Abstract
Among various types of denial of service attacks, 'dropping attack' is probably the most difficult one to handle. This paper explores the negative impacts of packet dropping attacks and a method to detect such attacks. First, three dropping patterns are classified and investigated. We demonstrate that attackers can choose different dropping patterns to degrade TCP service to different levels, and selectively dropping a very small number of packets can result in a severe damage to TCP performance. Second, we show that a hacker can utilize a DDoS attack tool to control a 'uncompromised' router to emulate dropping attacks. This proves that dropping attacks are indeed practically very possible to happen in today's Internet environment. Third, we present a statistic analysis module for the detection of TCP packet dropping attacks. Three measures, session delay, the position and the number of packet reordering, have been implemented in the statistic module. This paper has evaluated and compared their detection performance.
| Original language | English |
|---|---|
| Pages | 263-272 |
| Number of pages | 10 |
| Publication status | Published - 2000 |
| Event | 2000 International Conference on Network Protocols - Osaka, Jpn Duration: 2000 Nov 14 → 2000 Nov 17 |
Conference
| Conference | 2000 International Conference on Network Protocols |
|---|---|
| City | Osaka, Jpn |
| Period | 00-11-14 → 00-11-17 |
All Science Journal Classification (ASJC) codes
- Software