Performance analysis of TCP/AQM under Denial-of-service attacks

Xiapu Luo, Kow Chuen Chang, Edmond W.W. Chan

Research output: Chapter in book / Conference proceedingConference article published in proceeding or bookAcademic researchpeer-review

22 Citations (Scopus)

Abstract

The interaction between TCP and various Active Queue Management (AQM) algorithms has been extensively analyzed for the last few years. However, the analysis usually assumed that routers and TCP flows are not under any network attacks. In this paper, we investigate how the performance of TCP flows is affected by denial-of-service (DoS) attacks under the Drop Tail and various AQM schemes. In particular, we consider two types of DoS attacks - the traditional flooding-based DoS (FDDoS) attacks and the recently proposed Pulsing DoS (PDoS) attacks. Both analytical and simulation results support that the PDoS attacks are more effective than the FDDoS attacks under the same average attack rate. Moreover, the Drop Tail surprisingly outperforms the RED-like AQMs when the router is under a PDoS attack, whereas the RED-like AQMs perform better under a severe FDDoS attack. On the other hand, the Adaptive Virtual Queue algorithm can retain a higher TCP throughput during PDoS attacks as compared with the RED-like AQMs.
Original languageEnglish
Title of host publicationMASCOTS 2005
Subtitle of host publication13th IEEE International Symposium on Modeling, Analysis and Simulation of Computer and Telecommunications Systems
Pages97-104
Number of pages8
Volume2005
Publication statusPublished - 1 Dec 2005
EventMASCOTS 2005: 13th IEEE International Symposium on Modeling, Analysis and Simulation of Computer and Telecommunications Systems - Atlanta, GA, United States
Duration: 27 Sept 200529 Sept 2005

Conference

ConferenceMASCOTS 2005: 13th IEEE International Symposium on Modeling, Analysis and Simulation of Computer and Telecommunications Systems
Country/TerritoryUnited States
CityAtlanta, GA
Period27/09/0529/09/05

ASJC Scopus subject areas

  • General Engineering

Fingerprint

Dive into the research topics of 'Performance analysis of TCP/AQM under Denial-of-service attacks'. Together they form a unique fingerprint.

Cite this