Title :
Defending against low-rate TCP attacks: dynamic detection and protection
Author :
Sun, Haibin ; Lui, John C S ; Yau, David K Y
Author_Institution :
Dept. of Comput. Sci. & Eng., Chinese Univ. of Hong Kong, China
Abstract :
We consider a distributed approach to detect and to defend against the low-rate TCP attack (A. Kuzmanovic et al., August 2003). The low-rate TCP attack is essentially a periodic short burst which exploits the homogeneity of the minimum retransmission timeout (RTO) of TCP flows and forces all affected TCP flows to back off and enter the retransmission timeout state. This sort of attack is difficult to identify due to a large family of attack patterns. We propose a distributed detection mechanism which uses the dynamic time warping method to robustly and accurately identify the existence of this sort of attack. Once the attack is detected, a fair resource allocation mechanism is used so that (1) the number of affected TCP flows is minimized, and (2) we provide sufficient resource protection for the affected TCP flows. We report experimental results to quantify the robustness and accuracy of the proposed detection mechanism and the efficiency of the defense method.
Keywords :
telecommunication security; time warp simulation; transport protocols; distributed detection mechanism; dynamic time warping method; minimum retransmission timeout; periodic short burst; resource allocation mechanism; transport control protocol attack; Access protocols; Computer science; Engineering profession; Protection; Resource management; Robustness; Sun; Telecommunication traffic; Throughput; Traffic control;
Conference_Titel :
Network Protocols, 2004. ICNP 2004. Proceedings of the 12th IEEE International Conference on
Print_ISBN :
0-7695-2161-4
DOI :
10.1109/ICNP.2004.1348110
