Abstract
Denial of Service attacks are presenting an increasing threat to the global inter-networking infrastructure. While TCP's congestion control algorithm is highly robust to diverse network conditions, its implicit assumption of end-system cooperation results in a well-known vulnerability to attack by high-rate non-responsive flows. In this paper, we investigate a class of low-rate denial of service attacks which, unlike high-rate attacks, are difficult for routers and counter-DoS mechanisms to detect. Using a combination of analytical modeling, simulations, and Internet experiments, we show that maliciously chosen low-rate DoS traffic patterns that exploit TCP's retransmission time-out mechanism can throttle TCP flows to a small fraction of their ideal rate while eluding detection. Moreover, as such attacks exploit protocol homogeneity, we study fundamental limits of the ability of a class of randomized time-out mechanisms to thwart such low-rate DoS attacks.
| Original language | English (US) |
|---|---|
| Pages (from-to) | 75-86 |
| Number of pages | 12 |
| Journal | Computer Communication Review |
| Volume | 33 |
| Issue number | 4 |
| DOIs | |
| State | Published - Oct 2003 |
| Event | Proceedings of ACM SIGCOMM 2003: Conference on Computer Communications - Karlsruhe, Germany Duration: Aug 25 2003 → Aug 29 2003 |
Keywords
- Denial of Service
- Retransmission timeout
- TCP
ASJC Scopus subject areas
- Software
- Computer Networks and Communications