Abstract
Denial of Service attacks are becoming an increasing threat to our information infrastructure. By exploiting vulnerability in existing protocols and infrastructures, malicious attackers consume resources in networks and servers to block or degrade the service to legitimate users. TCP is the dominant network transport protocol. It relies on the participating hosts' cooperation to make data transmission successful. This kind of trust has been exploited in some DoS attacks, such as SYN-flooding attack. In this paper, we investigate how a TCP client can extend the duration of its connection with a server only by setting the pace of sending back acknowledgement packets. Our study shows that the duration of a TCP connection could be extended tens of times without incurring timeout retransmission. This mechanism can potentially be used by attackers to launch DoS attacks by generating simultaneous prolonged TCP connections with the victim servers. Unlike SYN-flooding attacks, the low rate property of slow TCP connections makes the detection of this kind of attack difficult, which calls for a further study on this issue.
Original language | English (US) |
---|---|
Title of host publication | Proceedings of the IEEE Conference on Decision and Control |
Pages | 81-86 |
Number of pages | 6 |
Volume | 1 |
State | Published - 2004 |
Event | 2004 43rd IEEE Conference on Decision and Control (CDC) - Nassau, Bahamas Duration: Dec 14 2004 → Dec 17 2004 |
Other
Other | 2004 43rd IEEE Conference on Decision and Control (CDC) |
---|---|
Country/Territory | Bahamas |
City | Nassau |
Period | 12/14/04 → 12/17/04 |
ASJC Scopus subject areas
- Control and Systems Engineering
- Safety, Risk, Reliability and Quality
- Chemical Health and Safety