Denial of service (DoS) attack and distributed denial of service (DDoS) attack on the internet aim to prevent legitimate clients from accessing a service and are considered a serious threat to the availability and reliability of the internet services. Client puzzle is a well known countermeasure, which demands a client to perform computationally expensive operations before being granted services from a server. However, an attacker can inflate its capability of DoS/DDoS attacks with the fast puzzle-solving software and/or built-in graphics processing unit (GPU) hardware to significantly weaken the effective of client puzzle. LDoS (Low-rate Denial-of-Service) attacks are stealthier than the traditional DDoS attacks. According to the characteristic of periodicity and short burst in LDoS flows, a detection system, TCP’s retransmission timeout mechanism can be exploited by using maliciously chosen low-rate attack flow to make TCP throughput fall to a very low rate. LDoS attacks will degrade the performance of web traffic, TCP services and reduce TCP throughput to zero. Based on LDoS, bots multiplexing in multi-targets attack scenario is proposed, and then present the LDoS attack ability enhancing method. In simulation, the method shows good performance and adaptability, it can enhance attack ability effectively under variety of correlated parameters.
1. Zargar, S.T., Joshi, J., Tipper D, “A Survey of Defense Mechanisms Against Distributed Denial of Service (DDoS) Flooding Attacks,” IEEE Communications Surveys & Tutorials, vol. 15, no. 4, pp. 2046-2069, 2013.M. Young, The Technical Writer’s Handbook. Mill Valley, CA: University Science, 1989.
2. Yajuan Tang, Xiapu Luo, Qing Hui, Chang R.K.C, “Modeling the Vulnerability of Feedback-Control Based Internet Services to Low-Rate DoS Attacks,” IEEE Trans. Information Forensics and Security, vol. 9, no. 3, pp. 339-353, March 2014, doi: 10.1109/TIFS.2013.2291970.
3. Macia-Fernandez, G., Diaz-Verdejo, J.E., Garcia-Teodoro, P.,“Mathematical Model for Low-Rate DoS Attacks Against Application Servers,” IEEE Trans. Information Forensics and Security, vol. 4, no. 3, pp. 519–529, Sept. 2009, doi: 10.1109/TIFS.2009.2024719.
4. Barford P, Kline J, Plonka D, and Ron A, “A signal analysis of network traffic anomalies,” Proc. ACM SIGCOMM Internet Measurement Workshop, Marseilles, France, 2002, pp. 71-82.
5. HE Yan-Xiang, CAO Qiang, LIU Tao, HAN Yi, XIONG Qi, “A Low-Rate DoS Detection Method Based on Feature Extraction Using Wavelet Transform,” Journal of Software, vol. 20, no. 4, pp. 930−941, April. 2009.
6. Chen Y, HWang K, and Kwok Y-K, “Collaborative defense against periodic shrew DDoS attacks in frequency domain,” Technical Report TR 2005-11. Submitted to ACM Trans. on Information and System Security (TISSEC), May. 2005.
7. Feldmann, A. Gilbert, and W. Willinger, “Data Networks as Cascades: Explaining the MultiFractal Nature of Internet Traffic”, Proc. ACM SIGCOMM, Vancouver, BC, pp. 42-55, September 1998.
8. Xia, Zhengmin, Lu, Songnian, Li, JianHua, “DDoS Flood Attack Detection Based on Fractal Parameters,” presented at 2012 8th International Conference on Wireless Communications, Networkingand Mobile Computing (WiCOM), pp.1 –5, 2012. 9. Wu Zhi-jun, Zhang Hai-tao, Wang Ming-hua, Pei Bao-song, “MSABMS-based approach of detecting LDoS attack,” vol. 31, pp. 402-417, 2012.
10. Carey Williamson, “Internet Traffic Measurement,” IEEE Internet Computing, pp.70-74, November-December 2001.
11. Uday B. Desai, Krishna P.Murali, and Vikram M. Gadre, “Multifractal Based Network Traffic Modeling,” Kluwer AcademicPublishers, December 12, 2003. ISBN-13: 9781402075667.