Title :
Is it congestion or a DDoS attack?
Author :
Shevtekar, A. ; Ansari, Nayeem
Author_Institution :
ECE Dept., NJIT, Newark, NJ, USA
fDate :
7/1/2009 12:00:00 AM
Abstract :
We propose a new stealthy DDoS attack model referred to as the "quiet" attack. The attack traffic consists of TCP traffic only. Widely used botnets in today\´s various attacks and newly introduced network feedback control are integral part of the quiet attack model. We show that shortlived TCP flows can be intentionally misused. The quiet attack is detrimental to the Internet traffic and at the same time difficult to be detected by using current defense systems. We demonstrate the inability of representative defense schemes such as adaptive queue management and aggregate congestion control to detect the quiet attack.
Keywords :
Internet; queueing theory; telecommunication congestion control; telecommunication security; telecommunication traffic; transport protocols; DDoS attack; Internet traffic; TCP flows; TCP traffic; adaptive queue management; aggregate congestion control; attack traffic; botnets; network feedback control; quiet attack; Adaptive systems; Aggregates; Bandwidth; Communication system traffic control; Computer crime; IP networks; Internet; Protocols; Telecommunication traffic; Traffic control; DDoS; TCP; router;
Journal_Title :
Communications Letters, IEEE
DOI :
10.1109/LCOMM.2009.090628
