CFP last date
20 January 2025
Reseach Article

Shrew Attack Prevention in RED Queue with Partial Flow Analysis

by Lija Mohan, Jyothish K. John, Bijesh M. G.
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 67 - Number 8
Year of Publication: 2013
Authors: Lija Mohan, Jyothish K. John, Bijesh M. G.
10.5120/11413-6746

Lija Mohan, Jyothish K. John, Bijesh M. G. . Shrew Attack Prevention in RED Queue with Partial Flow Analysis. International Journal of Computer Applications. 67, 8 ( April 2013), 9-15. DOI=10.5120/11413-6746

@article{ 10.5120/11413-6746,
author = { Lija Mohan, Jyothish K. John, Bijesh M. G. },
title = { Shrew Attack Prevention in RED Queue with Partial Flow Analysis },
journal = { International Journal of Computer Applications },
issue_date = { April 2013 },
volume = { 67 },
number = { 8 },
month = { April },
year = { 2013 },
issn = { 0975-8887 },
pages = { 9-15 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume67/number8/11413-6746/ },
doi = { 10.5120/11413-6746 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T21:24:06.965035+05:30
%A Lija Mohan
%A Jyothish K. John
%A Bijesh M. G.
%T Shrew Attack Prevention in RED Queue with Partial Flow Analysis
%J International Journal of Computer Applications
%@ 0975-8887
%V 67
%N 8
%P 9-15
%D 2013
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Shrew Attacks or Low Rate Denial of Service(LDoS) Attacks are initiated by sending large amount of packets for very short span of time such that the packet sending rate crosses the link capacity resulting in network congestion. Compared to Denial of Service (DoS) Attack, LDoS attack is very difficult to be detected because, the attacker can maintain low average packet sending rate while executing an attack. If the rate and interval of LDoS attack is properly estimated and executed, this attack can cause a severe threat to the retransmission time out adjustment of TCP and hence reduce its throughput to near zero. This paper proposes a lightweight LDoS filter which can be added with Preferential Dropping RED, to detect and prevent LDoS packets before they reach RED dropping policy. The advantage of this method is that only partial flows need to be analyzed to detect an attack. Simulations done in NS2 shows that, our method can effectively mitigate LDoS attack while maintaining fairness in bandwidth and low average queuing delay.

References
  1. A. Kuzmanovic and E. W. Knightly, "Low-rate TCP-targeted denial of service attacks and counter strategies," IEEE/ACM Trans. Netw. , vol. 14,no. 4, pp. 683–696, 2006.
  2. Zenghui Liu, Liguo Gua, "Attack simulation and signature extraction of low-rate DoS. " 3rd International Symposium on Intelligent Information Technology and Security Informatics IEEE 2010 Computer Society (2010)
  3. Sandeep Sarat and Andreas Terz, "On the Effect of Router Buffer Sizes on Low-Rate Denial of Service Attacks", IEEE Computer Society (2005)
  4. Jing Zhang, Bo Liu, Huaping Hu, Lin Chen, "Simulation and Analysis of LDoS Attacks", International Conference on Multimedia Information Networking and Security (MINES), 2010.
  5. Karn, Phil; Craig Partridge (11-13 August). "Improving Round-Trip Time Estimates in Reliable Transport Protocols" (PS). ACM SIGCOMM '87. pp. 2–7. http://www. ka9q. net/papers/rtt. ps. gz.
  6. Ratul Mahajan and Sally Floyd AT&T Center for Internet Research at ICSc I (ACIRI)," Controlling High Bandwidth Flows at the Congested Router", In Proceedings of IEEE ICNP 2001, Riverside,CA, Nov. 2001.
  7. S. Floyd and V. Jacobson,"Random Early Detection gateways for congestion avoidance," IEEE/ACM Trans. Netw. , vol. 1, no. 4, pp. 397–413,1993
  8. Changwang Zhang, Jianping Yin, Zhiping Cai, and Weifeng Chen, "RRED: Robust RED Algorithm to Counter Low-Rate Denial-of-Service Attacks", IEEE COMMUNICATIONS LETTERS, VOL. 14, NO. 5, MAY 2010.
  9. Chia-Wei Chang, Seungjoon Lee, Bill Lin and Jia Wang, "The Taming of The Shrew: Mitigating Low-Rate TCP-Targeted Attack", AT&T Labs-Research, Florham Park,, 2011.
Index Terms

Computer Science
Information Sciences

Keywords

LDoS RED-PD RTO TCP Network Security