A novel pattern of distributed low-rate denial of service attack disrupts internet routing

摘要

Recently identified low-rate TCP-targeted DoS attacks can cause failures of Border Gateway Protocol sessions and route flappings without being detected by current defense mechanisms. Deliberately constructed Distributed low-rate DoS attacks can even generate surge of updates throughout the Internet. As this new breed of attacks needs a low-rate time gap between adjacent pulses, this time gap waste large number pulses to form other attack flows. In this paper, we investigate the possibility and methods of employing the time gap to evoke other attack flows against target network. Simulations show that this method can exponentially reduce the number of nodes and therefore lower the cost of the attack when attacking multiple BGP sessions simultaneously. Experiments show that the integrated attack is efficient in causing BGP session resets, delayed routing convergence and seriously impacting routing stability and network reachability. We also proposed the attack scheme and defense mechanisms of this kind of attacks.