Control of low-rate denial-of-service attacks on web servers and TCP flows

Qing Hui, Xiapu Luo, Wenke Lee

Research output: Chapter in book / Conference proceedingConference article published in proceeding or bookAcademic researchpeer-review

Abstract

The security of feedback control systems is an important problem to the Internet because feedback controllers have been widely used in popular Internet applications (e.g. web server) and fundamental protocols (e.g. TCP). The vulnerability comes from the fact that an attacker can easily manipulate the input and control variables of those controllers. In our previous works, we analyzed threats of some special lowrate Denial-of-Service attacks (LRDoS) to the feedback control systems used in web servers and TCP flows. In this paper, based on hybrid system theory, we derive general results from two aspects. First, we propose a new proportional-integral feedback controller for web servers to mitigate the impact of generalized LRDoS attacks. The stability and convergence properties of the controller are analyzed. Second, we model the impact of generalized LRDoS attacks on TCP by use of Zeno control. We investigate both the scenario when TCP uses fixed parameters in its congestion control algorithm and the scenario when TCP uses adaptive control to adjust those parameters. We also examine the case when there is no Zeno solution. Limit cycle analysis is employed to model the behavior of TCP's congestion control mechanism with periodic solutions. The globally asymptotic stability of those periodic solutions is proved.
Original languageEnglish
Title of host publication2010 49th IEEE Conference on Decision and Control, CDC 2010
Pages4186-4191
Number of pages6
DOIs
Publication statusPublished - 1 Dec 2010
Externally publishedYes
Event2010 49th IEEE Conference on Decision and Control, CDC 2010 - Atlanta, GA, United States
Duration: 15 Dec 201017 Dec 2010

Conference

Conference2010 49th IEEE Conference on Decision and Control, CDC 2010
Country/TerritoryUnited States
CityAtlanta, GA
Period15/12/1017/12/10

ASJC Scopus subject areas

  • Control and Systems Engineering
  • Modelling and Simulation
  • Control and Optimization

Fingerprint

Dive into the research topics of 'Control of low-rate denial-of-service attacks on web servers and TCP flows'. Together they form a unique fingerprint.

Cite this