Low-rate TCP-targeted denial of service attacks
- 25 August 2003
- conference paper
- conference paper
- Published by Association for Computing Machinery (ACM)
Abstract
Denial of Service attacks are presenting an increasing threat to the global inter-networking infrastructure. While TCP's congestion control algorithm is highly robust to diverse network conditions, its implicit assumption of end-system cooperation results in a well-known vulnerability to attack by high-rate non-responsive flows. In this paper, we investigate a class of low-rate denial of service attacks which, unlike high-rate attacks, are difficult for routers and counter-DoS mechanisms to detect. Using a combination of analytical modeling, simulations, and Internet experiments, we show that maliciously chosen low-rate DoS traffic patterns that exploit TCP's retransmission time-out mechanism can throttle TCP flows to a small fraction of their ideal rate while eluding detection. Moreover, as such attacks exploit protocol homogeneity, we study fundamental limits of the ability of a class of randomized time-out mechanisms to thwart such low-rate DoS attacks.Keywords
This publication has 20 references indexed in Scilit:
- Passive estimation of TCP round-trip timesACM SIGCOMM Computer Communication Review, 2002
- Using loss pairs to discover network propertiesPublished by Association for Computing Machinery (ACM) ,2001
- Measuring link bandwidths using a deterministic model of packet delayPublished by Association for Computing Machinery (ACM) ,2000
- End-to-end Internet packet dynamicsIEEE/ACM Transactions on Networking, 1999
- Dynamics of random early detectionPublished by Association for Computing Machinery (ACM) ,1997
- Measuring bottleneck link speed in packet-switched networksPerformance Evaluation, 1996
- Simulation-based comparisons of Tahoe, Reno and SACK TCPACM SIGCOMM Computer Communication Review, 1996
- Random early detection gateways for congestion avoidanceIEEE/ACM Transactions on Networking, 1993
- Observations on the dynamics of a congestion control algorithmPublished by Association for Computing Machinery (ACM) ,1991
- Congestion avoidance and controlACM SIGCOMM Computer Communication Review, 1988