Impact of a DDoS attack on computer systems: an approach based on an attack tree model

Ronierison Maciel, Jean Araújo, Jamilson Dantas, Carlos Melo, Erico Guedes, Paulo Maciel

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

13 Citations (Scopus)


Attacks that deny access to a service provider can occur anytime, anywhere, and most usually occur with little or no warning. Many small and midsize companies are not prepared to handle a significant outage. For an enterprise to face up to an attack of this type, it must possess a bandwidth higher than that of the attack, an infrastructure with redundant components, regular backups, firewalls for monitoring the threats and other proactive and reactive mechanisms. Otherwise, the service will be interrupted, increasing the chances of financial losses. Hierarchical modeling approaches are often used to evaluate the availability of such systems, thereby leveraging the representation of multiple failure and repair events in distinct parts of the system. This paper evaluates the impact of a distributed denial-of-service attack in computer systems. We propose hierarchical models that represent the behavior of major system components and assess the effects of a DDoS attack on the system availability. The equations that estimate the likelihood of an attack, attacker benefits, feasibility, the pain factor and the propensity of the offense were present. They enable a direct analytical solution for large systems. The results obtained from the attack tree analysis allow to plan and improve system's availability, maintainability, and reliability. The attack tree indices show the impact of simultaneous attacks on a computer system and the several threats which will maximize the system downtime.

Original languageEnglish
Title of host publication12th Annual IEEE International Systems Conference, SysCon 2018 - Proceedings
PublisherInstitute of Electrical and Electronics Engineers Inc.
Number of pages8
ISBN (Electronic)9781538636640
Publication statusPublished - 30 May 2018
Event12th Annual IEEE International Systems Conference, SysCon 2018 - Vancouver, Canada
Duration: 24 Apr 201826 Apr 2018


Conference12th Annual IEEE International Systems Conference, SysCon 2018


  • Attack Tree
  • Distributed Denial-of-Service
  • Modeling
  • Security
  • Threats


Dive into the research topics of 'Impact of a DDoS attack on computer systems: an approach based on an attack tree model'. Together they form a unique fingerprint.

Cite this