Sciweavers

CIIT
2004

Effectiveness of rate-limiting in mitigating flooding DOS attacks

14 years 1 months ago
Effectiveness of rate-limiting in mitigating flooding DOS attacks
This paper investigates the effectiveness of rate-limiting in mitigating TCP-based flooding Denial of Service (DoS) attacks. Rate-limiting is used as a DoS defense mechanism to discard a fraction of incoming attack packets. Part of legitimate traffic is, however, mis-detected as attack traffic. The main contribution of this paper is to find out how much a DoS attack can be rate-limited without any undue penalties for those legitimate TCP flows, which are mis-detected as attack traffic. The research methodology is based on analyzing the TCP throughput in a simulated network where packet-loss is one-way due to rate-limiting of incoming packets. Empirical measurements in a small network are used to verify the simulation results. KEY WORDS Internet security, Denial of Service, Rate-limiting, TCP throughput.
Jarmo Mölsä
Added 30 Oct 2010
Updated 30 Oct 2010
Type Conference
Year 2004
Where CIIT
Authors Jarmo Mölsä
Comments (0)