TCP-targeted low-rate distributed denial-of-service (LDDoS) attacks were first introduced by A. Kuzmanovic and E. Knightly in 2003. The authors also proposed a simple model to quantify TCP throughput under LDDoS attacks. Since then, there have been many researchers attemping to estimate the throughput, such as Luo et al. We agree with them upon the sketch of TCP congestion window under a successful LDDoS attack but we find out that there are more cases than what has been specified. Moreover, the relative error of Luo’s estimation method is still high. Our goal in this paper is to propose a simple but more accurate method to estimate TCP throughput of a single TCP flow under such DDoS attacks. Our estimation values in various scenarios are compared with the results of simulations performed with NS-2 simulator, so that the effectiveness of our method is illustrated.
[1]
Thanh Thuy Nguyen,et al.
Using CPR Metric to Detect and Filter Low-Rate DDoS Flows
,
2017,
SoICT.
[2]
Thanh Thuy Nguyen,et al.
Techniques for Improving Performance of the CPR-Based Approach
,
2018,
SoICT 2018.
[3]
Guido Appenzeller,et al.
Sizing router buffers
,
2004,
SIGCOMM '04.
[4]
Scott Shenker,et al.
Some observations on the dynamics of a congestion control algorithm
,
1990,
CCRV.
[5]
Jie Xu,et al.
On a Mathematical Model for Low-Rate Shrew DDoS
,
2014,
IEEE Transactions on Information Forensics and Security.