Robust random early detection Contents The Design of Robust RED (RRED) Algorithm of the Robust RED (RRED) The Simulation code of the Robust RED (RRED) References External links Navigation menuAQM&DoS Simulation Platform"RRED: Robust RED algorithm to counter low-rate denial-of-service attacks"10.1109/LCOMM.2010.05.091407AQM&DoS Simulation PlatformRecent Publications in Low-rate Denial-of-Service (LDoS) attacks Recent Publications in Random Early Detection (RED) schemesRecent Publications in Active Queue Management (AQM) schemes

Network performancePackets (information technology)Denial-of-service attacksComputer network security


network schedulerrandom early detectionLow-rate Denial-of-Service attacksactive queue managementdenial-of-service attackAQM&DoS Simulation PlatformRED




Robust random early detection (RRED) is a queueing disclipine for a network scheduler. The existing random early detection (RED) algorithm and its variants are found vulnerable to emerging attacks, especially the Low-rate Denial-of-Service attacks (LDoS). Experiments have confirmed that the existing RED-like algorithms are notably vulnerable under LDoS attacks due to the oscillating TCP queue size caused by the attacks.[1]


The Robust RED (RRED) algorithm was proposed to improve the TCP throughput against LDoS attacks. The basic idea behind the RRED is to detect and filter out attack packets before a normal RED algorithm is applied to incoming flows. RRED algorithm can significantly improve the performance of TCP under Low-rate denial-of-service attacks.[1]




Contents





  • 1 The Design of Robust RED (RRED)


  • 2 Algorithm of the Robust RED (RRED)


  • 3 The Simulation code of the Robust RED (RRED)


  • 4 References


  • 5 External links




The Design of Robust RED (RRED)


A detection and filter block is added in front of a regular RED block on a router. The basic idea behind the RRED is to detect and filter out LDoS attack packets from incoming flows before they feed to the RED algorithm. How to distinguish an attacking packet from normal TCP packets is critical in the RRED design.


Within a benign TCP flow, the sender will delay sending new packets if loss is detected (e.g., a packet is dropped). Consequently, a packet is suspected to be an attacking packet if it is sent within a short-range after a packet is dropped. This is the basic idea of the detection algorithm of Robust RED (RRED).[1]



Algorithm of the Robust RED (RRED)


RRED-ENQUE(pkt)
01 	f←RRED-FLOWHASH(pkt) 
02 	Tmax←MAX(Flow[f].T1, T2)
03 	if pkt.arrivaltime is within [Tmax, Tmax+T*] then
04 		reduce local indicator by 1 for each bin corresponding to f
05 	else
06 		increase local indicator by 1 for each bin of f
07 	Flow[f].I←maximum of local indicators from bins of f 
08 	if Flow[f].I >=0 then 
09 		RED-ENQUE(pkt) //pass pkt to the RED block
10 		if RED drops pkt then
11 			T2←pkt.arrivaltime
12 	else
13 		Flow[f].T1←pkt.arrivaltime
14 		drop(pkt)
15 	return


  • f.T1 is the arrival time of the last packet from flow f that is dropped by the detection and filter block.


  • T2 is the arrival time of the last packet from any flow that is dropped by the random early detection (RED) block.


  • Tmax = max(f.T1, T2).


  • T* is a short time period, which is empirically chosen to be 10 ms in a default RRED algorithm.[1]


The Simulation code of the Robust RED (RRED)


The simulation code of the RRED algorithm is published as an active queue management and denial-of-service attack (AQM&DoS) simulation platform. The AQM&DoS Simulation Platform is able to simulate a variety of DoS attacks (Distributed DoS, Spoofing DoS, Low-rate DoS, etc.) and active queue management (AQM) algorithms (RED, RRED, SFB, etc.). It automatically calculates and records the average throughput of normal TCP flows before and after DoS attacks to facilitate the analysis of the impact of DoS attacks on normal TCP flows and AQM algorithms.



References




  1. ^ abcd Zhang, C.; Yin, J.; Cai, Z.; Chen, W. (May 2010). "RRED: Robust RED algorithm to counter low-rate denial-of-service attacks" (PDF). IEEE Communications Letters. 14 (5): 489–491. doi:10.1109/LCOMM.2010.05.091407..mw-parser-output cite.citationfont-style:inherit.mw-parser-output .citation qquotes:"""""""'""'".mw-parser-output .citation .cs1-lock-free abackground:url("//upload.wikimedia.org/wikipedia/commons/thumb/6/65/Lock-green.svg/9px-Lock-green.svg.png")no-repeat;background-position:right .1em center.mw-parser-output .citation .cs1-lock-limited a,.mw-parser-output .citation .cs1-lock-registration abackground:url("//upload.wikimedia.org/wikipedia/commons/thumb/d/d6/Lock-gray-alt-2.svg/9px-Lock-gray-alt-2.svg.png")no-repeat;background-position:right .1em center.mw-parser-output .citation .cs1-lock-subscription abackground:url("//upload.wikimedia.org/wikipedia/commons/thumb/a/aa/Lock-red-alt-2.svg/9px-Lock-red-alt-2.svg.png")no-repeat;background-position:right .1em center.mw-parser-output .cs1-subscription,.mw-parser-output .cs1-registrationcolor:#555.mw-parser-output .cs1-subscription span,.mw-parser-output .cs1-registration spanborder-bottom:1px dotted;cursor:help.mw-parser-output .cs1-ws-icon abackground:url("//upload.wikimedia.org/wikipedia/commons/thumb/4/4c/Wikisource-logo.svg/12px-Wikisource-logo.svg.png")no-repeat;background-position:right .1em center.mw-parser-output code.cs1-codecolor:inherit;background:inherit;border:inherit;padding:inherit.mw-parser-output .cs1-hidden-errordisplay:none;font-size:100%.mw-parser-output .cs1-visible-errorfont-size:100%.mw-parser-output .cs1-maintdisplay:none;color:#33aa33;margin-left:0.3em.mw-parser-output .cs1-subscription,.mw-parser-output .cs1-registration,.mw-parser-output .cs1-formatfont-size:95%.mw-parser-output .cs1-kern-left,.mw-parser-output .cs1-kern-wl-leftpadding-left:0.2em.mw-parser-output .cs1-kern-right,.mw-parser-output .cs1-kern-wl-rightpadding-right:0.2em




External links


  • AQM&DoS Simulation Platform

  • Recent Publications in Low-rate Denial-of-Service (LDoS) attacks

  • Recent Publications in Random Early Detection (RED) schemes

  • Recent Publications in Active Queue Management (AQM) schemes


-

Popular posts from this blog

Lowndes Grove History Architecture References Navigation menu32°48′6″N 79°57′58″W / 32.80167°N 79.96611°W / 32.80167; -79.9661132°48′6″N 79°57′58″W / 32.80167°N 79.96611°W / 32.80167; -79.9661178002500"National Register Information System"Historic houses of South Carolina"Lowndes Grove""+32° 48' 6.00", −79° 57' 58.00""Lowndes Grove, Charleston County (260 St. Margaret St., Charleston)""Lowndes Grove"The Charleston ExpositionIt Happened in South Carolina"Lowndes Grove (House), Saint Margaret Street & Sixth Avenue, Charleston, Charleston County, SC(Photographs)"Plantations of the Carolina Low Countrye

Image
Contributing propertyKeeper of the RegisterHistoric districtHistory of the National Register of Historic PlacesNational Park ServiceProperty typesCharlestonColumbiaGreenvilleNorth CharlestonRock Hill Houses on the National Register of Historic Places in South CarolinaGeorgian architecture in South CarolinaHouses completed in 1786Plantation houses in South CarolinaNational Register of Historic Places in Charleston, South CarolinaHouses in Charleston, South Carolina plantation houseAshley RiverCharlestonNational Register of Historic PlacesRevolutionary WarWilliam LowndesU.S. CongressSouth Carolina Inter-State and West Indian ExpositionGeorgianDoricbalustradespedimentoculusentablaturemodilliondentillightship roofterra cottatilescorbelledcornicesRegency stylespiral staircaseskylight Lowndes Grove U.S. National Register of Historic Places Lowndes Grove in 1940 Show map of South Carolina Show map of the United States Location 260 St. Margaret St., Charleston, South Carolina Coordinates 32
Read more

random experiment with two different functions on unit interval Announcing the arrival of Valued Associate #679: Cesar Manara Planned maintenance scheduled April 23, 2019 at 00:00UTC (8:00pm US/Eastern)Random variable and probability space notionsRandom Walk with EdgesFinding functions where the increase over a random interval is Poisson distributedNumber of days until dayCan an observed event in fact be of zero probability?Unit random processmodels of coins and uniform distributionHow to get the number of successes given $n$ trials , probability $P$ and a random variable $X$Absorbing Markov chain in a computer. Is “almost every” turned into always convergence in computer executions?Stopped random walk is not uniformly integrable

Image
What would you call this weird metallic apparatus that allows you to lift people? Is it possible to give , in economics, an example of a relation ( set of ordered pairs) that is not a function? Maximum summed subsequences with non-adjacent items How many time has Arya actually used Needle? Is there public access to the Meteor Crater in Arizona? Belief In God or Knowledge Of God. Which is better? What is the meaning of 'breadth' in breadth first search? Why is there Net Work Done on a Pressure/Volume Cycle? How much damage would a cupful of neutron star matter do to the Earth? Sum letters are not two different Why does it sometimes sound good to play a grace note as a lead in to a note in a melody? What initially awakened the Balrog? How to pronounce 伝統色 QGIS virtual layer functionality does not seem to support memory layers AppleTVs create a chatty alternate WiFi network How to write capital alpha? How often does castling occur in grandmaster gam
Read more

How should I support this large drywall patch? Planned maintenance scheduled April 23, 2019 at 00:00UTC (8:00pm US/Eastern) Announcing the arrival of Valued Associate #679: Cesar Manara Unicorn Meta Zoo #1: Why another podcast?How do I cover large gaps in drywall?How do I keep drywall around a patch from crumbling?Can I glue a second layer of drywall?How to patch long strip on drywall?Large drywall patch: how to avoid bulging seams?Drywall Mesh Patch vs. Bulge? To remove or not to remove?How to fix this drywall job?Prep drywall before backsplashWhat's the best way to fix this horrible drywall patch job?Drywall patching using 3M Patch Plus Primer

Image
How do living politicians protect their readily obtainable signatures from misuse? Is it possible to force a specific program to remain in memory after closing it? File name problem(?) How to pronounce 伝統色 How does the math work when buying airline miles? Sum letters are not two different An adverb for when you're not exaggerating What does it mean that physics no longer uses mechanical models to describe phenomena? Take 2! Is this homebrew Lady of Pain warlock patron balanced? How many time has Arya actually used Needle? A letter with no particular backstory Converted a Scalar function to a TVF function for parallel execution-Still running in Serial mode Generate an RGB colour grid Co-worker has annoying ringtone Strange behavior of Object.defineProperty() in JavaScript "Lost his faith in humanity in the trenches of Verdun" — last line of an SF story What is this round thing on the pantry door in The Shining What would you call this weir
Read more