Publications at NRL

Search by Title


Search by Author


Conference Paper


Defense against Low-rate TCP-targeted Denial-of-Service Attacks


Low-rate TCP-targeted Denial-of-Service (DoS) attacks aim at the fact that most operating systems in use today have a common base TCP Retransmission Timeout (RTO) of 1 sec. An attacker injects periodic bursts of packets to fill the bottleneck queue and forces TCP connections to timeout with near-zero throughput. This paper proposes randomization on TCP RTO as defense against such attacks. With RTO randomization, an attacker cannot predict the next TCP timeout and consequently cannot inject the burst at the exact instant. An analytic performance model on the throughput of randomized TCP is developed and validated. Simulation results show that randomization can effectively mitigate the impact of such DoS attacks while maintaining fairness and friendliness to other connections.

Paper: PDF file of paper

Information & Date

The 9th IEEE Symposium on Computers and Communications (ISCC 2004), Alexandria, Egypt, June. 2004


Guang Yang
Mario Gerla
M.Y. Sanadidi