脉冲式拒绝服务攻击及其防御

doi:10.3969/j.issn.1000-0801.2007.09.014

Abstract

Abstract:

Pulsing-based denial of service attack (PDoS attack) is a recently discovered attack that uses high narrow spikes to throttle TCP flows. Comparing with traditional flooding-based denial of service attacks, PDoS attacks are also effective but much more difficult to detect. In this paper, we analyze the frangibility of TCP congestion control mechanism and the rational of PDoS attack. We also review current detection schemes and discuss their disadvantages. Finally, we propose a new detection scheme basing on traffic digest, which can not only detect aggregative stream containing attack flow but also identify the attack flow.

Key words: PDoS attack, TCP-target attack, traffic digest, anomaly detection

Weizhou Lu,Shunzheng Yu. Pulsing-based Denial of Service Attack and Defense[J]. Telecommunications Science, 2007, 23(9): 1-76.

Figures/Tables 5

References 10

1	Kuzmanovic A , Knightly E W . Low-rate TCP-targeted denial of service attacks: the shrew vs the mice and elephants. In:Proceedings of the ACM SIGCOMM 2003 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communication, Karlsruhe, Germany, August2003
2	Luo X , Chang R K C . On a new class of pulsing denial-of-service attacks and the defense. In: Proceedings of the 12th Annual Network and Distributed System Security Symposium, San Diego, California, USA, February2005
3	Chen Y , Hwang K . Collaborative detection and filtering of shrew DDoS attacks using spectral analysis. Journal of Parallel and Distributed Computing, 2006,66(9)
4	Kuzmanovic A , Knightly E W . Low-rate TCP-targeted denial of service attacks and counter strategies. IEEE/ACM Transactions on Networking, 2006,14(4)
5	Guirguis M , Bestavros A , Matta I . Exploiting the transients of adaptation for RoQ attacks on Internet resources. In:Proceedings of the 12th IEEE International Conference on Network Protocols, Berlin, Germany, October2004
6	Sun H , Lui J C S , Yau D K Y . Defending against low-rate TCP attacks: dynamic detection and protection. In:Proceedings of the 12th IEEE International Conference on Network Protocols, Berlin, Germany, October2004
7	Kwok Y K , et al. HAWK: Halting anomaly with weighted choking to rescue well-behaved TCP sessions from shrew DoS attacks. In:Proceeding of International Conference on Computer Networks and Mobile Computing 2005, Zhangjiajie, China, Aug2005
8	Luo X , et al. Vanguard: a new detection scheme for a class of TCP-targeted denial-of-service attacks. In: Proceeding of the 10th IEEE/IFIP Network Operations and Management Symposium, Vancouver, Canada, April2006
9	Sun H , Lui J C S , Yau D K Y . Distributed mechanism in detecting and defending against the low-rate TCP attack. Computer Networks: The International Journal of Computer and Telecommunications Networking, 2006,50(13)
10	Yu S Z , Kobayashi H . A hidden semi-Markov model with missing data and multiple observation sequences for mobility tracking. Signal Processing, 2003,83(2)

Metrics

Recommended 0

No Suggested Reading articles found!

[1]	Huahua CHEN, Zhe CHEN. Research on anomaly detection algorithm based on sparse variational autoencoder using spike and slab prior [J]. Telecommunications Science, 2022, 38(12): 65-77.
[2]	Su WANG, Hua LU, Shuo WANG, Lei CAI, Tao HUANG. Research progress of KPI anomaly detection in intelligent operation and maintenance [J]. Telecommunications Science, 2021, 37(5): 42-51.
[3]	Huahua CHEN, Zhe CHEN, Chunsheng GUO, Na YING, Xueyi YE, Jianwu ZHANG. Anomaly detection algorithm based on Gaussian mixture variational auto encoder network [J]. Telecommunications Science, 2021, 37(4): 54-61.
[4]	Xiaomin TAN,Ai FANG,Duo JIN,Changjiang LI. Automated anomaly detection of IPTV user experience [J]. Telecommunications Science, 2019, 35(7): 159-164.
[5]	Honghong JIANG,Tao ZHANG,Xinjian ZHAO,Xin QIAN,Tiancheng ZHAO,Lisha GAO. A big data based flow anomaly detection mechanism of electric power information network [J]. Telecommunications Science, 2017, 33(3): 134-141.
[6]	Chuanhuang LI,Cheng CHENG,Xiaoyong YUAN,Lijie CEN,Weiming WANG. Policy conflict detection in software defined network by using deep learning [J]. Telecommunications Science, 2017, 33(11): 27-36.
[7]	Yu Zhang,Lei Dai. Optimizing Network Anomalous Detection Via Heavy Hitter Identification [J]. Telecommunications Science, 2010, 26(3): 46-51.
[8]	Song Yang,Zonglin Li. A Framework of Network-Level OD Flow Anomaly Detection Based on High Aggregate Link Measurement [J]. Telecommunications Science, 2010, 26(10): 121-126.
[9]	Zhou Binbin,Cui Baojiang and Yang Yixian. Research About System-behavior-based Anomaly Detection Technologies [J]. Telecommunications Science, 2009, 25(2): 59-65.
[10]	Binbin Zhou,Baojiang Cui,Yixian Yang. Research About System-behavior-based Anomaly Detection Technologies [J]. Telecommunications Science, 2009, 1(2): 59-65.

Pulsing-based Denial of Service Attack and Defense

RichHTML

PDF下载

Knowledge

Cited

Abstract

Cite this article

share this article

Figures/Tables 5

References 10

Related Articles 10

Metrics

Recommended 0