Detecting Pulsing Denial-of-Service Attacks Based on the Bandwidth Usage Condition

Pulsing Denial-of-Service (PDoS) attacks seriously degrade the throughput of TCP flows and consequently pose a grave detrimental effect on network performance. The fact that they generate less traffic than traditional flood-based attacks makes PDoS detection more difficult. Most of the conventional...

Full description

Saved in:
Bibliographic Details
Published in2008 IEEE International Conference on Communications pp. 1670 - 1674
Main Authors Tsunoda, H., Arai, K., Waizumi, Y., Ansari, N., Nemoto, Y.
Format Conference Proceeding
LanguageEnglish
Published IEEE 01.05.2008
Subjects
Bandwidth
Communication system traffic control
Communications Society
Computer crime
Degradation
Floods
Random variables
Throughput
Timing
Traffic control
Online AccessGet full text

Cover

More Information
Summary:Pulsing Denial-of-Service (PDoS) attacks seriously degrade the throughput of TCP flows and consequently pose a grave detrimental effect on network performance. The fact that they generate less traffic than traditional flood-based attacks makes PDoS detection more difficult. Most of the conventional PDoS detection shemes focus on the periodical pattern of the pulse trains. Therefore, attackers can easily escape the detection system by merely controlling the timing of pulse transmission. In this paper, we propose a novel and robust PDoS detection method which capitalizes on the bandwidth usage condition of network traffic in distinguishing the congestion due to normal traffic from that due to PDoS attacks. Simulation experiments have demonstrated the effectiveness of the proposed scheme in detecting PDoS attacks.
ISSN:1550-3607
1938-1883
DOI:10.1109/ICC.2008.322