Assessing the effectiveness of pulsing denial of service attacks under realistic network synchronization assumptions

Jeman Park, Manar Mohaisen, Dae Hun Nyang, Aziz Mohaisen

Research output: Contribution to journalArticlepeer-review

4 Scopus citations

Abstract

Distributed Denial-of-Service (DDoS) is a big threat to the availability of Internet-based services today. Low rate DDoS attacks, especially pulsing attacks, aim to degrade the Quality of Service experienced by users by using only a small amount of attack traffic, unlike conventional volume-based DDoS attacks. To improve the effectiveness and stealthiness, these pulsing attacks assume that the attack packet is concentrated on the server in a very short time (a few milliseconds) using state-of-the-art synchronization techniques. However, even with the most advanced technology in the real world, it is almost impossible to achieve this tight level of synchronization, which means the effectiveness of the pulsing attack can be overestimated based on the exceeded assumption. In this paper, we use the Very Short Intermittent DDoS attack (VSI-DDoS) as an example to measure the practical effectiveness of a pulsing attack in a realistic environment. We found that VSI-DDoSbecame substantially less effective. That is, it lost 85.7% in terms of effectiveness under about 90ms synchronization inaccuracy, which is a very small inaccuracy under normal network conditions.

Original languageEnglish
Article number107146
JournalComputer Networks
Volume173
DOIs
StatePublished - 22 May 2020

Bibliographical note

Publisher Copyright:
© 2020

Keywords

  • Evaluation
  • Low-rate DDos
  • Time synchronization

Fingerprint

Dive into the research topics of 'Assessing the effectiveness of pulsing denial of service attacks under realistic network synchronization assumptions'. Together they form a unique fingerprint.

Cite this