Low-rate TCP-targeted denial of service attacks
作者: Aleksandar Kuzmanovic , Edward W. Knightly
关键词:
摘要: Denial of Service attacks are presenting an increasing threat to the global inter-networking infrastructure. While TCP's congestion control algorithm is highly robust diverse network conditions, its implicit assumption end-system cooperation results in a well-known vulnerability attack by high-rate non-responsive flows. In this paper, we investigate class low-rate denial service which, unlike attacks, difficult for routers and counter-DoS mechanisms detect. Using combination analytical modeling, simulations, Internet experiments, show that maliciously chosen DoS traffic patterns exploit retransmission time-out mechanism can throttle TCP flows small fraction their ideal rate while eluding detection. Moreover, as such protocol homogeneity, study fundamental limits ability randomized thwart attacks.
acm.org
core.ac.uk
udel.edu 
rice.edu 参考文章(30)
V. Jacobson, Pathchar : A Tool to Infer Characteristics of Internet Paths ftp://ftp.ee.lbl.gov/pathchar. ,(1997)
J. Mahdavi, S. Floyd, M. Podolsky, M. Mathis, An Extension to the Selective Acknowledgement (SACK) Option for TCP An Extension to the Selective Acknowledgement (SACK) Option for TCP. ,vol. 2883, pp. 1- 17 ,(2000)
A. Rangarajan, A. Acharya, ERUF: early regulation of unresponsive best-effort traffic international conference on network protocols. pp. 117- 126 ,(1999) , 10.1109/ICNP.1999.801924
R Carter, Measuring bottleneck link speed in packet-switched networks Performance Evaluation. ,vol. 27, pp. 297- 318 ,(1996) , 10.1016/0166-5316(96)00036-3
Cristian Estan, George Varghese, New directions in traffic measurement and accounting Proceedings of the First ACM SIGCOMM Workshop on Internet Measurement - IMW '01. ,vol. 32, pp. 323- 336 ,(2001) , 10.1145/505202.505212
Sally Floyd, Van Jacobson, Traffic phase effects in packet-switched gateways acm special interest group on data communication. ,vol. 21, pp. 26- 42 ,(1991) , 10.1145/122419.122421
Kevin Fall, Sally Floyd, Simulation-based comparisons of Tahoe, Reno and SACK TCP ACM SIGCOMM Computer Communication Review. ,vol. 26, pp. 5- 21 ,(1996) , 10.1145/235160.235162
Hao Jiang, Constantinos Dovrolis, Passive estimation of TCP round-trip times acm special interest group on data communication. ,vol. 32, pp. 75- 88 ,(2002) , 10.1145/571697.571725
Dong Lin, Robert Morris, None, Dynamics of random early detection acm special interest group on data communication. ,vol. 27, pp. 127- 137 ,(1997) , 10.1145/263105.263154
Janey C. Hoe, Improving the start-up behavior of a congestion control scheme for TCP acm special interest group on data communication. ,vol. 26, pp. 270- 280 ,(1996) , 10.1145/248156.248180