Analysis of low-rate TCP DoS attack against FAST TCP

Low rate TCP DoS attack is a novel kind of attacks discovered by Kuzmanovic. According to several experiments, it is very effective in degrading the normal TCP sender's throughput. FAST TCP is a delay-based transport layer protocol; it is used to transfer data in high bandwidth-delay environment. FAST TCP has a different congestion control mechanism from TCP Reno. Through simulations and test-bed experiments we demonstrate the low rate TCP DoS attack to FAST TCP in high speed network. Analyses indicate that this kind of attack can affect the performance of FAST TCP. We also analyze the performance of the attack. At the end of this paper, two methods are proposed to mitigate the attack

[1]  K. Hwang,et al.  HAWK : Halting Anomaly with Weighted ChoKing to Rescue Well-Behaved TCP Sessions from Shrew DoS Attacks , 2004 .

[2]  Xiapu Luo,et al.  Vanguard: A New Detection Scheme for a Class of TCP-targeted Denial-of-Service Attacks , 2006, 2006 IEEE/IFIP Network Operations and Management Symposium NOMS 2006.

[3]  Vern Paxson,et al.  Computing TCP's Retransmission Timer , 2000, RFC.

[4]  Y. Zhang,et al.  An implementation and experimental study of the explicit control protocol (XCP) , 2005, Proceedings IEEE 24th Annual Joint Conference of the IEEE Computer and Communications Societies..

[5]  Marco Mellia,et al.  TCP model for short lived flows , 2002, IEEE Communications Letters.

[6]  Kai Hwang,et al.  HAWK: Halting Anomalies with Weighted Choking to Rescue Well-Behaved TCP Sessions from Shrew DDoS Attacks , 2005, ICCNMC.

[7]  Mark Handley,et al.  Congestion control for high bandwidth-delay product networks , 2002, SIGCOMM.

[8]  Cheng Jin,et al.  FAST TCP: Motivation, Architecture, Algorithms, Performance , 2006, IEEE/ACM Transactions on Networking.

[9]  Xiapu Luo,et al.  On a New Class of Pulsing Denial-of-Service Attacks and the Defense , 2005, NDSS.

[10]  Mark Handley,et al.  Congestion control for high bandwidth-delay product networks , 2002, SIGCOMM '02.

[11]  David K. Y. Yau,et al.  Defending against low-rate TCP attacks: dynamic detection and protection , 2004, Proceedings of the 12th IEEE International Conference on Network Protocols, 2004. ICNP 2004..

[12]  Luigi Rizzo,et al.  Dummynet: a simple approach to the evaluation of network protocols , 1997, CCRV.