Detecting pulsing denial-of-service attacks based on the bandwidth usage condition

Hiroshi Tsunoda; Kenjirou Arai; Yuji Waizumi; Nirwan Ansari; Yoshiaki Nemoto

doi:10.1109/ICC.2008.322

Detecting pulsing denial-of-service attacks based on the bandwidth usage condition

Hiroshi Tsunoda, Kenjirou Arai, Yuji Waizumi, Nirwan Ansari, Yoshiaki Nemoto

Electrical and Computer Engineering

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

Pulsing Denial-of-Service (PDoS) attacks seriously degrade the throughput of TCP flows and consequently pose a grave detrimental effect on network performance. The fact that they generate less traffic than traditional flood-based attacks makes PDoS detection more difficult. Most of the conventional PDoS detection shemes focus on the periodical pattern of the pulse trains. Therefore, attackers can easily escape the detection system by merely controlling the timing of pulse transmission. In this paper, we propose a novel and robust PDoS detection method which capitalizes on the bandwidth usage condition of network traffic in distinguishing the congestion due to normal traffic from that due to PDoS attacks. Simulation experiments have demonstrated the effectiveness of the proposed scheme in detecting PDoS attacks.

Original language	English (US)
Title of host publication	ICC 2008 - IEEE International Conference on Communications, Proceedings
Pages	1670-1674
Number of pages	5
DOIs	https://doi.org/10.1109/ICC.2008.322
State	Published - Sep 12 2008
Event	IEEE International Conference on Communications, ICC 2008 - Beijing, China Duration: May 19 2008 → May 23 2008

Other

Other	IEEE International Conference on Communications, ICC 2008
Country/Territory	China
City	Beijing
Period	5/19/08 → 5/23/08

All Science Journal Classification (ASJC) codes

Computer Networks and Communications
Electrical and Electronic Engineering

Access to Document

10.1109/ICC.2008.322

Cite this

@inproceedings{8beb7cc500b4436ba6bd9ee6322c9d92,

title = "Detecting pulsing denial-of-service attacks based on the bandwidth usage condition",

abstract = "Pulsing Denial-of-Service (PDoS) attacks seriously degrade the throughput of TCP flows and consequently pose a grave detrimental effect on network performance. The fact that they generate less traffic than traditional flood-based attacks makes PDoS detection more difficult. Most of the conventional PDoS detection shemes focus on the periodical pattern of the pulse trains. Therefore, attackers can easily escape the detection system by merely controlling the timing of pulse transmission. In this paper, we propose a novel and robust PDoS detection method which capitalizes on the bandwidth usage condition of network traffic in distinguishing the congestion due to normal traffic from that due to PDoS attacks. Simulation experiments have demonstrated the effectiveness of the proposed scheme in detecting PDoS attacks.",

author = "Hiroshi Tsunoda and Kenjirou Arai and Yuji Waizumi and Nirwan Ansari and Yoshiaki Nemoto",

year = "2008",

month = sep,

day = "12",

doi = "10.1109/ICC.2008.322",

language = "English (US)",

isbn = "9781424420742",

pages = "1670--1674",

booktitle = "ICC 2008 - IEEE International Conference on Communications, Proceedings",

note = "IEEE International Conference on Communications, ICC 2008 ; Conference date: 19-05-2008 Through 23-05-2008",

}

TY - GEN

T1 - Detecting pulsing denial-of-service attacks based on the bandwidth usage condition

AU - Tsunoda, Hiroshi

AU - Arai, Kenjirou

AU - Waizumi, Yuji

AU - Ansari, Nirwan

AU - Nemoto, Yoshiaki

PY - 2008/9/12

Y1 - 2008/9/12

N2 - Pulsing Denial-of-Service (PDoS) attacks seriously degrade the throughput of TCP flows and consequently pose a grave detrimental effect on network performance. The fact that they generate less traffic than traditional flood-based attacks makes PDoS detection more difficult. Most of the conventional PDoS detection shemes focus on the periodical pattern of the pulse trains. Therefore, attackers can easily escape the detection system by merely controlling the timing of pulse transmission. In this paper, we propose a novel and robust PDoS detection method which capitalizes on the bandwidth usage condition of network traffic in distinguishing the congestion due to normal traffic from that due to PDoS attacks. Simulation experiments have demonstrated the effectiveness of the proposed scheme in detecting PDoS attacks.

AB - Pulsing Denial-of-Service (PDoS) attacks seriously degrade the throughput of TCP flows and consequently pose a grave detrimental effect on network performance. The fact that they generate less traffic than traditional flood-based attacks makes PDoS detection more difficult. Most of the conventional PDoS detection shemes focus on the periodical pattern of the pulse trains. Therefore, attackers can easily escape the detection system by merely controlling the timing of pulse transmission. In this paper, we propose a novel and robust PDoS detection method which capitalizes on the bandwidth usage condition of network traffic in distinguishing the congestion due to normal traffic from that due to PDoS attacks. Simulation experiments have demonstrated the effectiveness of the proposed scheme in detecting PDoS attacks.

UR - http://www.scopus.com/inward/record.url?scp=51249091402&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=51249091402&partnerID=8YFLogxK

U2 - 10.1109/ICC.2008.322

DO - 10.1109/ICC.2008.322

M3 - Conference contribution

AN - SCOPUS:51249091402

SN - 9781424420742

SP - 1670

EP - 1674

BT - ICC 2008 - IEEE International Conference on Communications, Proceedings

T2 - IEEE International Conference on Communications, ICC 2008

Y2 - 19 May 2008 through 23 May 2008

ER -

Detecting pulsing denial-of-service attacks based on the bandwidth usage condition

Abstract

Other

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Fingerprint

Cite this