Skip to main content

Advertisement

SpringerLink
Log in
Menu
Find a journal Publish with us
Search
Cart
Book cover

International Conference on Information and Communications Security

ICICS 2012: Information and Communications Security pp 70–80Cite as

  1. Home
  2. Information and Communications Security
  3. Conference paper
Countermeasures on Application Level Low-Rate Denial-of-Service Attack

Countermeasures on Application Level Low-Rate Denial-of-Service Attack

  • Yajuan Tang18 
  • Conference paper
  • 2087 Accesses

  • 3 Citations

Part of the Lecture Notes in Computer Science book series (LNSC,volume 7618)

Abstract

Low-Rate Denial-of-Service (LRDoS) attack is an emerging threat to Internet because it can evade detection and defense schemes for flooding based attacks. LRDoS attack at application level is particularly difficult to counteract as it mimics legitimate client. Although there are several approaches proposed to mitigate LRDoS attacks, they are limited to particular protocols, target systems, or attack patterns that they are not able to detect this threat at application level. In this paper, we propose a nonparametric detection algorithm and a hybrid defense system to mitigate LRDoS attacks at application level. Our extensive experiments have confirmed the effectiveness of the detection and defense system.

Keywords

  • Arrival Rate
  • False Alarm Rate
  • Queue Length
  • Admission Rate
  • Application Level

These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

This work is supported by the National Natural Science Foundation of China (60903185) and Industry-Universities-Research Institutes Collaboration Foundation of Guangdong (cgzhzd0717).

Download conference paper PDF

References

  1. Kuzmanovic, A., Knightly, E.: Low-rate TCP-targeted Denial-of-Service attacks and counter strategies. IEEE/ACM TON 14(4), 683–696 (2006)

    CrossRef  Google Scholar 

  2. Kuzmanovic, A., Knightly, E.: Low-rate TCP-targeted Denial-of-Service attacks: The shrew vs. the mice and elephants. In: ACM SIGCOMM (2003)

    Google Scholar 

  3. Guirguis, M., Bestavros, A., Matta, I., Zhang, Y.: Exploiting the transients of adaptation for RoQ attacks on Internet resources. In: IEEE ICNP (2004)

    Google Scholar 

  4. Guirguis, M., Bestavros, A., Matta, I., Zhang, Y.: Reduction of quality RoQ attacks on Internet end-systems. In: IEEE INFOCOM (2005)

    Google Scholar 

  5. Luo, X., Chang, R.: On a new class of Pulsing Denial-of-Service attacks and the defense. In: ISOC NDSS (2005)

    Google Scholar 

  6. Sun, H., Lui, J., Yau, D.: Defending against low-rate TCP attacks: dynamic detection and protection. In: IEEE ICNP (2004)

    Google Scholar 

  7. Chen, Y., Kwok, Y., Hwang, K.: Filtering Shrew DDoS attacks using a new frequency-domain approach. In: IEEE WoNS (2005)

    Google Scholar 

  8. Chen, Y., Hwang, K.: Collaborative detection and filtering of Shrew DDoS attacks using spectral analysis. JPDC 66(9), 1137–1151 (2006)

    MATH  Google Scholar 

  9. Shevtekar, A., Anantharam, K., Ansari, N.: Low rate TCP Denial-of-Service attack detection at edge routers. IEEE Communication Letters 9, 363–365 (2005)

    CrossRef  Google Scholar 

  10. Thatte, G., Mitra, U., Heidemann, J.: Detection of low-rate attacks in computer networks. In: IEEE Global Internet Symposium (2008)

    Google Scholar 

  11. Maciá-Fernández, G., Rodriguez-Góomez, R., Diaz-Verdejo, J.: Defense techniques for low-rate DoS attacks against application servers. Computer Networks 54(15), 2711–2727 (2010)

    CrossRef  MATH  Google Scholar 

  12. Chang, C., Lee, S., Lin, B., Wang, J.: The taming of the shrew: mitigating low-rate TCP-targeted attack. IEEE TNSM 7(1), 1–13 (2010)

    Google Scholar 

  13. Xiang, Y., Li, K., Zhou, W.: Low-rate DDoS attacks detection and traceback by using new information metrics. IEEE TIFS 6(2), 426–437 (2011)

    Google Scholar 

  14. Maciá-Fernández, G., Díaz-Verdejo, J., Garcia-Teodoro, P., Toro-Negro, F.: LoRDAS: A Low-Rate DoS Attack against Application Servers. In: Lopez, J., Hämmerli, B.M. (eds.) CRITIS 2007. LNCS, vol. 5141, pp. 197–209. Springer, Heidelberg (2008)

    CrossRef  Google Scholar 

  15. Ranjan, S., Swaminathan, R., Uysal, M., Knightly, E.: DDoS-resilient scheduling to counter application layer attacks under imperfect detection. In: IEEE INFOCOM (2006)

    Google Scholar 

  16. Xie, Y., Yu, S.: A large-scale hidden semi-Markov model for anomaly detection on user browsing behaviors. IEEE/ACM TON 17(1), 54–65 (2009)

    CrossRef  Google Scholar 

  17. Guirguis, M., Bestavros, A., Matta, I., Zhang, Y.: Reduction of quality (RoQ) attacks on dynamic load balancers: Vulnerability assessment and design tradeoffs. In: IEEE INFOCOM (2007)

    Google Scholar 

  18. Brodsky, B., Darkhovsky, B.: Non-Parametric Statistical Diagnosis Problems and Methods. Kluwer Academic Publishers (2000)

    Google Scholar 

  19. Rousseeuw, P., Hubert, M.: Robust statistics for outlier detection. Wiley Interdisciplinary Reviews: Data Mining and Knowledge Discovery 1(1), 73–79 (2011)

    CrossRef  Google Scholar 

  20. Tartakovsky, A., Rozovskii, B., Blazek, R., Kim, H.: A novel approach to detection of intrusions in computer networks via adaptive sequential and batch-sequential change-point detection methods. IEEE TOSP 54(9), 3372–3382 (2006)

    Google Scholar 

  21. Kunniyur, S., Srikant, R.: Analysis and design of an adaptive virtual queue (AVQ) algorithm for active queue management. In: ACM SIGCOMM (2001)

    Google Scholar 

  22. Deng, X., Yi, S., Kesidis, G., Das, C.: Stabilized virtual buffer (SVB) - an active queue management scheme for internet Quality-of-Service. In: IEEE Globecom (2002)

    Google Scholar 

  23. Tang, Y., Luo, X., Hui, Q., Chang, R.K.: Understanding the vulnerability of feedback-control based internet services to low-rate DoS attacks (manuscript for publication)

    Google Scholar 

  24. Karagiannis, T., Molle, M., Faloutsos, M., Broido, A.: A nonstationary Poisson view of internet traffic. In: IEEE INFOCOM (2004)

    Google Scholar 

  25. Park, K., Kim, G., Crovella, M.: On the effect of traffic self-similarity on network performance. In: SPIE PCNS (1997)

    Google Scholar 

  26. Downey, A.: Evidence for long-tailed distributions in the internet. In: ACM IMW (2001)

    Google Scholar 

  27. Tang, Y.: Supplementary to ”countermeasures on application level low-rate Denial-of-Service attack”

    Google Scholar 

  28. Tang, Y., Luo, X., Chang, R.K.C.: Protecting internet services from low-rate DoS attacks. In: CIP (2007)

    Google Scholar 

  29. mini_httpd, http://www.acme.com/software/mini_httpd/

  30. httperf, http://www.hpl.hp.com/research/linux/httperf/

Download references

Author information

Authors and Affiliations

  1. Department of Electronic Engineering, Shantou University, China

    Yajuan Tang

Authors
  1. Yajuan Tang
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science, The University of Hong Kong, Room 519, 5/F, Haking Building, Pokfulam Road, 852, Hong Kong, China

    Tat Wing Chim

  2. Department of Computer Science, The University of Hong Kong, Room 519, 5/F, Haking Wong Building, Pokfulam Road, 852, Hong Kong, China

    Tsz Hon Yuen

Rights and permissions

Reprints and Permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Tang, Y. (2012). Countermeasures on Application Level Low-Rate Denial-of-Service Attack. In: Chim, T.W., Yuen, T.H. (eds) Information and Communications Security. ICICS 2012. Lecture Notes in Computer Science, vol 7618. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-34129-8_7

Download citation

  • .RIS
  • .ENW
  • .BIB
  • DOI: https://doi.org/10.1007/978-3-642-34129-8_7

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-34128-1

  • Online ISBN: 978-3-642-34129-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Share this paper

Anyone you share the following link with will be able to read this content:

Sorry, a shareable link is not currently available for this article.

Provided by the Springer Nature SharedIt content-sharing initiative

Search

Navigation

  • Find a journal
  • Publish with us

Discover content

  • Journals A-Z
  • Books A-Z

Publish with us

  • Publish your research
  • Open access publishing

Products and services

  • Our products
  • Librarians
  • Societies
  • Partners and advertisers

Our imprints

  • Springer
  • Nature Portfolio
  • BMC
  • Palgrave Macmillan
  • Apress
  • Your US state privacy rights
  • Accessibility statement
  • Terms and conditions
  • Privacy policy
  • Help and support

167.114.118.210

Not affiliated

Springer Nature

© 2023 Springer Nature