A new mechanism for improving robustness of TCP against pulsing denial-of-service attacks

Authors:
Hiroshi Tsunoda;Kenjirou Arai;Nei Kato;Yoshiaki Nemoto
Affiliations:
Graduate School of Information Sciences, Tohoku University, Sendai, Miyagi, Japan;Graduate School of Information Sciences, Tohoku University, Sendai, Miyagi, Japan;Graduate School of Information Sciences, Tohoku University, Sendai, Miyagi, Japan;Graduate School of Information Sciences, Tohoku University, Sendai, Miyagi, Japan
Venue:
ACOS'06 Proceedings of the 5th WSEAS international conference on Applied computer science
Year:
2006

Citing 12
Cited 0

On estimating end-to-end network path properties

Proceedings of the conference on Applications, technologies, architectures, and protocols for computer communication
A new hybrid broadcast scheduling algorithm for asymmetric communication systems: push and pull data based on optimal cut-off point

MSWIM '01 Proceedings of the 4th ACM international workshop on Modeling, analysis and simulation of wireless and mobile systems
Efficiency/Friendliness Tradeoffs in TCP Westwood

ISCC '02 Proceedings of the Seventh International Symposium on Computers and Communications (ISCC'02)
Low-rate TCP-targeted denial of service attacks: the shrew vs. the mice and elephants

Proceedings of the 2003 conference on Applications, technologies, architectures, and protocols for computer communications
Controlling High-Bandwidth Flows at the Congested Router

ICNP '01 Proceedings of the Ninth International Conference on Network Protocols
Defending Against Low-Rate TCP Attacks: Dynamic Detection and Protection

ICNP '04 Proceedings of the 12th IEEE International Conference on Network Protocols
Filtering of Shrew DDoS Attacks in Frequency Domain

LCN '05 Proceedings of the The IEEE Conference on Local Computer Networks 30th Anniversary
Defense against low-rate TCP-targeted denial-of-service attacks

ISCC '04 Proceedings of the Ninth International Symposium on Computers and Communications 2004 Volume 2 (ISCC"04) - Volume 02
Low-rate TCP-targeted denial of service attacks and counter strategies

IEEE/ACM Transactions on Networking (TON)
HAWK: halting anomalies with weighted choking to rescue well-behaved TCP sessions from shrew DDoS attacks

ICCNMC'05 Proceedings of the Third international conference on Networking and Mobile Computing
Defending against flooding-based distributed denial-of-service attacks: a tutorial

IEEE Communications Magazine
Network intrusion and fault detection: a statistical anomaly approach

IEEE Communications Magazine

Quantified Score

Hi-index	0.00

Visualization

Abstract

In this paper, we propose a new mechanism to combat pulsing Denial-of-Service (DoS) attacks. Pulsing DoS attacks can seriously degrade the throughput of legitimate TCP flows in a stealthy manner. The attacker send periodic short bursts of traffic (i.e. pulses) to cause packet losses of TCP flows. For improving robustness of TCP against the attacks, we propose to use adaptive bandwidth estimation mechanism in TCP congestion control process. The performance of the proposed method is evaluated through simulations, and is compared with the other TCP variants. From the simulation results, we verified that the proposed method can effectively mitigate the effect of pulsing DoS attacks.