%0 Conference Paper
%A Kieu, Minh Viet
%A Nguyen, Dai Tho
%A Nguyen, Thanh Thuy
%A University of Engineering and Technology, Vietnam National University, Hanoi,
%B The Eighth International Symposium on Information and Communication Technology (SoICT 2017)
%C Nha Trang, Vietnam
%D 2017
%F SisLab:2752
%T Using CPR Metric to Detect and Filter Low-Rate DDoS Flows
%U https://eprints.uet.vnu.edu.vn/eprints/id/eprint/2752/
%X TCP-targeted low-rate distributed denial-of-service (LDDoS) attacks pose a serious challenge to the reliability and security of the Internet. Among various proposed solutions, we are particularly interested in the Congestion Participation Rate (CPR) metric and the CPR-based approach. Through a simulation study, we show that the existing algorithm cannot simultaneously achieve high TCP throughput while under attack and good fairness performance for new legitimate TCP flows in normal times. We then propose a new version of the CPR-based approach to overcome the tradeoff.  Simulation results show that it preserves TCP throughput while under attack fairly well, yet maintains fairness for new TCP flows in normal times.