Is low‐rate distributed denial of service a great threat to the Internet?
Abstract Low‐rate Distributed Denial of Service (LDDoS) attacks, in which the attackers send packets to a victim at a sufficiently low rate to avoid being detected, are considered to be a subtype of DDoS attacks and a potential threat to Internet security. However, an overwhelming attack paradigm on...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Wiley
2021-09-01
|
| Series: | IET Information Security |
| Subjects: | |
| Online Access: | https://doi.org/10.1049/ise2.12031 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1832558663539097600 |
|---|---|
| author | Ming Chen Jing Chen Xianglin Wei Bing Chen |
| author_facet | Ming Chen Jing Chen Xianglin Wei Bing Chen |
| author_sort | Ming Chen |
| collection | DOAJ |
| description | Abstract Low‐rate Distributed Denial of Service (LDDoS) attacks, in which the attackers send packets to a victim at a sufficiently low rate to avoid being detected, are considered to be a subtype of DDoS attacks and a potential threat to Internet security. However, an overwhelming attack paradigm on the Internet has rarely been reported due to the harsh requirements for launching LDDoS attacks; therefore, most existing LDDoS attacks are constructed and evaluated through theoretical deduction and/or simulation tests. In this backdrop, the authors aim to figure out what the conditions for launching a successful LDDoS attack are, and how harmful an attack could be. They first analyse the characteristics of LDDoS attacks, and derive the conditions and parameters for initiating LDDoS attacks using a queuing model. Based on the analysis results, an LDDoS algorithm is presented. Then, an LDDoS validation prototype is built on a Network Function Virtualization network to validate the derived parameters and conditions. Finally, a series of experiments are conducted on the testbed, and the results show that a successful LDDoS attack could be achieved based on the derived algorithm; however, its attack effect only lasts for a short time compared with its DDoS counterparts. |
| format | Article |
| id | doaj-art-6f8b0f0a74834ee796ac3ce65c9ae169 |
| institution | Kabale University |
| issn | 1751-8709 1751-8717 |
| language | English |
| publishDate | 2021-09-01 |
| publisher | Wiley |
| record_format | Article |
| series | IET Information Security |
| spelling | doaj-art-6f8b0f0a74834ee796ac3ce65c9ae1692025-02-03T01:31:55ZengWileyIET Information Security1751-87091751-87172021-09-0115535136310.1049/ise2.12031Is low‐rate distributed denial of service a great threat to the Internet?Ming Chen0Jing Chen1Xianglin Wei2Bing Chen3College of Computer Science and Technology Nanjing University of Aeronautics and Astronautics Nanjing ChinaCollege of Computer Science and Technology Nanjing University of Aeronautics and Astronautics Nanjing ChinaThe 63rd Research Institute National University of Defense Technology Nanjing ChinaCollege of Computer Science and Technology Nanjing University of Aeronautics and Astronautics Nanjing ChinaAbstract Low‐rate Distributed Denial of Service (LDDoS) attacks, in which the attackers send packets to a victim at a sufficiently low rate to avoid being detected, are considered to be a subtype of DDoS attacks and a potential threat to Internet security. However, an overwhelming attack paradigm on the Internet has rarely been reported due to the harsh requirements for launching LDDoS attacks; therefore, most existing LDDoS attacks are constructed and evaluated through theoretical deduction and/or simulation tests. In this backdrop, the authors aim to figure out what the conditions for launching a successful LDDoS attack are, and how harmful an attack could be. They first analyse the characteristics of LDDoS attacks, and derive the conditions and parameters for initiating LDDoS attacks using a queuing model. Based on the analysis results, an LDDoS algorithm is presented. Then, an LDDoS validation prototype is built on a Network Function Virtualization network to validate the derived parameters and conditions. Finally, a series of experiments are conducted on the testbed, and the results show that a successful LDDoS attack could be achieved based on the derived algorithm; however, its attack effect only lasts for a short time compared with its DDoS counterparts.https://doi.org/10.1049/ise2.12031Internetcomputer network securityvirtualisation |
| spellingShingle | Ming Chen Jing Chen Xianglin Wei Bing Chen Is low‐rate distributed denial of service a great threat to the Internet? IET Information Security Internet computer network security virtualisation |
| title | Is low‐rate distributed denial of service a great threat to the Internet? |
| title_full | Is low‐rate distributed denial of service a great threat to the Internet? |
| title_fullStr | Is low‐rate distributed denial of service a great threat to the Internet? |
| title_full_unstemmed | Is low‐rate distributed denial of service a great threat to the Internet? |
| title_short | Is low‐rate distributed denial of service a great threat to the Internet? |
| title_sort | is low rate distributed denial of service a great threat to the internet |
| topic | Internet computer network security virtualisation |
| url | https://doi.org/10.1049/ise2.12031 |
| work_keys_str_mv | AT mingchen islowratedistributeddenialofserviceagreatthreattotheinternet AT jingchen islowratedistributeddenialofserviceagreatthreattotheinternet AT xianglinwei islowratedistributeddenialofserviceagreatthreattotheinternet AT bingchen islowratedistributeddenialofserviceagreatthreattotheinternet |