Abstract
Denial of Service attacks are presenting an increasing threat to the global inter-networking infrastructure. While TCP's congestion control algorithm is highly robust to diverse network conditions, its implicit assumption of end-system cooperation results in a well-known vulnerability to attack by high-rate non-responsive flows. In this paper, we investigate a class of low-rate denial of service attacks which, unlike high-rate attacks, are difficult for routers and counter-DoS mechanisms to detect. Using a combination of analytical modeling, simulations, and Internet experiments, we show that maliciously chosen low-rate DoS traffic patterns that exploit TCP's retransmission timeout mechanism can throttle TCP flows to a small fraction of their ideal rate while eluding detection. Moreover, as such attacks exploit protocol homogeneity, we study fundamental limits of the ability of a class of randomized timeout mechanisms to thwart such low-rate DoS attacks.
Original language | English (US) |
---|---|
Pages (from-to) | 683-696 |
Number of pages | 14 |
Journal | IEEE/ACM Transactions on Networking |
Volume | 14 |
Issue number | 4 |
DOIs | |
State | Published - Aug 2006 |
Keywords
- Denial of service
- Retransmission timeout
- TCP
ASJC Scopus subject areas
- Software
- Computer Science Applications
- Computer Networks and Communications
- Electrical and Electronic Engineering