Exploiting the transients of adaptation for RoQ attacks on Internet resources

Abstract

We expose an unorthodox adversarial attack that exploits the transients of a system's adaptive behavior, as opposed to its limited steady-state capacity. We show that a well orchestrated attack could introduce significant inefficiencies that could potentially deprive a network element from much of its capacity, or significantly reduce its service quality, while evading detection by consuming an unsuspicious, small fraction of that element's hijacked capacity. This type of attack stands in sharp contrast to traditional brute-force, sustained high-rate DoS attacks, as well as recently proposed attacks that exploit specific protocol settings such as TCP timeouts. We exemplify what we term as reduction of quality (RoQ) attacks by exposing the vulnerabilities of common adaptation mechanisms. We develop control-theoretic models and associated metrics to quantify these vulnerabilities. We present numerical and simulation results, which we validate with observations from real Internet experiments. Our findings motivate the need for the development of adaptation mechanisms that are resilient to these new forms of attacks.

DOI: 10.1109/ICNP.2004.1348109

Extracted Key Phrases

Showing 1-10 of 33 references

As Forecast, Worm Takes SCO offline

  • Salt Lake, Tribune
  • 2004
1 Excerpt

Exploiting the Transients of Adaptation for RoQ Attacks on Internet Resources

  • M Guirguis, A Bestavros, I Matta
  • 2004

IETF Draft: HighSpeed TCP for Large Congestion Windows. draft-ietf-tsvwg-highspeed-01.txt

  • S Floyd
  • 2003

Internet Draft: FAST TCP for high-speed long-distance networks . draft-jwl-tcp-fast-01.txt

  • D W. C Jin, S Low
  • 2003

Modern Control Engineering

  • K Ogata
  • 2002
1 Excerpt
Showing 1-10 of 82 extracted citations

Statistics

0102030'04'05'06'07'08'09'10'11'12'13'14'15'16'17
Citations per Year

137 Citations

Semantic Scholar estimates that this publication has received between 97 and 198 citations based on the available data.

See our FAQ for additional information.