Mitigating Low-volume DoS Attacks with Data-driven Resource Accounting

04/29/2022
by   ChangSeok Oh, et al.
0

Low-volume Denial-of-Service (μDoS) attacks have been demonstrated to fundamentally bypass traditional DoS mitigation schemes based on the flow and volume of network packets. In this paper, we propose a data-driven approach, called ROKI, that accurately tracks internal resource utilization and allocation associated with each packet (or session), making it possible to tame resource exhaustion caused by μDoS attacks. Since ROKI focuses on capturing the symptom of DoS, it can effectively mitigate previously unknown μDoS attacks. To enable a finer-grain resource tracking, ROKI provided in concept the accounting capabilities to each packet itself, so we called data-driven: it monitors resource utilization at the link, network, transport layers in the kernel, as well as application layers, and attributes back to the associated packet. Given the resource usages of each packet, ROKI can reclaim (or prevent) the system resources from malicious packets (or attackers) whenever it encounters system-wide resource exhaustion. To provide lightweight resource tracking, ROKI carefully multiplexes hardware performance counters whenever necessary. Our evaluation shows that ROKI's approach is indeed effective in mitigating real-world μDoS attacks with negligible performance overheads - incurring 3 throttled.

READ FULL TEXT
research
04/20/2020

Tracemax: A Novel Single Packet IP Traceback Strategy for Data-Flow Analysis

The identification of the exact path that packets are routed on in the n...
research
11/08/2018

A practical approach to detection of distributed denial-of-service attacks using a hybrid detection method

This paper presents a hybrid method for the detection of distributed den...
research
08/01/2019

Runtime Mitigation of Packet Drop Attacks in Fault-tolerant Networks-on-Chip

Fault-tolerant routing (FTR) in Networks-on-Chip (NoCs) has become a com...
research
04/28/2018

A Resource Pooling Switch Architecture with High Performance Scheduler

With the rapid development of network-based services and applications, c...
research
04/22/2020

Proactive Aging Mitigation in CGRAs through Utilization-Aware Allocation

Resource balancing has been effectively used to mitigate the long-term a...
research
04/06/2021

Detecting and Mitigating Network Packet Overloads on Real-Time Devices in IoT Systems

Manufacturing, automotive, and aerospace environments use embedded syste...
research
08/04/2021

Combating Informational Denial-of-Service (IDoS) Attacks: Modeling and Mitigation of Attentional Human Vulnerability

This work proposes a new class of proactive attacks called the Informati...

Please sign up or login with your details

Forgot password? Click here to reset