Effectiveness of Rate-Limiting in Mitigating Flooding DoS Attacks

J.V.E. Mölsä (Finland)


Internet security, Denial of Service, Rate-limiting, TCPthroughput.


This paper investigates the effectiveness of rate-limiting in mitigating TCP-based flooding Denial of Service (DoS) at tacks. Rate-limiting is used as a DoS defense mechanism to discard a fraction of incoming attack packets. Part of legit imate traffic is, however, mis-detected as attack traffic. The main contribution of this paper is to find out how much a DoS attack can be rate-limited without any undue penalties for those legitimate TCP flows, which are mis-detected as attack traffic. The research methodology is based on ana lyzing the TCP throughput in a simulated network where packet-loss is one-way due to rate-limiting of incoming packets. Empirical measurements in a small network are used to verify the simulation results.

Important Links:

Go Back