Impact of a DDoS attack on computer systems: An approach based on an attack tree model.

Attacks that deny access to a service provider can occur anytime, anywhere, and most usually occur with little or no warning. Many small and midsize companies are not prepared to handle a significant outage. For an enterprise to face up to an attack of this type, it must possess a bandwidth higher than that of the attack, an infrastructure with redundant components, regular backups, firewalls for monitoring the threats and other proactive and reactive mechanisms. Otherwise, the service will be interrupted, increasing the chances of financial losses. Hierarchical modeling approaches are often used to evaluate the availability of such systems, thereby leveraging the representation of multiple failure and repair events in distinct parts of the system. This paper evaluates the impact of a distributed denial-of-service attack in computer systems. We propose hierarchical models that represent the behavior of major system components and assess the effects of a DDoS attack on the system availability. The equations that estimate the likelihood of an attack, attacker benefits, feasibility, the pain factor and the propensity of the offense were present. They enable a direct analytical solution for large systems. The results obtained from the attack tree analysis allow to plan and improve system's availability, maintainability, and reliability. The attack tree indices show the impact of simultaneous attacks on a computer system and the several threats which will maximize the system downtime.