White Papers

TCP Flow Analysis for Defense Against Shrew DDoS Attacks

Overview The shrew or RoS attacks are low-rate DDoS attacks that degrade the QoS to end systems slowly but not to deny the services completely. These attacks are more difficult to detect than the flooding type of DDoS attacks. This paper explores the energy distributions of Internet traffic flows in frequency domain. Normal TCP traffic flows present some form of periodicity because of TCP protocol behavior. The results reveal that normal TCP flows can be segregated from malicious flows using some energy distribution properties. The paper discovers the spectral shifting of attack flows from that of normal flows. Combining flow-level spectral analysis with sequential hypothesis testing, a novel defense scheme against shrew DDoS or RoQ (reduction-of-service) attacks is proposed.

By downloading you agree to our Terms and Conditions. These include information regarding use of your personal data.

Publisher: University of Southern California
File Format: PDF
Date Published: Oct 31, 2007
Format: White Papers
Topics: TCP - IP

Similiar White Papers

A Taxonomy of the Linux Network Stack

This paper tries to give readers not familiar with the Linux network stack a gentle introduction to the fundamental conc

Publisher: Oracle | Tags: data, ip, kernel, linux, network

Cisco - Access Control Lists and IP Fragments

This white paper explains the different kinds of Access Control List (ACL) entries and what happens when different kinds

Publisher: Cisco Systems | Tags: ip

Magic Quadrant for Unified Communications, 2007

Unified Communications (UC) offer the ability to significantly improve how individuals, groups and companies interact an

Publisher: Gartner | Tags: applications, business applications, ip, pbx, uc, unified, unified messaging, voip

How Cisco IT Deploys Closed-Circuit TV Cameras Over the Secure IP Network

Cisco uses video surveillance to help keep its work environment secure. Two years ago, Cisco used a combination of camer

Publisher: Cisco Systems | Tags: cctv, data, digital, ip, network, surveillance, tv

VLAN Load Balancing Between Trunks Using the Spanning-Tree Protocol Port Priority

This paper provides the theory behind VLAN load balancing between trunks, and also provides configuration examples for s

Publisher: Cisco Systems | Tags: ip

University of Southern California White Papers

Cross Layer Adaptive Control for Wireless Mesh Networks

Featured white papers

The Value of Location Intelligence in the Communications Industry

Pitney Bowes

Public Services are under pressure, the challenge is to do more with less. How do you improve citizen satisfaction, increase cost efficiencies and improve service delivery? The power of location intelligence is helping many local authorities...

Download now »
Best Practices for Translating Customer Satisfaction into Revenue

Citrix Online

Today's support organisations are focused on two top-level metrics: financial results and customer satisfaction. For most, it's easy to track financial performance, but customer satisfaction is akin to speaking a foreign language...

Download now »
HP print solutions and 3M

Hewlett-Packard (HP)

The objective for 3M was to optimize office printing infrastructure at 3M locations worldwide, reduce total cost and environmental footprint. Some of the business benefits acheived by switching to HP print solutions...

Download now »