Observations on the dynamics of a congestion control algorithm: the effects of two-way traffic
SIGCOMM '91 Proceedings of the conference on Communications architecture & protocols
Heavy Tails and Long Range Dependence in On/Off Processes and Associated Fluid Models
Mathematics of Operations Research
Fluid-based analysis of a network of AQM routers supporting TCP flows with an application to RED
Proceedings of the conference on Applications, Technologies, Architectures, and Protocols for Computer Communication
Network support for IP traceback
IEEE/ACM Transactions on Networking (TON)
On the Specification of NS and Other Known On-Off Sources
On the Specification of NS and Other Known On-Off Sources
Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications
IEEE/ACM Transactions on Networking (TON)
Distributed mechanism in detecting and defending against the low-rate TCP attack
Computer Networks: The International Journal of Computer and Telecommunications Networking
Low-rate TCP-targeted denial of service attacks and counter strategies
IEEE/ACM Transactions on Networking (TON)
A queueing-theoretic foundation of available bandwidth estimation: single-hop analysis
IEEE/ACM Transactions on Networking (TON)
COMPSAC '08 Proceedings of the 2008 32nd Annual IEEE International Computer Software and Applications Conference
An Advanced Hybrid Peer-to-Peer Botnet
IEEE Transactions on Dependable and Secure Computing
Effect of malicious synchronization
ACNS'06 Proceedings of the 4th international conference on Applied Cryptography and Network Security
Hi-index | 0.00 |
Traffic burstiness is known to be undesirable for a router as it increases the router's queue length and hence the queueing delays of data flows. This poses a security problem in which an attacker intentionally introduces traffic burstiness into routers. We consider a correlation attack, whose fundamental characteristic is to correlate multiple attack flows to generate synchronized small attack bursts, in an attempt to aggregate the bursts into a large burst at a target router. In this paper, we develop an analytical, fluid-based framework that models how the correlation attack disrupts router queues and how it can be mitigated. Using Poisson Counter Stochastic Differential Equations (PCSDEs), our framework captures the dynamics of a router queue for special cases and gives the closed-form average router queue length as a function of the inter-flow correlation. To mitigate the correlation attack, we apply our analytical framework to model different pacing schemes including Markov ON-OFF pacing and rate limiting, which are respectively designed to break down the inter-flow correlation and suppress the peak rates of bursts. We verify that our fluid models conform to packet-level ns2 simulation results.