Exploiting the transients of adaptation for RoQ attacks on Internet resources


We expose an unorthodox adversarial attack that exploits the transients of a system's adaptive behavior, as opposed to its limited steady-state capacity. We show that a well orchestrated attack could introduce significant inefficiencies that could potentially deprive a network element from much of its capacity, or significantly reduce its service quality, while evading detection by consuming an unsuspicious, small fraction of that element's hijacked capacity. This type of attack stands in sharp contrast to traditional brute-force, sustained high-rate DoS attacks, as well as recently proposed attacks that exploit specific protocol settings such as TCP timeouts. We exemplify what we term as reduction of quality (RoQ) attacks by exposing the vulnerabilities of common adaptation mechanisms. We develop control-theoretic models and associated metrics to quantify these vulnerabilities. We present numerical and simulation results, which we validate with observations from real Internet experiments. Our findings motivate the need for the development of adaptation mechanisms that are resilient to these new forms of attacks.

DOI: 10.1109/ICNP.2004.1348109

Extracted Key Phrases

10 Figures and Tables


Citations per Year

149 Citations

Semantic Scholar estimates that this publication has 149 citations based on the available data.

See our FAQ for additional information.

Cite this paper

@article{Guirguis2004ExploitingTT, title={Exploiting the transients of adaptation for RoQ attacks on Internet resources}, author={Mina Guirguis and Azer Bestavros and Ibrahim Matta}, journal={Proceedings of the 12th IEEE International Conference on Network Protocols, 2004. ICNP 2004.}, year={2004}, pages={184-195} }