Title :
RRED: robust RED algorithm to counter low-rate denial-of-service attacks
Author :
Zhang, Changwang ; Yin, Jianping ; Cai, Zhiping ; Chen, Weifeng
Author_Institution :
Sch. of Comput. Sci., Nat. Univ. of Defense Technol., Changsha, China
fDate :
5/1/2010 12:00:00 AM
Abstract :
The existing Random Early Detection (RED) algorithm and its variants are found vulnerable to emerging attacks, especially the Low-rate Denial-of-Service (LDoS) attacks. In this letter we propose a Robust RED (RRED) algorithm to improve the TCP throughput against LDoS attacks. The basic idea behind the RRED is to detect and filter out attack packets before a normal RED algorithm is applied to incoming flows. We conduct a set of simulations to evaluate the performance of the proposed RRED algorithm. The results show that, compared to existing RED-like algorithms, the RRED algorithm nearly fully preserves the TCP throughput in the presence of LDoS attacks.
Keywords :
queueing theory; routing protocols; transport protocols; RRED; TCP throughput; attack packets; low-rate denial-of-service attacks; random early detection algorithm; robust RED algorithm; Algorithm design and analysis; Broadcasting; Computer crime; Computer science; Counting circuits; Filters; Floods; Robustness; Throughput; Web and internet services; AQM, low-rate DoS attack, RED, robust;
Journal_Title :
Communications Letters, IEEE
DOI :
10.1109/LCOMM.2010.05.091407
