Related Concepts
Bandwidth Attacks
Definition
TCP modulation attacks refer to a class of attacks that exploit the TCP congestion control algorithm with the aim to deny bandwidth to legitimate TCP flows. This class of attacks was introduced and analyzed by Kuzmanovic et al. [1, 2]. In their analysis, they showed that an adversary could significantly increase the TCP retransmission time out (RTO) of a TCP connection, essentially reducing its throughput to a small fraction of the link capacity. Unlike DoS flooding attacks, which require an adversary to command a large amount of attack traffic, TCP modulation attacks are low-rate, targeted attacks. These low-rate DoS attacks are successful against both short- and long-lived TCP aggregates and thus represent a realistic threat to today’s Internet.
Low-Rate TCP Attacks
Also called as “shrew” attacks, TCP modulation attacks take advantage of the fact that TCP congestion control operates in two time scales. On smaller time scales of round trip...
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Recommended Reading
Kuzmanovic A, Knightly EW (2006) Low-rate TCP-targeted denial of service attacks and counter strategies. IEEE/ACM Trans Netw 14(4):683–696
Kuzmanovic A, Knightly EW (2003) Low-rate TCP-targeted denial of service attacks: the shrew vs. the mice and elephants. In: Proceedings of the 2003 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications. Karlsruhe, Germany. SIGCOMM ’03. ACM, New York, NY, pp 75–86
Allman M, Paxson V (1999) On estimating end-to-end network path properties. In: ACM SIGCOMM, Vancouver, BC, Canada, pp 263–274
Karn P, Partridge C (1991) Improving round-trip time estimates in reliable transport protocol. ACM Trans Comput Syst 9(4):364–373
Paxson V, Allman M (2000) Computing TCP’s retransmission timer. Internet RFC 2988
Hoe J (1996) Improving the start-up behavior of a congestion control scheme for TCP. In: Proceedings of ACM SIGCOMM. Stanford, CA, pp 270–280
Floyd S, Madhave J, Mathis M, Podolsky M (2000) An extension to the selective acknowledgement (SACK) option for TCP. Internet RFC 2883
Fall K, Floyd S (1996) Simulation-based comparison of Tahoe, Reno and SACK TCP. ACM Comput Commun Rev 5(3):5–21
Pain R, Prabhakar B, Psounis K (2000) CHOKe, a stateless active queue management scheme for approximating fair bandwidth allocation. In: Proceedings of IEEE INFOCOM ’00. Tel Aviv, Israel
Mahajan R, Floyd S, Wetherall D (2001) Controlling high-bandwidth flows at the congested router. In: Proceedings of IEEE ICNP ’01, Riverside, CA
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer Science+Business Media, LLC
About this entry
Cite this entry
Stavrou, A. (2011). TCP Modulation Attacks. In: van Tilborg, H.C.A., Jajodia, S. (eds) Encyclopedia of Cryptography and Security. Springer, Boston, MA. https://doi.org/10.1007/978-1-4419-5906-5_277
Download citation
DOI: https://doi.org/10.1007/978-1-4419-5906-5_277
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4419-5905-8
Online ISBN: 978-1-4419-5906-5
eBook Packages: Computer ScienceReference Module Computer Science and Engineering