Detecting Pulsing Denial-of-Service Attacks Based on the Bandwidth Usage Condition

Author

Tsunoda, Hiroshi ; Arai, Kenjirou ; Waizumi, Yuji ; Ansari, Nirwan ; Nemoto, Yoshiaki

Author_Institution

Grad. Sch. of Inf. Sci., TOHOKU Univ., Sendai

fYear

2008

Firstpage

1670

Lastpage

1674

Abstract

Pulsing Denial-of-Service (PDoS) attacks seriously degrade the throughput of TCP flows and consequently pose a grave detrimental effect on network performance. The fact that they generate less traffic than traditional flood-based attacks makes PDoS detection more difficult. Most of the conventional PDoS detection shemes focus on the periodical pattern of the pulse trains. Therefore, attackers can easily escape the detection system by merely controlling the timing of pulse transmission. In this paper, we propose a novel and robust PDoS detection method which capitalizes on the bandwidth usage condition of network traffic in distinguishing the congestion due to normal traffic from that due to PDoS attacks. Simulation experiments have demonstrated the effectiveness of the proposed scheme in detecting PDoS attacks.

Keywords

bandwidth allocation; telecommunication security; telecommunication traffic; transport protocols; PDoS attack detection method; TCP flow throughput; bandwidth usage condition; network traffic; pulsing denial-of-service attacks; Bandwidth; Communication system traffic control; Communications Society; Computer crime; Degradation; Floods; Random variables; Throughput; Timing; Traffic control;

fLanguage

English

Publisher

ieee

Conference_Titel

Communications, 2008. ICC '08. IEEE International Conference on

Conference_Location

Beijing

Print_ISBN

978-1-4244-2075-9

Electronic_ISBN

978-1-4244-2075-9

Type

conf

DOI

10.1109/ICC.2008.322

Filename

4533358