing, and mitigating network-wide anomalies (2005). 2005Google Scholar
  13. 13.
    Chu Y, Ke J (2007) Mean response time for a G/G/1 queueing system: simulated computation. Appl Math Comput 186(1):772–779MathSciNetzbMATHCrossRefGoogle Scholar
  14. 14.
    Eppstein D, Goodrich MT, Hirschberg D (2005) Improved combinatorial group testing algorithms for real-world problem sizes WADS. LNCS vol 3608. Springer, Heidelberg, pp 86–98Google Scholar
  15. 15.
    Mori G, Malik J (2003) Recognizing objects in adversarial clutter: breaking a visual captcha. IEEE Computer Vision and Pattern RecognitionGoogle Scholar
  16. 16.
    Dyachkov AD, Rykov VV, Rachad AM (1989) Superimposed distance codes. Prob Control Inform Thy 18:237–250zbMATHGoogle Scholar
  17. 17.
    Dyachkov AG, Macula AJ, Torney DC, Vilenkin PA (2001) Two models of nonadaptive group testing for designing screening experiments. In: Proceeding 6th International workshop on model-oriented designs and analysis. p 635Google Scholar

Copyright information

© My T. Thai 2012

Authors and Affiliations

  1. 1.Department of Computer and Information Science and EngineeringUniversity of FloridaGainesvilleUSA

Personalised recommendations