A CPU Usage Control Mechanism for Processes with Execution Resource ..
http://www.sersc.org/journals/IJSH/
이 논문은 Web server에 대한 DOS(denial-of service) 공격을 방어하기 위한 방법을 CPU Usage Control Mechanism model을 사용하여 설명한다. 이 모델에서는 각각의 process에 대해서 priority와 cpu usage 한도를 설정하여 다각도의 실험을 수행하고 cpu usage의 upper bound를 특정 값으로 세팅하였을 때 최고의 performance 효과를 거둘 수 있었다고 설명한다. 주요 내용들을 인용하면 아래와 같다.
.........
However, most operating systems(OSs) do not have an access control mechanism for CPU resources to guarantee satisfactory processing and to safeguard from malicious attacks that affect the CPU resources, resulting in DoS.
.........
The proposed model can control the usage ratio of CPU resources appropriately in each program domain. The proposed execution resource enables system administrators to control the maximum extent of CPU usage for each user and each program domain because the access control of CPU usage is performed in a similar manner as an object such as a file.
.........
We used two programs on a computer (CPU: Celeron 2.8GHz, OS: Tender). The one is a normal process, and the other is an attacker's process The normal program executes a procedure using CPU instructions only. The attacker's process executes an infinite loop to deman infinite CPU time.
..........