Title :
A round-trip time-based prevention technique to secure LEO satellite networks from denial-of-service attacks
Author :
Taleb, Tarik ; Kato, Nei ; Nemoto, Yoshiaki
Author_Institution :
Graduate Sch. of Inf. Sci., Tohoku Univ., Sendai, Japan
Abstract :
This paper discusses the protection of satellite systems from denial-of-service (DoS) attacks which are a serious security threat in today´s Internet. A method is proposed to detect DoS attacks in the vicinity of flooding sources and in early stages before they cripple the system. The fundamental challenge in attack detection consists in distinguishing between simple flash events and DoS attacks so as not to deprive innocent users from having legitimate access. In the proposed mechanism, this distinction is based on the fact that legitimate TCP flows obey the congestion control protocol, whereas misbehaving sources remain unresponsive. Suspicious flows are sent a test feedback and are required to decrease their sending rates. Legitimacy of such flows is decided based on their responsiveness. The scheme performance is evaluated through a set of simulations and encouraging results are obtained: short detection latency and high detection accuracy.
Keywords :
Internet; satellite communication; telecommunication congestion control; telecommunication security; transport protocols; DoS attack detection; Internet; LEO satellite networks; TCP flows; congestion control protocol; denial-of-service attacks; detection accuracy; detection latency; flash events; flooding sources; flow responsiveness; round-trip time-based prevention technique; satellite system protection; sending rate change request response; suspicious flow feedback test; Access protocols; Computer crime; Delay; Event detection; Feedback; Floods; Internet; Low earth orbit satellites; Protection; Testing;
Conference_Titel :
Vehicular Technology Conference, 2004. VTC2004-Fall. 2004 IEEE 60th
Print_ISBN :
0-7803-8521-7
DOI :
10.1109/VETECF.2004.1404831
