Title

Assessing the effectiveness of pulsing denial of service attacks under realistic network synchronization assumptions

Document Type

Article

Publication Date

5-22-2020

Abstract

Distributed Denial-of-Service (DDoS) is a big threat to the availability of Internet-based services today. Low rate DDoS attacks, especially pulsing attacks, aim to degrade the Quality of Service experienced by users by using only a small amount of attack traffic, unlike conventional volume-based DDoS attacks. To improve the effectiveness and stealthiness, these pulsing attacks assume that the attack packet is concentrated on the server in a very short time (a few milliseconds) using state-of-the-art synchronization techniques. However, even with the most advanced technology in the real world, it is almost impossible to achieve this tight level of synchronization, which means the effectiveness of the pulsing attack can be overestimated based on the exceeded assumption. In this paper, we use the Very Short Intermittent DDoS attack (VSI-DDoS) as an example to measure the practical effectiveness of a pulsing attack in a realistic environment. We found that VSI-DDoSbecame substantially less effective. That is, it lost 85.7% in terms of effectiveness under about 90ms synchronization inaccuracy, which is a very small inaccuracy under normal network conditions.

DOI

10.1016/j.comnet.2020.107146

Publication Title

Computer Networks

Volume Number

173

ISSN

13891286

This document is currently not available here.

Share

COinS