By Topic

Vanguard: A New Detection Scheme for a Class of TCP-targeted Denial-of-Service Attacks

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
Xiapu Luo ; Dept. of Comput., Hong Kong Polytech. Univ., Kowloon ; Chan, E.W.W. ; Chang, R.K.C.

A few low-rate, TCP-targeted denial-of-service (DoS) attacks have been recently proposed, including the shrew attack, reduction of quality (RoQ) attack, and pulsing DoS (PDoS) attack. All of them use periodic attack pulses to throttle TCP flows. These attacks could potentially become major threats to the Internet's stability and therefore they have motivated the development of a number of detection mechanisms for such attacks. However, those detection mechanisms are designed for specific attacks. Moreover, they assume that the period of the attack pulses is a nonzero constant. Unfortunately, these assumptions can be easily thwarted by more sophisticated attack strategies. In this paper, we propose a new detection system called Vanguard to identify a wide range of the aforementioned low-rate, DoS attacks, including the traditional flooding-based attacks as a special case. Vanguard can also detect attacks with randomized attack periods. We have validated Vanguard's efficacy based on extensive test-bed experiments. We have also compared Vanguard with other recently proposed detection systems

Published in:

Network Operations and Management Symposium, 2006. NOMS 2006. 10th IEEE/IFIP

Date of Conference:

3-7 April 2006