Detecting pulsing denial-of-service attacks based on the bandwidth usage condition

Authors

Hiroshi Tsunoda, Tohoku University
Kenjirou Arai, Tohoku University
Yuji Waizumi, Tohoku University
Nirwan Ansari, Newark College of Engineering
Yoshiaki Nemoto, Tohoku University

Document Type

Conference Proceeding

Publication Date

9-12-2008

Abstract

Pulsing Denial-of-Service (PDoS) attacks seriously degrade the throughput of TCP flows and consequently pose a grave detrimental effect on network performance. The fact that they generate less traffic than traditional flood-based attacks makes PDoS detection more difficult. Most of the conventional PDoS detection shemes focus on the periodical pattern of the pulse trains. Therefore, attackers can easily escape the detection system by merely controlling the timing of pulse transmission. In this paper, we propose a novel and robust PDoS detection method which capitalizes on the bandwidth usage condition of network traffic in distinguishing the congestion due to normal traffic from that due to PDoS attacks. Simulation experiments have demonstrated the effectiveness of the proposed scheme in detecting PDoS attacks. ©2008 IEEE.

Identifier

51249091402 (Scopus)

ISBN

[9781424420742]

Publication Title

IEEE International Conference on Communications

External Full Text Location

https://doi.org/10.1109/ICC.2008.322

ISSN

05361486

First Page

1670

Last Page

1674

Recommended Citation

Tsunoda, Hiroshi; Arai, Kenjirou; Waizumi, Yuji; Ansari, Nirwan; and Nemoto, Yoshiaki, "Detecting pulsing denial-of-service attacks based on the bandwidth usage condition" (2008). Faculty Publications. 12697.
https://digitalcommons.njit.edu/fac_pubs/12697