By Topic

Defense against low-rate TCP-targeted denial-of-service attacks

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

The purchase and pricing options are temporarily unavailable. Please try again later.
3 Author(s)
Guang Yang ; Dept. of Comput. Sci., California Univ., Los Angeles, CA, USA ; Gerla, M. ; Sanadidi, M.Y.

Low-rate TCP-targeted denial-of-service (DoS) attacks aim at the fact that most operating systems in use today have a common base TCP retransmission timeout (RTO) of 1 sec. An attacker injects periodic bursts of packets to fill the bottleneck queue and forces TCP connections to timeout with near-zero throughput. This work proposes randomization on TCP RTO as defense against such attacks. With RTO randomization, an attacker cannot predict the next TCP timeout and consequently cannot inject the burst at the exact instant. An analytic performance model on the throughput of randomized TCP is developed and validated. Simulation results show that randomization can effectively mitigate the impact of such DoS attacks while maintaining fairness and friendliness to other connections.

Published in:

Computers and Communications, 2004. Proceedings. ISCC 2004. Ninth International Symposium on  (Volume:1 )

Date of Conference:

28 June-1 July 2004