Congestion avoidance and control
SIGCOMM '88 Symposium proceedings on Communications architectures and protocols
Observations on the dynamics of a congestion control algorithm: the effects of two-way traffic
SIGCOMM '91 Proceedings of the conference on Communications architecture & protocols
Random early detection gateways for congestion avoidance
IEEE/ACM Transactions on Networking (TON)
Simulation-based comparisons of Tahoe, Reno and SACK TCP
ACM SIGCOMM Computer Communication Review
Measuring bottleneck link speed in packet-switched networks
Performance Evaluation
Improving the start-up behavior of a congestion control scheme for TCP
Conference proceedings on Applications, technologies, architectures, and protocols for computer communications
Dynamics of random early detection
SIGCOMM '97 Proceedings of the ACM SIGCOMM '97 conference on Applications, technologies, architectures, and protocols for computer communication
End-to-end internet packet dynamics
IEEE/ACM Transactions on Networking (TON)
On estimating end-to-end network path properties
Proceedings of the conference on Applications, technologies, architectures, and protocols for computer communication
Dynamics of IP traffic: a study of the role of variability and the impact of control
Proceedings of the conference on Applications, technologies, architectures, and protocols for computer communication
Measuring link bandwidths using a deterministic model of packet delay
Proceedings of the conference on Applications, Technologies, Architectures, and Protocols for Computer Communication
Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
Using loss pairs to discover network properties
IMW '01 Proceedings of the 1st ACM SIGCOMM Workshop on Internet Measurement
Passive estimation of TCP round-trip times
ACM SIGCOMM Computer Communication Review
End-to-end available bandwidth: measurement methodology, dynamics, and relation with TCP throughput
Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications
New directions in traffic measurement and accounting
Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications
ERUF: Early Regulation of Unresponsive Best-Effort Traffic
ICNP '99 Proceedings of the Seventh Annual International Conference on Network Protocols
Controlling High-Bandwidth Flows at the Congested Router
ICNP '01 Proceedings of the Ninth International Conference on Network Protocols
Using Dynamic Buffer Limiting to Protect against Belligerent Flows in High-Speed Networks
ICNP '01 Proceedings of the Ninth International Conference on Network Protocols
Conversation Exchange Dynamics for Real-Time Network Monitoring and Anomaly Detection
IWIA '04 Proceedings of the Second IEEE International Information Assurance Workshop (IWIA'04)
Uncooperative congestion control
Proceedings of the joint international conference on Measurement and modeling of computer systems
Denial of service resilience in ad hoc networks
Proceedings of the 10th annual international conference on Mobile computing and networking
On the robustness of router-based denial-of-service (DoS) defense systems
ACM SIGCOMM Computer Communication Review
Monitoring the Macroscopic Effect of DDoS Flooding Attacks
IEEE Transactions on Dependable and Secure Computing
Countering DoS attacks with stateless multipath overlays
Proceedings of the 12th ACM conference on Computer and communications security
Analysis of malicious abstract sensor faults in adaptive measurement-based overlay networks
Proceedings of the twentieth ACM symposium on Operating systems principles
IEEE Transactions on Dependable and Secure Computing
On the Effectiveness of Secure Overlay Forwarding Systems under Intelligent Distributed DoS Attacks
IEEE Transactions on Parallel and Distributed Systems
Distributed mechanism in detecting and defending against the low-rate TCP attack
Computer Networks: The International Journal of Computer and Telecommunications Networking
Autonomic network management: some pragmatic considerations
Proceedings of the 2006 SIGCOMM workshop on Internet network management
Low-rate TCP-targeted denial of service attacks and counter strategies
IEEE/ACM Transactions on Networking (TON)
A two-time-scale design for edge-based detection and rectification of uncooperative flows
IEEE/ACM Transactions on Networking (TON)
A practical and robust inter-domain marking scheme for IP traceback
Computer Networks: The International Journal of Computer and Telecommunications Networking
Evaluation of a low-rate DoS attack against iterative servers
Computer Networks: The International Journal of Computer and Telecommunications Networking
Adversarial exploits of end-systems adaptation dynamics
Journal of Parallel and Distributed Computing
Collaborative detection and filtering of shrew DDoS attacks using spectral analysis
Journal of Parallel and Distributed Computing - Special issue: Security in grid and distributed systems
Honeypot back-propagation for mitigating spoofing distributed Denial-of-Service attacks
Journal of Parallel and Distributed Computing - Special issue: Security in grid and distributed systems
Defense against spoofed IP traffic using hop-count filtering
IEEE/ACM Transactions on Networking (TON)
Falling off the cliff: when systems go nonlinear
HOTOS'05 Proceedings of the 10th conference on Hot Topics in Operating Systems - Volume 10
Towards user-centric metrics for denial-of-service measurement
Proceedings of the 2007 workshop on Experimental computer science
A user-centric metric for denial-of-service measurement
ecs'07 Experimental computer science on Experimental computer science
A data streaming algorithm for estimating entropies of od flows
Proceedings of the 7th ACM SIGCOMM conference on Internet measurement
Automating DDoS experimentation
DETER Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test on DETER Community Workshop on Cyber Security Experimentation and Test 2007
A router-based technique to mitigate reduction of quality (RoQ) attacks
Computer Networks: The International Journal of Computer and Telecommunications Networking
Power to the people: securing the internet one edge at a time
Proceedings of the 2007 workshop on Large scale attack defense
Secretly monopolizing the CPU without superuser privileges
SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
Phalanx: withstanding multimillion-node botnets
NSDI'08 Proceedings of the 5th USENIX Symposium on Networked Systems Design and Implementation
Statistical techniques for detecting traffic anomalies through packet header data
IEEE/ACM Transactions on Networking (TON)
A lab implementation of SYN flood attack and defense
SIGITE '08 Proceedings of the 9th ACM SIGITE conference on Information technology education
Impact of denial of service attacks on ad hoc networks
IEEE/ACM Transactions on Networking (TON)
Fidelity of network simulation and emulation: A case study of TCP-targeted denial of service attacks
ACM Transactions on Modeling and Computer Simulation (TOMACS)
H-OCSP: A protocol to reduce the processing burden in online certificate status validation
Electronic Commerce Research
Remote detection of bottleneck links using spectral and statistical methods
Computer Networks: The International Journal of Computer and Telecommunications Networking
An image processing approach to traffic anomaly detection
Proceedings of the 4th Asian Conference on Internet Engineering
IEEE/ACM Transactions on Networking (TON)
A TCAM-based solution for integrated traffic anomaly detection and policy filtering
Computer Communications
Scalable network-layer defense against internet bandwidth-flooding attacks
IEEE/ACM Transactions on Networking (TON)
Detecting pulsing denial-of-service attacks with nondeterministic attack intervals
EURASIP Journal on Advances in Signal Processing - Special issue on signal processing applications in network intrusion detection systems
Is it congestion or a DDoS attack?
IEEE Communications Letters
Mathematical model for low-rate DoS attacks against application servers
IEEE Transactions on Information Forensics and Security
WONS'09 Proceedings of the Sixth international conference on Wireless On-Demand Network Systems and Services
Vulnerabilities of the real-time transport (RTP) protocol for voice over IP (VoIP) traffic
CCNC'09 Proceedings of the 6th IEEE Conference on Consumer Communications and Networking Conference
Towards the perfect DDoS attack: the perfect storm
SARNOFF'09 Proceedings of the 32nd international conference on Sarnoff symposium
A measurement study of scheduler-based attacks in 3G wireless networks
PAM'07 Proceedings of the 8th international conference on Passive and active network measurement
Fast classification and estimation of internet traffic flows
PAM'07 Proceedings of the 8th international conference on Passive and active network measurement
RateGuard: a robust distributed denial of service (DDoS) defense system
GLOBECOM'09 Proceedings of the 28th IEEE conference on Global telecommunications
On the safety and security of path splicing: a case study for path splicing on the GÉANT network
GLOBECOM'09 Proceedings of the 28th IEEE conference on Global telecommunications
XCo: explicit coordination to prevent network fabric congestion in cloud computing cluster platforms
Proceedings of the 19th ACM International Symposium on High Performance Distributed Computing
Defense techniques for low-rate DoS attacks against application servers
Computer Networks: The International Journal of Computer and Telecommunications Networking
Size-based scheduling: a recipe for DDOS?
Proceedings of the 17th ACM conference on Computer and communications security
Securing the data path of next-generation router systems
Computer Communications
The dark side of the Internet: Attacks, costs and responses
Information Systems
WDA: A Web farm Distributed Denial Of Service attack attenuator
Computer Networks: The International Journal of Computer and Telecommunications Networking
Joint network-host based malware detection using information-theoretic tools
Journal in Computer Virology
A new mechanism for improving robustness of TCP against pulsing denial-of-service attacks
ACOS'06 Proceedings of the 5th WSEAS international conference on Applied computer science
Survey of low rate DoS attack detection mechanisms
Proceedings of the International Conference & Workshop on Emerging Trends in Technology
Performance evaluation of path splicing on the GÉANT and the Sprint networks
Computer Networks: The International Journal of Computer and Telecommunications Networking
Mathematical foundations for the design of a low-rate dos attack to iterative servers (short paper)
ICICS'06 Proceedings of the 8th international conference on Information and Communications Security
A novel mechanism to defend against low-rate denial-of-service attacks
ISI'06 Proceedings of the 4th IEEE international conference on Intelligence and Security Informatics
TCP based denial-of-service attacks to edge network: analysis and detection
CIT'04 Proceedings of the 7th international conference on Intelligent Information Technology
ICCNMC'05 Proceedings of the Third international conference on Networking and Mobile Computing
Assessment of a vulnerability in iterative servers enabling low-rate dos attacks
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
Effect of malicious synchronization
ACNS'06 Proceedings of the 4th international conference on Applied Cryptography and Network Security
LoRDAS: a low-rate dos attack against application servers
CRITIS'07 Proceedings of the Second international conference on Critical Information Infrastructures Security
Low rate dos attack to monoprocess servers
SPC'06 Proceedings of the Third international conference on Security in Pervasive Computing
Explicit coordination to prevent congestion in data center networks
Cluster Computing
Using CPU as a traffic co-processing unit in commodity switches
Proceedings of the first workshop on Hot topics in software defined networks
Flow level detection and filtering of low-rate DDoS
Computer Networks: The International Journal of Computer and Telecommunications Networking
AK-PPM: an authenticated packet attribution scheme for mobile ad hoc networks
RAID'12 Proceedings of the 15th international conference on Research in Attacks, Intrusions, and Defenses
Countermeasures on application level low-rate denial-of-service attack
ICICS'12 Proceedings of the 14th international conference on Information and Communications Security
International Journal of Information Security and Privacy
Fragmentation Considered Vulnerable
ACM Transactions on Information and System Security (TISSEC)
Computers and Electrical Engineering
EyeQ: practical network performance isolation at the edge
nsdi'13 Proceedings of the 10th USENIX conference on Networked Systems Design and Implementation
On the exploitation of CDF based wireless scheduling
Computer Networks: The International Journal of Computer and Telecommunications Networking
Cloudoscopy: services discovery and topology mapping
Proceedings of the 2013 ACM workshop on Cloud computing security workshop
Socket overloading for fun and cache-poisoning
Proceedings of the 29th Annual Computer Security Applications Conference
High-performance capabilities for 1-hop containment of network attacks
IEEE/ACM Transactions on Networking (TON)
| Hi-index | 0.00 |
Denial of Service attacks are presenting an increasing threat to the global inter-networking infrastructure. While TCP's congestion control algorithm is highly robust to diverse network conditions, its implicit assumption of end-system cooperation results in a well-known vulnerability to attack by high-rate non-responsive flows. In this paper, we investigate a class of low-rate denial of service attacks which, unlike high-rate attacks, are difficult for routers and counter-DoS mechanisms to detect. Using a combination of analytical modeling, simulations, and Internet experiments, we show that maliciously chosen low-rate DoS traffic patterns that exploit TCP's retransmission time-out mechanism can throttle TCP flows to a small fraction of their ideal rate while eluding detection. Moreover, as such attacks exploit protocol homogeneity, we study fundamental limits of the ability of a class of randomized time-out mechanisms to thwart such low-rate DoS attacks.