A Threshold Adaptation Mechanism for Detecting and Filtering Low-Rate DDoS Attacks

Minh Viet Kieu; Dai Tho Nguyen; Thanh Thuy Nguyen

doi:10.25073/2588-1086/vnucsce.1861

Minh Viet Kieu, Dai Tho Nguyen, Thanh Thuy Nguyen

PDF

Published Apr 10, 2024

DOI: https://doi.org/10.25073/2588-1086/vnucsce.1861

How to Cite

KIEU, Minh Viet; NGUYEN, Dai Tho; NGUYEN, Thanh Thuy. A Threshold Adaptation Mechanism for Detecting and Filtering Low-Rate DDoS Attacks. VNU Journal of Science: Computer Science and Communication Engineering, [S.l.], apr. 2024. ISSN 2588-1086. Available at: <//jcsce.vnu.edu.vn/index.php/jcsce/article/view/1861>. Date accessed: 10 may 2024. doi: https://doi.org/10.25073/2588-1086/vnucsce.1861.

ABNT APA BibTeX CBE EndNote - EndNote format (Macintosh & Windows) MLA ProCite - RIS format (Macintosh & Windows) RefWorks Reference Manager - RIS format (Windows only) Turabian

Issue

Article in Press

Section

Original Articles

Abstract

TCP-targeted low-rate distributed denial-of-service (LDDoS) attacks pose a serious challenge to the reliability and security of the Internet. Among various proposed solutions, we are particularly interested in the Congestion Participation Rate (CPR) metric and the CPR-based approach. Through a simulation study, we show that if the algorithm makes use of a fixed CPR threshold, it cannot simultaneously preserve high TCP throughput under attacks and achieve good fairness performance for TCP flows in attack-free periods. Then, we propose a method for adaptively changing the threshold over time to obtain both the objectives. Simulation results show that our adaptive CPR-based approach can effectively protect TCP flows under attacks while keeping fairness for the flows when attacks are not present.

Article Sidebar

Article Details

Main Article Content

Abstract