Denial of service detection through TCP congestion window analysis | IEEE Conference Publication | IEEE Xplore

Denial of service detection through TCP congestion window analysis


Abstract:

Denial of service is a common attack in the Internet which causes significant problems for both users and service providers. Distributed attack sources can be used to enl...Show More

Abstract:

Denial of service is a common attack in the Internet which causes significant problems for both users and service providers. Distributed attack sources can be used to enlarge the attack in case of distributed denial of service (DDoS). Defending against DoS/DDoS attacks generally involves 3 different phases: prevention, detection and response. Detection, the subject of this paper, is one of the key steps in defending against DoS/DDoS attacks as the proper response will be linked to the detection alarm. A good detection technique provides short detection time, low false positive rate, and low computational overhead. This paper presents a novel technique which detects TCP based flooding attacks by using the TCP congestion window which is analysed using the cumulative sum (CUSUM). Network Simulator (NS2) is used to validate the proposed technique.
Date of Conference: 09-12 December 2013
Date Added to IEEE Xplore: 03 March 2014
Electronic ISBN:978-1-908320-22-3
Conference Location: London, UK

Contact IEEE to Subscribe

References

References is not available for this document.