Isolating DDOS Attack Using Multitime Drift Algorithm
National Conference on Emerging Computing and Communication Technologies, 2011
Posted: 21 Oct 2013
Date Written: March 10, 2011
A weak point in network-based applications is that they commonly open some known communication port(s), making themselves targets for denial of service (DoS) attacks. Considering adversaries that can eavesdrop and launch directed DoS attacks to the applications’ open ports, solutions based on pseudo-randomport-hopping have been suggested. As port-hopping needs that the communicating parties hop in a synchronized manner, these solutions suggest acknowledgment-based protocols between a client-server pair or assume the presence of synchronized clocks. Acknowledgments, if lost, can cause a port to be open for a longer time and thus be vulnerable to DoS attacks; Time servers for synchronizing clocks can become targets to DoS attack themselves.
Here we study the case where the communicating parties have clocks with rate drift, which is common in networking.We propose an algorithm, BIGWHEEL, for servers to communicate with multiple clients in a port-hopping manner, thus enabling support to multi-party applications as well. The algorithm does not rely on the server having a fixed port open in the beginning, neither does it require from the client to get a “first-contact” port from a third party. We also present an adaptive algorithm, HOPERAA, for hopping in the presence of clock-drift, as well as the analysis and evaluation of the methods. The solutions are simple, based on each client interacting with the server independently of the other clients, without the need of acknowledgments or time server.
Keywords: DOS, Denial of Service, DDoS, Distributed Denial of Service.
Suggested Citation: Suggested Citation