research-article

Characterization, Detection and Mitigation of Low-Rate DoS attack

Authors:

Gaurav MeenaAuthors Info & Claims

ICTCS '14: Proceedings of the 2014 International Conference on Information and Communication Technology for Competitive Strategies

Article No.: 69, Pages 1 - 5

https://doi.org/10.1145/2677855.2677924

Published: 27 October 2014 Publication History

Abstract

Now a day's web services become key aspect of life. Unfortunately there are several threats to these services. These threats are phishing, e-mail borne viruses, Trojan horse programs, Denial of Service etc. Among of them Distributed Denial of Service attack is a strong and more energetic attack on the Internet. Launching of DDoS attack is an explicit attempt to exhaust the resources of server to prevent legitimate users to access services. The common flooding DDoS attacks can be detected and mitigated by some mechanisms easily cause of the characteristics as flow rate, size of attack packets, but still it is difficult to detect and identifies the Low-Rate DoS attack because the attacker periodically send short burst packets which behave as legitimate traffic to the server. The attack is only detected when the server goes down. So an efficient detection system is required which effectively Characterize the legitimate and attack traffic to detect the attack and stop it to mitigate the effect of these sort of threats. In this article we proposed a complete framework for "Characterization, Detection and Mitigation of Low-Rate DoS Attacks" which effectively characterize the flows as attack or legitimate, detects the low-rate DoS attack on the basis of characteristics of low rate and mitigate the effect of this by stopping the attack flow near the source. The effectiveness of this approach have validated by simulation in ns-2, with Shell scripting, on a Linux platform.

References

[1]

A. Kuzmanovic and E. Knightly, "Low-rate tcp-targeted denial of service attacks (the shrew vs. the mice and elephants)." ACMSIGCOMM 2003, 2003, pp. 75--86.

Digital Library

[2]

J. C. S. L. H. Sun and D. K. Y. Yau, "Defending against low-rate tcp attacks: Dynamic detection and protection." IEEE Conference on Network Protocols (ICNP2004), 2004, pp. 196--205.

Digital Library

[3]

N. A. A. Shevtekar, K. Anantharam, "Low rate tcp denial-of-service attack detection at edge routers," vol. 9, no. 4. IEEE Communication Letters, 2005, pp. 363--365.

[4]

A. Y. S. Sanmorino, "Ddos attack detection method and mitigation using pattern of the flow," 2013.

[5]

X. J. Nashat, Dalia and S. Horiguchi, "Router based detection for low-rate agents of ddos attack." International Conference on High Performance Switching and Routing, IEEE, 2008.

[6]

Incapsula. (2011) Distributed denial of service attacks. {Online}. Available: http://www.incapsula.com/ddos/ddos-attacks

[7]

S. T. Joshi James Tipper David Zargar, "A survey of defense mechanisms against distributed denial of service (ddos) flooding attacks," vol. 15, 2013.

[8]

B. Kashyap and S. K. Jena, "Ddos attack detection and attacker identification," 2012.

[9]

S. Yu and W. Zhou, "Entropy-based collaborative detection of ddos attacks on community networks." Sixth Annual IEEE International Conference on Pervasive Computing and Communications, PerCom 2008, IEEE, 2008.

Digital Library

[10]

R. C. J. Kumar, Krishan and Kuldip Singh, "A distributed approach using entropy to detect ddos attacks in isp domain." International Conference on Signal Processing, Communications and Networking, 2007. ICSCN'07.IEEE, 2007.

[11]

S. Zhang, "Detection of low-rate ddos attack based on self-similarity." Int. Workshop on Education Technology and Computer Science, 2010, pp. 333--336.

[12]

T. G. Baskar, M. and S. Saravanan, "Adaptive ip traceback mechanism for detecting low rate ddos attacks." Emerging Trends in Computing, Communication and Nanotechnology (ICE-CCN), 2013 International Conference on. IEEE, 2013

[13]

R. Mathew and V. Katkar, "Software based low rate dos attack detection mechanism," 2011.

[14]

K. L. Xiang, Yang and W. Zhou, "Low-rate ddos attacks detection and traceback by using new information metrics," vol. 6, no. 2. IEEE Transactions on Information Forensics and Security, 2011, pp. 426--437.

Digital Library

[15]

T. Issariyakul and E. Hossain, Introduction to network simulator NS2. Springer, 2011.

Digital Library

[16]

The network simulator ns-2: Documentation. {Online}. Available: http://www.isi.edu/nsnam/ns/ns-documentation.htm

Cited By

Soni VBhatt DYadav N(2024)Bio Inspired Methods for Intrusion Detection in Internet of Things: A Survey2024 IEEE Region 10 Symposium (TENSYMP)10.1109/TENSYMP61132.2024.10752276(1-8)Online publication date: 27-Sep-2024
https://doi.org/10.1109/TENSYMP61132.2024.10752276
Kumbhakar DAdhikari SKarforma S(2024)CTEA: Chaos based tiny encryption algorithm using ECDH and TinkerBell map for data security in supply chain managementMultimedia Tools and Applications10.1007/s11042-024-19443-xOnline publication date: 31-May-2024
https://doi.org/10.1007/s11042-024-19443-x
Kumar MPai AAgarwal JChrista SPrasad GSaifi S(2023)Deep Learning Model to Defend against Covert Channel Attacks in the SDN Networks2023 Advanced Computing and Communication Technologies for High Performance Applications (ACCTHPA)10.1109/ACCTHPA57160.2023.10083336(1-5)Online publication date: 20-Jan-2023
https://doi.org/10.1109/ACCTHPA57160.2023.10083336
Show More Cited By

Recommendations

Survey of low rate DoS attack detection mechanisms
ICWET '11: Proceedings of the International Conference & Workshop on Emerging Trends in Technology

As opposed to the conventional DoS attacks, Low rate DOS attacker injects a short burst of traffic periodically to fill up the bottleneck buffers right before the expiration of the sender's RTO. This forces the sender's TCP connections to timeout with ...
Detectability of Low-Rate HTTP Server DoS Attacks using Spectral Analysis
ASONAM '15: Proceedings of the 2015 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining 2015

Denial-of-Service (DoS) attacks pose a threat to any service provider on the internet. While traditional DoS flooding attacks require the attacker to control at least as much resources as the service provider in order to be effective, so-called low-rate ...
Analysis of low-rate TCP DoS attack against FAST TCP
ISDA '06: Proceedings of the Sixth International Conference on Intelligent Systems Design and Applications - Volume 03

Low rate TCP DoS attack is a novel kind of attacks discovered by Kuzmanovic. According to several experiments, it is very effective in degrading the normal TCP sender's throughput. FAST TCP is a delay-based transport layer protocol; it is used to ...

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences

ICTCS '14: Proceedings of the 2014 International Conference on Information and Communication Technology for Competitive Strategies

November 2014

559 pages

ISBN:9781450332163

DOI:10.1145/2677855

Copyright © 2014 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

In-Cooperation

Computer Society of India: Computer Society of India

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 27 October 2014

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Conference

ICTCS '14

ICTCS '14: International Conference on Information and Communication Technology for Competitive Strategies

November 14 - 16, 2014

Rajasthan, Udaipur, India

Acceptance Rates

ICTCS '14 Paper Acceptance Rate 97 of 270 submissions, 36%;

Overall Acceptance Rate 97 of 270 submissions, 36%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

6
Total Citations
View Citations
367
Total Downloads

Downloads (Last 12 months)10
Downloads (Last 6 weeks)0

Reflects downloads up to 25 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Soni VBhatt DYadav N(2024)Bio Inspired Methods for Intrusion Detection in Internet of Things: A Survey2024 IEEE Region 10 Symposium (TENSYMP)10.1109/TENSYMP61132.2024.10752276(1-8)Online publication date: 27-Sep-2024
https://doi.org/10.1109/TENSYMP61132.2024.10752276
Kumbhakar DAdhikari SKarforma S(2024)CTEA: Chaos based tiny encryption algorithm using ECDH and TinkerBell map for data security in supply chain managementMultimedia Tools and Applications10.1007/s11042-024-19443-xOnline publication date: 31-May-2024
https://doi.org/10.1007/s11042-024-19443-x
Kumar MPai AAgarwal JChrista SPrasad GSaifi S(2023)Deep Learning Model to Defend against Covert Channel Attacks in the SDN Networks2023 Advanced Computing and Communication Technologies for High Performance Applications (ACCTHPA)10.1109/ACCTHPA57160.2023.10083336(1-5)Online publication date: 20-Jan-2023
https://doi.org/10.1109/ACCTHPA57160.2023.10083336
Rios VInacio PMagoni DFreire M(2022)Detection and Mitigation of Low-Rate Denial-of-Service Attacks: A SurveyIEEE Access10.1109/ACCESS.2022.319143010(76648-76668)Online publication date: 2022
https://doi.org/10.1109/ACCESS.2022.3191430
Perez-Diaz JValdovinos IChoo KZhu D(2020)A Flexible SDN-Based Architecture for Identifying and Mitigating Low-Rate DDoS Attacks Using Machine LearningIEEE Access10.1109/ACCESS.2020.30193308(155859-155872)Online publication date: 2020
https://doi.org/10.1109/ACCESS.2020.3019330
Barili ALanterna D(2015)On the effects of large-scale DNS Poisoning2015 IEEE Conference on Communications and Network Security (CNS)10.1109/CNS.2015.7346904(723-724)Online publication date: Sep-2015
https://doi.org/10.1109/CNS.2015.7346904

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten