KSII Transactions on Internet and Information Systems (TIIS)

Korean Society for Internet Information (한국인터넷정보학회)
권호 표지
DOI QR코드

DOI QR Code

Robustness of RED in Mitigating LDoS Attack

  • Zhang, Jing (Computer School, National University of Defense Technology) ;
  • Hu, Huaping (Computer School, National University of Defense Technology) ;
  • Liu, Bo (Computer School, National University of Defense Technology)
  • Received : 2011.03.16
  • Accepted : 2011.05.09
  • Published : 2011.05.31
Download PDF
⟨ Previous Next ⟩

Abstract

The Random Early Detection algorithm is widely used in the queue management mechanism of the router. We find that the parameters of the RED algorithm have a significant influence on the defense performance of the random early detection algorithm and discuss the robust of the algorithm in mitigating Low-rate Denial-of-Service attack in details. Simulation results show that the defense performance can be effectively improved by adjusting the parameters of $Q_{min}$ and $Q_{max}$. Some suggestions are given for mitigating the LDoS attack at the end of this paper.

Keywords

References

  1. Kuzmanovic A and Knightly E W, "Low-rate TCP-targeted denial-of-service attacks," in Proc. of Proceedings of 2003 conference on Applications, technologies, architectures, and protocols for computer communications, pp.75-86, Aug. 2003.
  2. Guirguis M, "Reduction of Quality (RoQ) Attacks on Internet end-systems," in Proc. of24th Annual Joint Conference of the IEEE Computer and Communications Societies, pp.1362-1372, Mar. 2005.
  3. Luo X and Chang R, "On a new class of pulsing denial-of-service attacks and the defense," in Proc. of 12th Annual Network & Distributed System Security Symposium, pp.67-85, Feb. 2005.
  4. Ying Zhang, Z. Morely Mao and Jia Wang, "Low-Rate TCP-Targeted DoS Attack Disrupts Internet Routing," in Proc. of 14th Annual Network & Distributed System Security Symposium, pp.1-15, 2007.
  5. S. Floyd and V. Jacobson, "Random early detection gateways for congestion avoidance," IEEE/ACM Transactions on Networking, vol. 1, no. 4, pp. 397-413, Aug. 1993. https://doi.org/10.1109/90.251892
  6. Mahajan R, Floyd S andWetherall D, "Controlling high-bandwidth flows at the congested router," in Proc. of Ninth International Conference on Network Protocols, pp.192-201, 11-14 Nov. 2001.
  7. Sarat S, and Terzis A, "On the effect of router buffer sizes on low-rate denial of service attacks," in Proc. of 4th International Conference on Computer Communications and Networks, pp. 281-286, Oct. 2005.
  8. Kwok Y K, "HAWK: Halting anomalies with weighted choking to rescue well-behaved TCP sessions from shrew DDoS attacks," in Proc. of International Conference on Computer Networks and Mobile Computing, pp.423-432, Aug. 2005.
  9. He Yanxiang, Cao Qiang, Liu Tao, Han Yi and Xiong Qi, "A Low-Rate DoS Detection Method Based on Feature Extraction Using Wavelet Transform," Journal of Software, vol. 20, no. 4, pp. 930-941, Apr.2009.
  10. Changwang Zhang, Jianping Yin, Zhiping Cai and Weifeng Chen, "RRED: Robust RED Algorithm to Counter Low-rate Denial-of-Service Attacks," IEEE Communication Letter, vol. 14, no. 5, pp. 489-491, May 2010. https://doi.org/10.1109/LCOMM.2010.05.091407
  11. Sun H, Lui J and Yau D, "Defending against low-rate TCP attacks: dynamic detection and protection," in Proc. of 12th IEEE International Conference on Network Protocols, pp.196-205, Oct. 2004.
  12. Chen Y and Hwang K, "Collaborative detection and filtering of shrew DDoS attacks using spectral analysis," Journal of Parallel and Distributed Computing, vol. 66, no. 9, pp. 1137-1151, Sep. 2006. https://doi.org/10.1016/j.jpdc.2006.04.007
  13. S. Mc Canne and S. Floyd, "The network simulator: ns-2", 2010 [Online].
  14. Usman Traiq, ManPyo Hong and Kyungsuk LHee, "PMS an expeditious marking scheme to combat with the DDoS attack," in Proc. of 9th International Multitopic Conference, pp.1-4, Dec. 2005.

Cited by

  1. Moving target defense: state of the art and characteristics vol.17, pp.11, 2016, https://doi.org/10.1631/fitee.1601321