Approach to Determination of Priority for Nodes of
Telecommunication Network Functioning under
DDOS-attacks in Order to Provide Quality of
Service
Arkadii Snihurov, Vadym Chakrian
Abstract – The article gives such a parameter as the
priority of node in the routing system of a
telecommunication network. The given parameter is
proposed to be considered in risk assessment of route
information security.
Keywords – DDoS, QoS, risk assessment, routing.
I. INTRODUCTION
A feature of modern routing processes in
telecommunication networks (TCSs) is the presence of a
large number of security threats aimed at various
elements of the routing system. For example, according
to the study there are such possible types of information
attacks as the compromise of the service provider
devices, hacking of network management stations,
attacks on the transit devices between providers,
unauthorized access of an intruder to the traffic through
the taking of control over nodes, etc. One of the most
dangerous attacks on the TCS routing system is DDOSattacks on the customer networks that are connected to
such a network, as well as DDOS-attacks on the routers
themselves. The DDOS-attack on the client network
leads to an increase in the intensity of the "harmful"
traffic through the trunk network routers and their
overloading. The complexity of the fight against these
attacks is that it is very difficult for the main router to
distinguish "useful" traffic from DDOS-traffic. Some of
the methods of DoS and DDoS attacks detection are
described in the next works [1, 2]. DDOS-attack on the
routers themselves also leads to their overloading and
damage, as well as reduction of routers bandwidth. In
the long run, such an attack can lead to a delay in
servicing of "useful" network traffic packets or complete
failure of its service. At the same time Quality of
Service (QoS) has requirements to the value of the
packet delay. For example, the delay of the speech
packet of VoIP traffic must not exceed 150 ms in
accordance with the International Telecommunication
Union (ITU) G.114 [3].
Under these conditions, one of the key tasks in the
TCSs is the selection of the route for transmission of
packets which provide the solution of load balancing
tasks in TCSs and QoS assurance [4].
1
2
Arkadii Snihurov , Vadym Chakrian
Kharkiv National University of Radio Electronics, TCS
deparment, 14 Nauky ave., 61166, Ukraine. 1, 2
E-mail: [email protected], [email protected]
The researches aimed at the introduction of
requirements to provision of information security of
transmitted data into the process of routing are
conducted. One of the ways to achieve these
requirements is the introduction of the risk indicator of
routes information security into the metric of routing
algorithms [5, 6, 7, 8].
The purpose of the research is to develop a
mechanism for determining the priority of the TCS
routing nodes for further assessment of risks for
information security of nodes and packet transmission
routes.
II. APPROACH TO DETERMINATION OF RISK OF
ROUTE INFORMATION SECURITY
The risk of information security of the information
transmission route R ijm , R ijm ∈[0;1] from the node i to
the node j is a potential possibility of breach of
confidentiality, integrity and availability of information
when it is transmitted over the route. The risk of route
information security can include the following
indicators:
- the risk of confidentiality breach of information,
when it is transmitted over the route;
- the risk of information modification, when it is
transmitted over the route (the risk of integrity
violation);
- the risk of late delivery of information to the
consumer (the risk of violations of information
availability). This risk usually depends on the feasibility
of the DDOS-attacks in TCSs. Such attacks on TCSs can
also include actions of means of fire or electromagnetic
injury to the routers (nodes), production of radio
interference on the communication channels between the
routers (wireless network), damage to the cable system
(wireline).
The information security risk of the route can be
determined on the basis of the information security risk
of routers (hereinafter - nodes) in the routing system
using the expression:
R ijm
 1
Zm
 (1  R mz ) ,
(1)
Z1
where Zm – a set of TCS nodes included into the m-th
route.
z
z
z
Rm
z  Pthreat  Pvu ln erability  C ,
(2)
m
( t ) , n  1, N m  for all
the distribution densities f serv
n
z
where Pthreat
– a probability (degree, level) of
information threats realization on the z-th node of the
routing system;
z
Pvu
ln erability – a probability (degree, level) of the z-th
the nodes of the m-th route.
m
m
m
f m ( t )  f serv
( t )  f serv
( t )  ...  f serv
(t) ,
1
2
n
TCS node vulnerability to informational threats;
C z – priority of the z-th node of the routing system for
direction of transmission from the TCS node i to the
node j.
expression:
III. APPROACH TO DETERMINATION OF PRIORITY
FOR NODE OF ROUTING SYSTEM TO PROVIDE
ROUTE SECURITY
The main indicator of network efficiency will be the
delay of packets during transmission over the route.
The period of packet transmission from the node i to
the node j for the m-th route can be expressed as
follows:
tm 
Nm
Nm
n 1
n 1
n
n
  t serv
,
 t distrib
(4)
n
where t distrib
- the period of spreading of the packet
over the communication channel adjacent to the nth
node of the m-th route;
n
– duration of packets servicing by the n-th node of
t serv
the m-th route; N m – the number of nodes on the m-th
route.
The period of time of packet being serviced by the
node consists of the packet waiting time in the queue
and time of packet processing by the node. If the
processing time is fixed and usually not too long (from a
few microseconds to several dozens of microseconds),
then packet waiting time in the queue varies within wide
limits and it is typically a random variable.
If we take as an assumption that the node is a singlechannel QS with expectation, the input stream is a
n
Poisson process, the probability density function t serv
of
packets servicing by the nth node will be described by
the exponential rule.
(5)
f serv (t )  serv  e servt ,
where serv    (1  ) – intensity of packet servicing by
the node taking into account its processing and packet

waiting time in the queue,   ;

 - the intensity of packets at the node entrance;
 - the intensity of packets processing by the node.
In order to provide the probability density function for
the time of packets transmission from the node i to the
node j for the m-th route f m (t ) it is needed to convolve
(6)
where the convolution of two distribution densities, e.g.
m
m
f serv
( t ) and f serv
( t ) are determined from the
1
2

m
f serv
(t)
12

 f serv ()  f serv (t  ) d .
m
m
1
2
(7)

If we apply the Laplace transform, the convolution of
functions can be reduced in the image space to the
operation of multiplication. The inverse Laplace
transform allows to obtain the desired function of a real
variable. Therefore, the study suggests an approach in
which the operation of each node is described as a
model M/M/1 with different parameters  and  , the
m
( t ) of the
convolution of distribution densities f serv
n
time of packets processing by nodes is substituted by the
Laplace transform, multiplication of images of functions
data is carried out and the desired density distribution is
obtained by the inverse Laplace transform.
The integration of the probability density function for
the time of packet transmission from the node i to the
m
( t ) in time allows to
node j for the m-th route f serv
n
determine the probability of packet delivery to the end
node within the given time:
t

m
Pdeliv
( t )  f m ( t ) dt .
(8)
0
The example of the calculation for probability density
function for the time of packet transmission from the
node i to the node j and the probability of packet
delivery to the end node is shown in Fig. 1-3.
Fig. 1. The routes contain: 1 – 3 nodes; 2 - 4 nodes; 3 – 5
nodes; all the routers are equally loaded, terms of calculation:
  0,7 for all curves).
IV. CONCLUSION
Figure 2. One route has 4 nodes (all the routers are equally
loaded, terms of calculation: 1 curve when   0,7 ; 2 curve –
  0,8 ; 3 curve –   0,9 ; 4 curve –   0,95 ).
The article introduces such an indicator as the node
priority of the TCS routing system. This indicator shows
how the probability of packet delivery for the direction
of transmission from the node i to the node j is reduced
within the given time and in the presence of DDoSattacks in comparison to the normal operation of a TCS.
Implementation of this indicator allows to take into
account the risks of information security of routes in the
routing.
REFERENCES
Figure 3. One route contains 4 nodes (terms of calculation: 1 –
all the routers function normally and are equally loaded,
  0,7 ; 2 – 2 routers function normally and are equally
loaded,   0,7 , 2 routers were exposed to the DDoS-attack,
  0,9 ; 3 – 2 routers function normally and are equally
loaded,   0,7 , 2 router was exposed to DDoS-attack;
  0,95 ).
The probability of packet delivery from the node i to
the node j for the whole M set of routes for the given
transmission direction in the given time is determined
from the expression:
M
ij
m
Pdeliv
(t giv )  1   (1  Pdeliv
(t giv )) .
(9)
m 1
The meaning of the Eq. (9) is that in case of failure of
the route (reducing of the route bandwidth), the system
will perform balancing and routing of the traffic on the
basis of the algorithm set in it and metrics indicators.
However, another route, less efficient under normal
conditions, can be selected.
The priority of the nth node for the direction of
transmission from the node i to the node j will be
determined according to the contribution of the given
node to provision of packet delivery task performance
by all possible routes within the given time:
ij
ij
Pdeliv
 Pdeliv
DDoS ( t giv )
Vnij 
,
(10)
ij
Pdeliv ( t giv )
ij
( t giv ) – the probability of packet delivery
where Pdeliv
from the node i to the node j for the whole M set of
routes for the transmission direction within the given
time in the absence of DDoS-attacks;
ij
Pdeliv
DDoS ( t giv ) – the probability of packet delivery from
the node i to the node j for the whole M set of routes for
the transmission direction within the given time under
the DDoS-attack on the nth node.
[1] L. Kaur, A. Bhandari, “Review on DDoS attacks and
various detection mechanisms,” International
Journal
For
Technological
Research
In
Engineering, Volume 1, Issue 9, May-2014, pp. 904909.
[2] V. Popovski, V. Skybin, “The entropy methods of
DDOS-attack detection in telecommunication
networks,” Problems of telecommunications,
vol. 2 (15), 2014.
[3] ITU-T
Recommendation
G. 114
“One-way
transmission time”, ITU-T, May 2000.
[4] A.V. Lemeshko, “Probabilistic-Temporal Model of
QOS-Routing with Precomputation of Routes under
the
Terms
of
Non-Ideal
Reliability
of
Telecommunication Network,” Telecommunica-tions
and Radio Engineering, 66(13), (2007).
[5] A. Snihurov, V. Chakrian, “Improvement of EIGRP
Protocol Routing Algorithm with the Consideration
of Information Security Risk Parameters,” Scholars
Journal of Engineering and Technology, vol. 3(8),
pp. 707-714, Dec. 2015.
[6] А. Snigurov, V. Chakrian, “Approach of routing
metrics formation based on information security
risk,” in CADSM’2013, 19-23 February, 2013,
Polyana-Svalyava
(Zakarpattya),
UKRAINE,
pp. 339-340.
[7] A. Snigurov, V. Chakryan, “Approach of calculation
of network devices security rating”, Information
processing systems, Publ. 1, pp. 150-155, 2014.
[8] A. Snigurov, V. Chakrian, “Approach of routing
metrics calculation considering the risks of
information security,” Systems of control, navigation
and communication, vol. 4 (24), pp. 105-110, 2012.