Collaborative detection and filtering of shrew DDoS attacks using spectral analysis
Journal of Parallel and Distributed Computing - Special issue: Security in grid and distributed systems
On the impact of active queue management on VoIP quality of service
Computer Communications
Cybersecurity for critical infrastructures: attack and defense modeling
IEEE Transactions on Systems, Man, and Cybernetics, Part A: Systems and Humans
Flow level detection and filtering of low-rate DDoS
Computer Networks: The International Journal of Computer and Telecommunications Networking
| Hi-index | 0.00 |
The interaction between TCP and various Active Queue Management (AQM) algorithms has been extensively analyzed for the last few years. However, the analysis usually assumed that routers and TCP flows are not under any network attacks. In this paper, we investigate how the performance of TCP flows is affected by denial-of-service (DoS) attacks under the Drop Tail and various AQM schemes. In particular, we consider two types of DoS attacks the traditional flooding-based DoS (FDDoS) attacks and the recently proposed Pulsing DoS (PDoS) attacks. Both analytical and simulation results support that the PDoS attacks are more effective than the FDDoS attacks under the same average attack rate. Moreover, the Drop Tail surprisingly outperforms the RED-like AQMs when the router is under a PDoS attack, whereas the RED-like AQMs perform better under a severe FDDoS attack. On the other hand, the Adaptive Virtual Queue algorithm can retain a higher TCP throughput during PDoS attacks as compared with the RED-like AQMs.