Defending Against Low-Rate TCP Attacks: Dynamic Detection and Protection

Berlin, Germany October 05-October 08

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/ICNP.2004.1348110

12th IEEE International Conference on ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Haibin Sun Articles by John C. S. Lui Articles by David K. Y. Yau

	ASCII Text	x
	Haibin Sun, John C. S. Lui, David K. Y. Yau, "Defending Against Low-Rate TCP Attacks: Dynamic Detection and Protection," Network Protocols, IEEE International Conference on, pp. 196-205, 12th IEEE International Conference on Network Protocols (ICNP'04), 2004.

	BibTex	x
	@article{ 10.1109/ICNP.2004.1348110, author = {Haibin Sun and John C. S. Lui and David K. Y. Yau}, title = {Defending Against Low-Rate TCP Attacks: Dynamic Detection and Protection}, journal ={Network Protocols, IEEE International Conference on}, volume = {0}, year = {2004}, issn = {1092-1648}, pages = {196-205}, doi = {http://doi.ieeecomputersociety.org/10.1109/ICNP.2004.1348110}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Network Protocols, IEEE International Conference on TI - Defending Against Low-Rate TCP Attacks: Dynamic Detection and Protection SN - 1092-1648 SP196 EP205 A1 - Haibin Sun, A1 - John C. S. Lui, A1 - David K. Y. Yau, PY - 2004 KW - null VL - 0 JA - Network Protocols, IEEE International Conference on ER -

Haibin Sun, The Chinese University of Hong Kong

John C. S. Lui, The Chinese University of Hong Kong

David K. Y. Yau, Purdue University

We consider a distributed approach to detect and to defend against the low-rate TCP attack. The low-rate TCP attack is essentially a periodic short burst which exploits the homogeneity of the minimum retransmission timeout (RTO) of TCP flows and forces all affected TCP flows to back off and enter the retransmission timeout state. This sort of attack is difficult to identify due to a large family of attack patterns. We propose a distributed detection mechanism which uses the dynamic time warping method to robustly and accurately identify the existence of this sort of attack. Once the attack is detected, a fair resource allocation mechanism is used so that (1) the number of affected TCP flows is minimized, and (2) we provide sufficient resource protection for the affected TCP flows. We report experimental results to quantify the robustness and accuracy of the proposed detection mechanism and the efficiency of the defense method.

Citation:

Haibin Sun, John C. S. Lui, David K. Y. Yau, "Defending Against Low-Rate TCP Attacks: Dynamic Detection and Protection," icnp, pp.196-205, 12th IEEE International Conference on Network Protocols (ICNP'04), 2004

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.