Live Baiting for Service-Level DoS Attackers

Denial-of-Service (DoS) attacks remain a challenging problem in the Internet. In a DoS attack the attacker is attempting to make a resource unavailable to its intended legitimate clients. Furthermore, in order to employ massive attack power, the attacker usually launches a Distributed Denial of Service (DDoS) attack, in which several subordinate hosts attack the target in concert. Denial-of-service attacks can result in significant loss of time and money for many organizations, thus, many defense mechanisms have been proposed. This paper proposes a novel approach for detecting DoS attackers, which they call live baiting. Live baiting leverages group-testing theory, which aims at discovering defective members in a population using the minimum number of "Tests", to detect attackers with the minimum state.