In ACM DEBS 2007, pages 116-127, Toronto, Canada, June 2007.
Denial of Service (DoS) attacks continue to affect the availability of critical systems on the Internet. The existing DoS problem is enough to merit significant research dedicated to analyzing and classifying DoS attacks in the Internet context. However, no such research exists for DoS attacks in the domain of Content-based Publish/Subscribe (CPS) systems despite CPS being at the forefront of business process execution, application integration, and event processing applications. This can be attributed to the lack of structure and understanding of key issues in the area of DoS in CPS systems. In this paper, we propose to address these problems by presenting a taxonomy for classifying DoS characteristics and concerns new to CPS systems. Our taxonomy is motivated by a number of experimental results that were obtained using our CPS middleware implementation and that highlight fundamental DoS concerns in this domain. Finally, we discuss some example DoS attacks in detail with respect to our taxonomy and experimental results. We find that localization, message content complexity, and filter statefulness are the key CPS characteristics to consider when designing DoS resilient CPS systems.