Title:
Low-Rate-TCP-Targeted-Denial-of-Service-Attacks-a Download
Description: Abstract—Denial of Service attacks are presenting an increasing threat to the global inter-networking infrastructure. While TCP’s congestion control algorithm is highly robust to diverse network conditions, its implicit
assumption of end-system cooperation results in a well-known vulnerability to attack by high-rate non-responsive fl ows. In this paper, we investigate a class of low-rate denial of service attacks which, unlike high-rate attacks, are diffi cult for routers and counter-DoS mechanisms to detect. Using a combination of analytical modeling, simulations, and Internet experiments, we show that maliciously chosen low-rate DoS traffi c patterns that exploit TCP’s retransmission timeout mechanism can throttle TCP fl ows to a small
fraction of their ideal rate while eluding detection. Moreover, as such attacks exploit protocol homogeneity, we study fundamental limits of the ability of a class of randomized timeout mechanisms to thwart such low-rate
DoS attacks.
To Search:
File list (Check if you may need any files):
Low-Rate TCP-Targeted Denial of Service Attacks and Counter Strategies.pdf