Effect of malicious synchronization

Authors:
Mun Choon Chan;Ee-Chien Chang;Liming Lu;Peng Song Ngiam
Affiliations:
Department of Computer Science, National University of Singapore;Department of Computer Science, National University of Singapore;Department of Computer Science, National University of Singapore;Department of Computer Science, National University of Singapore
Venue:
ACNS'06 Proceedings of the 4th international conference on Applied Cryptography and Network Security
Year:
2006

Citing 7
Cited 2

Observing TCP dynamics in real networks

SIGCOMM '92 Conference proceedings on Communications architectures & protocols
The synchronization of periodic routing messages

IEEE/ACM Transactions on Networking (TON)
Low-rate TCP-targeted denial of service attacks: the shrew vs. the mice and elephants

Proceedings of the 2003 conference on Applications, technologies, architectures, and protocols for computer communications
D-ward: source-end defense against distributed denial-of-service attacks

D-ward: source-end defense against distributed denial-of-service attacks
Exploiting the Transients of Adaptation for RoQ Attacks on Internet Resources

ICNP '04 Proceedings of the 12th IEEE International Conference on Network Protocols
Defending Against Low-Rate TCP Attacks: Dynamic Detection and Protection

ICNP '04 Proceedings of the 12th IEEE International Conference on Network Protocols
Energy-efficient link-layer jamming attacks against wireless sensor network MAC protocols

Proceedings of the 3rd ACM workshop on Security of ad hoc and sensor networks

Cost-based and time-based analysis of DoS-resistance in HIP

ACSC '07 Proceedings of the thirtieth Australasian conference on Computer science - Volume 62
Analysis of traffic correlation attacks on router queues

Computer Networks: The International Journal of Computer and Telecommunications Networking

Quantified Score

Hi-index	0.00

Visualization

Abstract

We study the impact of malicious synchronization on computer systems that serve customers periodically. Systems supporting automatic periodic updates are common in web servers providing regular news update, sports scores or stock quotes. Our study focuses on the possibility of launching an effective low rate attack on the server to degrade performance measured in terms of longer processing time and request drops due to timeouts. The attackers are assumed to behave like normal users and send one request per update cycle. The only parameter utilized in the attack is the timing of the requests sent. By exploiting the periodic nature of the updates, a small number of attackers can herd users' update requests to a cluster and arrive in a short period of time. Herding can be used to discourage new users from joining the system and to modify the user arrival distribution, so that the subsequent burst attack will be effective. While the herding based attacks can be launched with a small amount of resource, they can be easily prevented by adding a small random component to the length of the update interval.