Low rate dos attack to monoprocess servers

Authors:
Gabriel Maciá-Fernández;Jesús E. Díaz-Verdejo;Pedro García-Teodoro
Affiliations:
Dpt. of Signal Theory, Telematics and Communications – University of Granada, Granada, Spain;Dpt. of Signal Theory, Telematics and Communications – University of Granada, Granada, Spain;Dpt. of Signal Theory, Telematics and Communications – University of Granada, Granada, Spain
Venue:
SPC'06 Proceedings of the Third international conference on Security in Pervasive Computing
Year:
2006

Citing 10
Cited 1

Defeating Distributed Denial of Service Attacks

IT Professional
Attacking DDoS at the Source

ICNP '02 Proceedings of the 10th IEEE International Conference on Network Protocols
Honeypots for Distributed Denial of Service Attacks

WETICE '02 Proceedings of the 11th IEEE International Workshops on Enabling Technologies: nfrastructure for Collaborative Enterprises
Low-rate TCP-targeted denial of service attacks: the shrew vs. the mice and elephants

Proceedings of the 2003 conference on Applications, technologies, architectures, and protocols for computer communications
NOMAD: Traffic-based Network Monitoring Framework for Anomaly Detection

ISCC '99 Proceedings of the The Fourth IEEE Symposium on Computers and Communications
DDoS attacks and defense mechanisms: classification and state-of-the-art

Computer Networks: The International Journal of Computer and Telecommunications Networking
A taxonomy of DDoS attack and DDoS defense mechanisms

ACM SIGCOMM Computer Communication Review
Defending Against Low-Rate TCP Attacks: Dynamic Detection and Protection

ICNP '04 Proceedings of the 12th IEEE International Conference on Network Protocols
Defense against low-rate TCP-targeted denial-of-service attacks

ISCC '04 Proceedings of the Ninth International Symposium on Computers and Communications 2004 Volume 2 (ISCC"04) - Volume 02
Inferring internet denial-of-service activity

SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10

Mathematical foundations for the design of a low-rate dos attack to iterative servers (short paper)

ICICS'06 Proceedings of the 8th international conference on Information and Communications Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

In this work, we present a vulnerability in monoprocess or monothreaded servers that allows the execution of DoS attacks with the peculiarity that they are generated by low rate traffic. This feature makes the attack less vulnerable to detection by current IDS systems, which usually expect high rate traffic. The intruder can take advantage of some knowledge about the inter-output times in the server to build the attack. We have simulated and tested it in a real environment, obtaining worrying conclusions due to the efficiency achieved by the attack, with low effort from the attacker.