Security and Privacy in Communication Networks. 8th International ICST Conference, SecureComm 2012, Padua, Italy, September 3-5, 2012. Revised Selected Papers

Research Article

Improving the Resilience of an IDS against Performance Throttling Attacks

Download
448 downloads
  • @INPROCEEDINGS{10.1007/978-3-642-36883-7_11,
        author={Govind Shenoy and Jordi Tubella and Antonio Gonz\^{a}lez},
        title={Improving the Resilience of an IDS against Performance Throttling Attacks},
        proceedings={Security and Privacy in Communication Networks. 8th International ICST Conference, SecureComm 2012, Padua, Italy, September 3-5, 2012. Revised Selected Papers},
        proceedings_a={SECURECOMM},
        year={2013},
        month={2},
        keywords={},
        doi={10.1007/978-3-642-36883-7_11}
    }
    
  • Govind Shenoy
    Jordi Tubella
    Antonio González
    Year: 2013
    Improving the Resilience of an IDS against Performance Throttling Attacks
    SECURECOMM
    Springer
    DOI: 10.1007/978-3-642-36883-7_11
Govind Shenoy1,*, Jordi Tubella1,*, Antonio González,*
  • 1: Universitat Politècnica de Catalunya
*Contact email: govind@ac.upc.edu, jordit@ac.upc.edu, antonio.gonzalez@intel.com

Abstract

Intrusion Detection Systems (IDS) have emerged as one of the most promising ways to secure systems in the network. To be effective against evasion attempts, the IDS must provide tight bounds on performance. Otherwise an adversary can bypass the IDS by carefully crafting and sending packets that throttle it. This can render the IDS ineffective, thus resulting in the network becoming vulnerable.