Optimizing the pulsing denial-of-service attacks

Author

Luo, Xiapu ; Chang, Rocky K C

Author_Institution

Dept. of Comput., Hong Kong Polytech. Univ., Kowloon, CHINA

fYear

2005

fDate

28 June-1 July 2005

Firstpage

582

Lastpage

591

Abstract

In this paper we consider how to optimize a new generation of pulsing denial-of-service (PDoS) attacks from the attackers´ points of views. The PDoS attacks are ´smarter´ than the traditional attacks in several aspects. The most obvious one is that they require fewer attack packets to cause a similar damage. Another is that the PDoS attacks can be tuned to achieve different effects. This paper concentrates on the attack tuning part. In particular, we consider two conflicting goals involved in launching a PDoS attack: (1) maximizing the throughput degradation and (2) minimizing the risk of being detected. To address this problem, we first analyze the TCP throughput and quasi-global synchronization phenomenon caused by the PDoS attack. We then propose a family of objective functions to incorporate the two conflicting goals, and obtain the optimal attack settings. To validate the analytical results, we have carried out extensive experiments using both ns-2 simulation and a test-bed. The overall experimental results match well with the analytical results.

Keywords

computer crime; telecommunication security; transport protocols; TCP throughput; ns-2 simulation; pulsing PDoS attacks; pulsing denial-of-service attack optimization; quasiglobal synchronization phenomenon; risk minimization; throughput degradation maximization; Analytical models; Application software; Computational modeling; Computer crime; Computer security; Computer vision; Degradation; Floods; Testing; Throughput;

fLanguage

English

Publisher

ieee

Conference_Titel

Dependable Systems and Networks, 2005. DSN 2005. Proceedings. International Conference on

Print_ISBN

0-7695-2282-3

Type

conf

DOI

10.1109/DSN.2005.75

Filename

1467832