When mice devour the elephants: A DDoS attack against size-based scheduling schemes in the internet

Abdul Serwadda, Vir V. Phoha

Research output: Contribution to journalArticle

2 Scopus citations

Abstract

Abstract Size-based scheduling (SBS) has been shown to offer significant performance improvement in Web servers and routers. However, most of the performance benefits offered by SBS rely on the premise that the scheduler will interact with a "well behaved" heavy tailed job size distribution. In this paper we design an attack that degrades the performance of an SBS scheduler by subjecting it to a job size distribution which violates the core traffic properties from which SBS derives its strengths. Through theoretical work and a wide range of experiments, we demonstrate the lethality of the attack against routers that use SBS. Additionally, we cite evidence that indicates why the tools and practical manoeuvres required to carry out the attack on a live network are within the reach of adversaries. As flavors of SBS begin to grace the Internet, the paper provides a timely cautionary note on the challenges that SBS could face if widely deployed without specialized defense mechanisms.

Original languageEnglish
Article number901
Pages (from-to)31-43
Number of pages13
JournalComputers and Security
Volume53
DOIs
StatePublished - Jun 12 2015

    Fingerprint

Keywords

  • Denial of service (DoS) attacks
  • Network security
  • Scheduling
  • Simulation
  • ns2

Cite this