Sciweavers

NDSS
2005
IEEE

On a New Class of Pulsing Denial-of-Service Attacks and the Defense

13 years 9 months ago
On a New Class of Pulsing Denial-of-Service Attacks and the Defense
In this paper we analyze a new class of pulsing denialof-service (PDoS) attacks that could seriously degrade the throughput of TCP flows. During a PDoS attack, periodic pulses of attack packets are sent to a victim. The magnitude of each pulse should be significant enough to cause packet losses. We describe two specific attack models according to the timing of the attack pulses with respect to the TCP’s congestion window movement: timeout-based and AIMD (additive-increasemultiplicative-decrease)-based. We show through an analysis that even a small number of attack pulses can cause significant throughput degradation. The second part of this paper is a novel two-stage scheme to detect PDoS attacks on a victim network. The first stage is based on a wavelet transform used to extract the desired frequency components of the data traffic and ACK traffic. The second stage is to detect change points in the extracted components. Through both simulation and testbed experiments, we verif...
Xiapu Luo, Rocky K. C. Chang
Added 25 Jun 2010
Updated 25 Jun 2010
Type Conference
Year 2005
Where NDSS
Authors Xiapu Luo, Rocky K. C. Chang
Comments (0)