ON THE DESIGN OF A LOW-RATE DOS ATTACK AGAINST ITERATIVE SERVERS

Gabriel Maciá-Fernández, Jesús E. Díaz-Verdejo, Pedro García-Teodoro

Abstract

Recent research exposes the vulnerability of current networked applications to a family of low-rate DoS attacks based on timing mechanisms. A kind of those attacks is targeted against iterative servers and employs an ON/OFF scheme to send attack packets during the chosen critical periods. The overall behaviour of the attack is well known and its effectiveness has been demonstrated in previous works. Nevertheless, it is possible to achieve a trade off between the performance of the attack and its detectability. This can be done by tuning some parameters of the attack waveform according to the needs of the attacker and the deployed detection mechanisms. In this paper, a mathematical model for the relationship among those parameters and their impact in the performance of the attack is evaluated. The main goal of the model is to provide a better understanding of the dynamics of the attack, which is explored through simulation. The results obtained point out the model as accurate, thus providing a framework feasible to be used to tune the attack.

References

  1. Axelsson, S. (2000). Intrusion detection systems: A survey and taxonomy. Technical Report 99-15, Department of Computer Engineering, Chalmers Univ., Goteborg.
  2. Douligeris, Christos; Mitrokotsa, A. (2004). DDoS attacks and defense mechanisms: classification and state-ofthe-art. Computer Networks, 44(5):643-666.
  3. Fall, Kevin; Varadhan, K. (2006). The ns manual. Retrieved from http://www.isi.edu/nsnam/ns/.
  4. Ferguson, P.; Senie, D. (2001). Network ingress filtering: defeating denial of service attacks which employ ip source address spoofing. RFC 2827.
  5. Geng, X.; Whinston, A. (2000). Defeating distributed denial of service attacks. IEEE IT Professional, 2(4):36- 42.
  6. Kuzmanovic, A.; Knightly, E. (2003). Low rate TCPtargeted denial of service attacks (The shrew vs. the mice and elephants). In Proc. ACM SIGCOMM'03, pages 75-86.
  7. Maciá-Fernández, G., Díaz-Verdejo, J., and GarcíaTeodoro, P. (2006a). Evaluation of a low-rate dos attack against iterative servers. Submitted to Computer Networks.
  8. Maciá-Fernández, G., Díaz-Verdejo, J., and GarcíaTeodoro, P. (2006b). Low rate dos attack to monoprocess servers. Lecture Notes in Computer Science, 3934:43-47.
  9. Coordination Center (2003).
  10. SANS Institute (2000). Special notice - egress filtering. global incident analysis center.
  11. Shevtekar, A., Anantharam, K., and Ansari, N. (2005). Low rate tcp denial-of-service attack detection at edge routers. IEEE Communications Letters, 9(4):363- 365.
  12. Sun, H., Lui, J., and Yau, D. (2004). Defending against lowrate tcp attacks: Dynamic detection and protection. In Proc. of the IEEE Conference on Network Protocols (ICNP2004), pages 196-205.
  13. Weiler, N. (2002). Honeypots for distributed denial of service. In Proc. of the Eleventh IEEE International Workshops Enabling Technologies: Infrastructure for Collaborative Enterprises 2002, pages 109-114.
  14. Williams, M. (2000). Ebay, Amazon, Buy.com hit by attacks, 02/09/00. Retrieved from http://www.nwfusion.com/news/2000/0209attack.html.
Download


Paper Citation


in Harvard Style

Maciá-Fernández G., E. Díaz-Verdejo J. and García-Teodoro P. (2006). ON THE DESIGN OF A LOW-RATE DOS ATTACK AGAINST ITERATIVE SERVERS . In Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2006) ISBN 978-972-8865-63-4, pages 149-156. DOI: 10.5220/0002103301490156


in Bibtex Style

@conference{secrypt06,
author={Gabriel Maciá-Fernández and Jesús E. Díaz-Verdejo and Pedro García-Teodoro},
title={ON THE DESIGN OF A LOW-RATE DOS ATTACK AGAINST ITERATIVE SERVERS},
booktitle={Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2006)},
year={2006},
pages={149-156},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0002103301490156},
isbn={978-972-8865-63-4},
}


in EndNote Style

TY - CONF
JO - Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2006)
TI - ON THE DESIGN OF A LOW-RATE DOS ATTACK AGAINST ITERATIVE SERVERS
SN - 978-972-8865-63-4
AU - Maciá-Fernández G.
AU - E. Díaz-Verdejo J.
AU - García-Teodoro P.
PY - 2006
SP - 149
EP - 156
DO - 10.5220/0002103301490156