Principles of Quantum Computation

Abstract

Denial of Service attacks have become a weapon for extortion andvandalism causing damages in the millions of dollars to commercial andgovernment sites. Legal prosecution is a powerful deterrent, butrequires attribution of attacks, currently a difficult task. In thispaper we propose a method to \emph{automatically fingerprint} and\emph{identify} repeated attack scenarios---a combination of attackinghosts and attack tool. Such fingerprints not only aid in attributionfor criminal and civil prosecution of attackers, but also help justifyand focus response measures. Since packet contents can be easilymanipulated, we base our fingerprints on the \emph{spectralcharacteristics} of the attack stream which are hard to forge. Wevalidate our methodology by applying it to real attacks captured at aregional ISP and comparing the outcome with header-basedclassification. Finally, we conduct controlled experiments toidentify and isolate factors that affect the attack fingerprint.