Sciweavers

ICDCS
2009
IEEE

The Taming of the Shrew: Mitigating Low-Rate TCP-Targeted Attack

14 years 8 months ago
The Taming of the Shrew: Mitigating Low-Rate TCP-Targeted Attack
A Shrew attack, which uses a low-rate burst carefully designed to exploit TCP’s retransmission timeout mechanism, can throttle the bandwidth of a TCP flow in a stealthy manner. While such an attack can significantly degrade the performance of all TCP-based protocols and services including Internet routing (e.g., BGP), no existing scheme clearly solves the problem in real network scenarios. In this paper, we propose a simple protection mechanism, called SAP (Shrew Attack Protection), for defending against a Shrew attack. Rather than attempting to track and isolate Shrew attackers, SAP identifies TCP victims by monitoring their drop rates and preferentially admits those packets from victims with high drop rates to the output queue. This is to ensure that wellbehaved TCP sessions can retain their bandwidth shares. Our simulations indicate that under a Shrew attack, SAP can prevent TCP sessions from closing, and effectively enable TCP flows to maintain high throughput. SAP is a dest...
Chia-Wei Chang, Seungjoon Lee, B. Lin, Jia Wang
Added 08 Mar 2010
Updated 08 Mar 2010
Type Conference
Year 2009
Where ICDCS
Authors Chia-Wei Chang, Seungjoon Lee, B. Lin, Jia Wang
Comments (0)