TY - JOUR
T1 - Assessing the effectiveness of pulsing denial of service attacks under realistic network synchronization assumptions
AU - Park, Jeman
AU - Mohaisen, Manar
AU - Nyang, Dae Hun
AU - Mohaisen, Aziz
N1 - Publisher Copyright:
© 2020
PY - 2020/5/22
Y1 - 2020/5/22
N2 - Distributed Denial-of-Service (DDoS) is a big threat to the availability of Internet-based services today. Low rate DDoS attacks, especially pulsing attacks, aim to degrade the Quality of Service experienced by users by using only a small amount of attack traffic, unlike conventional volume-based DDoS attacks. To improve the effectiveness and stealthiness, these pulsing attacks assume that the attack packet is concentrated on the server in a very short time (a few milliseconds) using state-of-the-art synchronization techniques. However, even with the most advanced technology in the real world, it is almost impossible to achieve this tight level of synchronization, which means the effectiveness of the pulsing attack can be overestimated based on the exceeded assumption. In this paper, we use the Very Short Intermittent DDoS attack (VSI-DDoS) as an example to measure the practical effectiveness of a pulsing attack in a realistic environment. We found that VSI-DDoSbecame substantially less effective. That is, it lost 85.7% in terms of effectiveness under about 90ms synchronization inaccuracy, which is a very small inaccuracy under normal network conditions.
AB - Distributed Denial-of-Service (DDoS) is a big threat to the availability of Internet-based services today. Low rate DDoS attacks, especially pulsing attacks, aim to degrade the Quality of Service experienced by users by using only a small amount of attack traffic, unlike conventional volume-based DDoS attacks. To improve the effectiveness and stealthiness, these pulsing attacks assume that the attack packet is concentrated on the server in a very short time (a few milliseconds) using state-of-the-art synchronization techniques. However, even with the most advanced technology in the real world, it is almost impossible to achieve this tight level of synchronization, which means the effectiveness of the pulsing attack can be overestimated based on the exceeded assumption. In this paper, we use the Very Short Intermittent DDoS attack (VSI-DDoS) as an example to measure the practical effectiveness of a pulsing attack in a realistic environment. We found that VSI-DDoSbecame substantially less effective. That is, it lost 85.7% in terms of effectiveness under about 90ms synchronization inaccuracy, which is a very small inaccuracy under normal network conditions.
KW - Evaluation
KW - Low-rate DDos
KW - Time synchronization
UR - http://www.scopus.com/inward/record.url?scp=85082135248&partnerID=8YFLogxK
U2 - 10.1016/j.comnet.2020.107146
DO - 10.1016/j.comnet.2020.107146
M3 - Article
AN - SCOPUS:85082135248
SN - 1389-1286
VL - 173
JO - Computer Networks
JF - Computer Networks
M1 - 107146
ER -