Is it congestion or a DDoS attack?

Amey Shevtekar, Nirwan Ansari

Research output: Contribution to journalArticlepeer-review

28 Scopus citations


We propose a new stealthy DDoS attack model referred to as the "quiet" attack. The attack traffic consists of TCP traffic only. Widely used botnets in today's various attacks and newly introduced network feedback control are integral part of the quiet attack model. We show that shortlived TCP flows can be intentionally misused. The quiet attack is detrimental to the Internet traffic and at the same time difficult to be detected by using current defense systems. We demonstrate the inability of representative defense schemes such as adaptive queue management and aggregate congestion control to detect the quiet attack.

Original languageEnglish (US)
Pages (from-to)546-548
Number of pages3
JournalIEEE Communications Letters
Issue number7
StatePublished - 2009

All Science Journal Classification (ASJC) codes

  • Modeling and Simulation
  • Computer Science Applications
  • Electrical and Electronic Engineering


  • And TCP
  • DDoS
  • Router


Dive into the research topics of 'Is it congestion or a DDoS attack?'. Together they form a unique fingerprint.

Cite this