Browse > Article
http://dx.doi.org/10.3837/tiis.2011.05.012

Robustness of RED in Mitigating LDoS Attack  

Zhang, Jing (Computer School, National University of Defense Technology)
Hu, Huaping (Computer School, National University of Defense Technology)
Liu, Bo (Computer School, National University of Defense Technology)
Publication Information
KSII Transactions on Internet and Information Systems (TIIS) / v.5, no.5, 2011 , pp. 1085-1100 More about this Journal
Abstract
The Random Early Detection algorithm is widely used in the queue management mechanism of the router. We find that the parameters of the RED algorithm have a significant influence on the defense performance of the random early detection algorithm and discuss the robust of the algorithm in mitigating Low-rate Denial-of-Service attack in details. Simulation results show that the defense performance can be effectively improved by adjusting the parameters of $Q_{min}$ and $Q_{max}$. Some suggestions are given for mitigating the LDoS attack at the end of this paper.
Keywords
Low-rate denial-of-service; mitigate; attack; defense performance;
Citations & Related Records

Times Cited By Web Of Science : 2  (Related Records In Web of Science)
Times Cited By SCOPUS : 3
연도 인용수 순위
  • Reference
1 Changwang Zhang, Jianping Yin, Zhiping Cai and Weifeng Chen, "RRED: Robust RED Algorithm to Counter Low-rate Denial-of-Service Attacks," IEEE Communication Letter, vol. 14, no. 5, pp. 489-491, May 2010.   DOI
2 Sun H, Lui J and Yau D, "Defending against low-rate TCP attacks: dynamic detection and protection," in Proc. of 12th IEEE International Conference on Network Protocols, pp.196-205, Oct. 2004.
3 Chen Y and Hwang K, "Collaborative detection and filtering of shrew DDoS attacks using spectral analysis," Journal of Parallel and Distributed Computing, vol. 66, no. 9, pp. 1137-1151, Sep. 2006.   DOI   ScienceOn
4 S. Mc Canne and S. Floyd, "The network simulator: ns-2", 2010 [Online].
5 Usman Traiq, ManPyo Hong and Kyungsuk LHee, "PMS an expeditious marking scheme to combat with the DDoS attack," in Proc. of 9th International Multitopic Conference, pp.1-4, Dec. 2005.
6 S. Floyd and V. Jacobson, "Random early detection gateways for congestion avoidance," IEEE/ACM Transactions on Networking, vol. 1, no. 4, pp. 397-413, Aug. 1993.   DOI   ScienceOn
7 Mahajan R, Floyd S andWetherall D, "Controlling high-bandwidth flows at the congested router," in Proc. of Ninth International Conference on Network Protocols, pp.192-201, 11-14 Nov. 2001.
8 Sarat S, and Terzis A, "On the effect of router buffer sizes on low-rate denial of service attacks," in Proc. of 4th International Conference on Computer Communications and Networks, pp. 281-286, Oct. 2005.
9 Kwok Y K, "HAWK: Halting anomalies with weighted choking to rescue well-behaved TCP sessions from shrew DDoS attacks," in Proc. of International Conference on Computer Networks and Mobile Computing, pp.423-432, Aug. 2005.
10 He Yanxiang, Cao Qiang, Liu Tao, Han Yi and Xiong Qi, "A Low-Rate DoS Detection Method Based on Feature Extraction Using Wavelet Transform," Journal of Software, vol. 20, no. 4, pp. 930-941, Apr.2009.
11 Ying Zhang, Z. Morely Mao and Jia Wang, "Low-Rate TCP-Targeted DoS Attack Disrupts Internet Routing," in Proc. of 14th Annual Network & Distributed System Security Symposium, pp.1-15, 2007.
12 Kuzmanovic A and Knightly E W, "Low-rate TCP-targeted denial-of-service attacks," in Proc. of Proceedings of 2003 conference on Applications, technologies, architectures, and protocols for computer communications, pp.75-86, Aug. 2003.
13 Guirguis M, "Reduction of Quality (RoQ) Attacks on Internet end-systems," in Proc. of24th Annual Joint Conference of the IEEE Computer and Communications Societies, pp.1362-1372, Mar. 2005.
14 Luo X and Chang R, "On a new class of pulsing denial-of-service attacks and the defense," in Proc. of 12th Annual Network & Distributed System Security Symposium, pp.67-85, Feb. 2005.