Is low‐rate distributed denial of service a great threat to the Internet?
Abstract Low‐rate Distributed Denial of Service (LDDoS) attacks, in which the attackers send packets to a victim at a sufficiently low rate to avoid being detected, are considered to be a subtype of DDoS attacks and a potential threat to Internet security. However, an overwhelming attack paradigm on...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Wiley
2021-09-01
|
| Series: | IET Information Security |
| Subjects: | |
| Online Access: | https://doi.org/10.1049/ise2.12031 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | Abstract Low‐rate Distributed Denial of Service (LDDoS) attacks, in which the attackers send packets to a victim at a sufficiently low rate to avoid being detected, are considered to be a subtype of DDoS attacks and a potential threat to Internet security. However, an overwhelming attack paradigm on the Internet has rarely been reported due to the harsh requirements for launching LDDoS attacks; therefore, most existing LDDoS attacks are constructed and evaluated through theoretical deduction and/or simulation tests. In this backdrop, the authors aim to figure out what the conditions for launching a successful LDDoS attack are, and how harmful an attack could be. They first analyse the characteristics of LDDoS attacks, and derive the conditions and parameters for initiating LDDoS attacks using a queuing model. Based on the analysis results, an LDDoS algorithm is presented. Then, an LDDoS validation prototype is built on a Network Function Virtualization network to validate the derived parameters and conditions. Finally, a series of experiments are conducted on the testbed, and the results show that a successful LDDoS attack could be achieved based on the derived algorithm; however, its attack effect only lasts for a short time compared with its DDoS counterparts. |
|---|---|
| ISSN: | 1751-8709 1751-8717 |