文件名称:Low-Rate-TCP-Targeted-Denial-of-Service-Attacks-a
介绍说明--下载内容均来自于网络,请自行研究使用
Abstract—Denial of Service attacks are presenting an increasing threat to the global inter-networking infrastructure. While TCP’s congestion control algorithm is highly robust to diverse network conditions, its implicit
assumption of end-system cooperation results in a well-known vulnerability to attack by high-rate non-responsive fl ows. In this paper, we investigate a class of low-rate denial of service attacks which, unlike high-rate attacks, are diffi cult for routers and counter-DoS mechanisms to detect. Using a combination of analytical modeling, simulations, and Internet experiments, we show that maliciously chosen low-rate DoS traffi c patterns that exploit TCP’s retransmission timeout mechanism can throttle TCP fl ows to a small
fraction of their ideal rate while eluding detection. Moreover, as such attacks exploit protocol homogeneity, we study fundamental limits of the ability of a class of randomized timeout mechanisms to thwart such low-rate
DoS attacks.-Abstract—Denial of Service attacks are presenting an increasing threat to the global inter-networking infrastructure. While TCP’s congestion control algorithm is highly robust to diverse network conditions, its implicit
assumption of end-system cooperation results in a well-known vulnerability to attack by high-rate non-responsive fl ows. In this paper, we investigate a class of low-rate denial of service attacks which, unlike high-rate attacks, are diffi cult for routers and counter-DoS mechanisms to detect. Using a combination of analytical modeling, simulations, and Internet experiments, we show that maliciously chosen low-rate DoS traffi c patterns that exploit TCP’s retransmission timeout mechanism can throttle TCP fl ows to a small
fraction of their ideal rate while eluding detection. Moreover, as such attacks exploit protocol homogeneity, we study fundamental limits of the ability of a class of randomized timeout mechanisms to thwart such low-rate
DoS attacks.
assumption of end-system cooperation results in a well-known vulnerability to attack by high-rate non-responsive fl ows. In this paper, we investigate a class of low-rate denial of service attacks which, unlike high-rate attacks, are diffi cult for routers and counter-DoS mechanisms to detect. Using a combination of analytical modeling, simulations, and Internet experiments, we show that maliciously chosen low-rate DoS traffi c patterns that exploit TCP’s retransmission timeout mechanism can throttle TCP fl ows to a small
fraction of their ideal rate while eluding detection. Moreover, as such attacks exploit protocol homogeneity, we study fundamental limits of the ability of a class of randomized timeout mechanisms to thwart such low-rate
DoS attacks.-Abstract—Denial of Service attacks are presenting an increasing threat to the global inter-networking infrastructure. While TCP’s congestion control algorithm is highly robust to diverse network conditions, its implicit
assumption of end-system cooperation results in a well-known vulnerability to attack by high-rate non-responsive fl ows. In this paper, we investigate a class of low-rate denial of service attacks which, unlike high-rate attacks, are diffi cult for routers and counter-DoS mechanisms to detect. Using a combination of analytical modeling, simulations, and Internet experiments, we show that maliciously chosen low-rate DoS traffi c patterns that exploit TCP’s retransmission timeout mechanism can throttle TCP fl ows to a small
fraction of their ideal rate while eluding detection. Moreover, as such attacks exploit protocol homogeneity, we study fundamental limits of the ability of a class of randomized timeout mechanisms to thwart such low-rate
DoS attacks.
(系统自动生成,下载前可以参看下载内容)
下载文件列表
Low-Rate TCP-Targeted Denial of Service Attacks and Counter Strategies.pdf