Towards the perfect DDoS attack: the perfect storm

Authors:
Amey Shevtekar;Nirwan Ansari;Roger Karrer
Affiliations:
Advanced Networking Lab, ECE Dept., New Jersey Institute of Technology;Advanced Networking Lab, ECE Dept., New Jersey Institute of Technology;Credit Suisse Group, Switzerland
Venue:
SARNOFF'09 Proceedings of the 32nd international conference on Sarnoff symposium
Year:
2009

Citing 10
Cited 0

Integrating user-perceived quality into Web server design

Proceedings of the 9th international World Wide Web conference on Computer networks : the international journal of computer and telecommunications netowrking
Tuning RED for Web traffic

IEEE/ACM Transactions on Networking (TON)
Controlling high bandwidth aggregates in the network

ACM SIGCOMM Computer Communication Review
Low-rate TCP-targeted denial of service attacks: the shrew vs. the mice and elephants

Proceedings of the 2003 conference on Applications, technologies, architectures, and protocols for computer communications
An adaptive virtual queue (AVQ) algorithm for active queue management

IEEE/ACM Transactions on Networking (TON)
Exploiting the Transients of Adaptation for RoQ Attacks on Internet Resources

ICNP '04 Proceedings of the 12th IEEE International Conference on Network Protocols
Defending Against Low-Rate TCP Attacks: Dynamic Detection and Protection

ICNP '04 Proceedings of the 12th IEEE International Conference on Network Protocols
Botz-4-sale: surviving organized DDoS attacks that mimic flash crowds

NSDI'05 Proceedings of the 2nd conference on Symposium on Networked Systems Design & Implementation - Volume 2
The anatomy of Clickbot.A

HotBots'07 Proceedings of the first conference on First Workshop on Hot Topics in Understanding Botnets
Packet-level traffic measurements from the Sprint IP backbone

IEEE Network: The Magazine of Global Internetworking

Quantified Score

Hi-index	0.00

Visualization

Abstract

This paper proposes a novel model for instigating the "perfect" DDoS attack. Our model uses a combination of network feedback and coordination of attack rates and protocols to achieve a high level of service deniability and low detectability. We demonstrate via extensive simulations that our attack model achieves a higher impact as compared to the Shrew and the RoQ (Reduction of Quality) attacks while the detectability is low. The model adopts botnets in executing/realizing the perfect storm/attack in a real network. We show that executing the attack is not difficult at all. We then briefly describe failures of recent and most relevant detection approaches in mitigating these attacks. The failures of these schemes demonstrate low detectability of our proposed "perfect storm".