Abstract
Variability of end-to-end paths is an important issue which affects the effectiveness of Low-rate Denial-of-Service (LDoS) attacks and the corresponding detection methods. It remains unclear how and to what extent an LDoS flow will be affected by the end-to-end delay in the Internet. In this paper, we investigate the LDoS flow variations using the method of similarity measurement of time series. We establish the LDoS Measuring Model and the Packet Arriving Model to analyze differences in packet sequence pattern, and propose new metrics to measure the similarity of two time series. Using real data sampled on PlanetLab from the Internet, we reveal a neglected but important fact: LDoS flows on PlanetLab perform differently with flows on home networks. Thus, the threat of CXPST attack on the Internet’s inter-domain routing system may not be so serious than what has been expected in previous work due to the variation of end-to-end paths.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Kuzmanovic, A., Knightly, E.W.: Low-rate TCP-targeted denial of Service Attacks. In: Proceedings of ACM SIGOMM 2003, Karlsruhe, Germany, pp. 75–86 (2003)
Luo, X., Chang, R.K.C.: On a new class of pulsing denial-of-service attacks and the defense. In: Proceedings of the ISOC Symposium on Network and Distributed Systems Security (SNDSS), pp. 61–79 (2005)
Zhang, Y., Mao, Z.M., Wang, J.: Low-rate tcp-targeted dos attack disrupts internet routing. In: Proc. 14th Annual Network & Distributed System Security Symposium, pp. 1–15 (2007)
Schuchard, M., Mohaisen, A., Foo Kune, D., et al.: Losing control of the internet: using the data plane to attack the control plane. In: Proceedings of the 17th ACM Conference on Computer and Communications Security, pp. 726–728. ACM (2010)
Wang, L., Peng, W., Huang, Z., Wang, Y.: An Analysis of Impact of End-to-end Delay on LDoS Flows in the Internet. In: IMCCC 2012, Haerbin, China (2012)
Kwok, Y.-K., Tripathi, R., Chen, Y., Hwang, K.: HAWK: Halting anomalies with weighted choking to rescue well-behaved TCP sessions from shrew dDoS attacks. In: Lu, X., Zhao, W. (eds.) ICCNMC 2005. LNCS, vol. 3619, pp. 423–432. Springer, Heidelberg (2005)
Sun, H., Lui, J.C.S., Yau, D.K.Y.: Defending against low-rate TCP attacks: Dynamic detection and protection. In: Proceedings of the 12th IEEE International Conference on Network Protocols, ICNP 2004, pp. 196–205. IEEE (2004)
Zhang, C., Yin, J., Cai, Z., et al.: RRED: robust RED algorithm to counter low-rate denial-of-service attacks. IEEE Communications Letters 14(5), 489–491 (2010)
Shiyuan, L., Hao, J.: Study of the conception of the similarity in time series. Huazhong Univ. of Sci. & Tech. (Nature Science Edition) 32, 75 (2004)
Alter, O., Brown, P.O., Botstein, D.: Singular value decomposition for genome-wide expression data processing and modeling. Proceedings of the National Academy of Sciences 97(18), 10101–10106 (2000)
Keogh, E., Pazzani, M.: An Enhanced Representation of Time Series Which Allows Fast and Accurate Classification, Clustering and Relevance Feedback. In: Proceedings of the 4th International Conference on Knowledge Discovery and Data Mining, New York, NY, August 27-31, pp. 239–241 (1998)
Chen, Y., Hwang, K., Kwok, Y.-K.: Filtering of Shrew DDoS Attacks in Frequency Domain. In: The First IEEE LCN Workshop on Network Security (WoNS 2005), Sydney, Australia, pp. 786–793 (January 2005)
Chen, K., Liu, H., Chen, X.: EBDT: A Method for Detecting LDoS Attack. In: Proceeding of the IEEE International Conference on Information and Automation. Shenyang, China, pp. 911–916 (June 2012)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Huang, Z., Peng, W., Wang, Y., Zhao, R. (2013). A Study of LDoS Flows Variations Based on Similarity Measurement. In: Pathan, M., Wei, G., Fortino, G. (eds) Internet and Distributed Computing Systems. IDCS 2013. Lecture Notes in Computer Science, vol 8223. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-41428-2_17
Download citation
DOI: https://doi.org/10.1007/978-3-642-41428-2_17
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-41427-5
Online ISBN: 978-3-642-41428-2
eBook Packages: Computer ScienceComputer Science (R0)