%A Minh Viet Kieu
%A Dai Tho Nguyen
%A Thanh Thuy Nguyen
%T Using CPR Metric to Detect and Filter Low-Rate DDoS Flows
%X TCP-targeted low-rate distributed denial-of-service (LDDoS) attacks pose a serious challenge to the reliability and security of the Internet. Among various proposed solutions, we are particularly interested in the Congestion Participation Rate (CPR) metric and the CPR-based approach. Through a simulation study, we show that the existing algorithm cannot simultaneously achieve high TCP throughput while under attack and good fairness performance for new legitimate TCP flows in normal times. We then propose a new version of the CPR-based approach to overcome the tradeoff.
Simulation results show that it preserves TCP throughput while under attack fairly well, yet maintains fairness for new TCP flows in normal times.
%C Nha Trang, Vietnam
%D 2017
%L SisLab2752