A Feedback Mechanism for Mitigating Denial of Service Attacks against Differentiated Services Clients
Abstract
Differentiated Service (DiffServ) networks provide Quality of Service (QoS)
guarantees by policing traffic into a fixed number of pre-existing classes. DoS¹
attacks against DiffServ clients will be more targeted and require less attack
bandwidth than current attacks due to the per-client and per-class bandwidth
limitations which must be imposed to ensure QoS guarantees. In this paper, we
present a technique for defeating a DoS attack on a DiffServ client through
dynamic modification of packet headers. This technique allows the DiffServ
network to distinguish valid traffic from malicious traffic, but does not require
cryptographic processing on a per-packet basis and does not increase packet
size. We also examine the sensitivity of our system to the traffic policerâ s token
bucket size.
Description
Proc. Tenth Int. Conf. on Telecommunication Systems: Modeling and Analysis, pp. 204-213, Monterey, CA, October 2002.
Rights
This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.Collections
Related items
Showing items related by title, author, creator and subject.
-
Cyber System Assurance through Improved Network Anomaly Modeling and Detection
Bollmann, Chad A. (Monterey, California: Naval Postgraduate SchoolMonterey, California. Naval Postgraduate School, 2019-12); NPS-19-N039-AThe objectives of this work were to investigate the source of the dual natures of network traffic (i.e., Gaussian and alpha-stable) in order prove the merit of further development, improvement, and application of non-parametric ... -
Cyber System Assurance through Improved Network Anomaly Modeling and Detection
Bollmann, Chad A. (Monterey, California: Naval Postgraduate SchoolMonterey, California. Naval Postgraduate School, 2019-12); NPS-19-N039-AThe objectives of this work were to investigate the source of the dual natures of network traffic (i.e., Gaussian and alpha-stable) in order prove the merit of further development, improvement, and application of non-parametric ... -
Analysis and classification of traffic in wireless sensor networks
Wang, Beng Wei (Monterey, California. Naval Postgraduate School, 2007-03);Wireless sensor networks have been widely researched for use in both military and commercial applications. They are especially of interest to the military planners as they can be deployed in hostile environments to collect ...