Revision as of 16:42, 1 December 2012 edit 50.53.15.59 (talk) cleanup ← Previous edit		Revision as of 16:54, 1 December 2012 edit undo 50.53.15.59 (talk) ref Next edit →
Line 1: The existing [[random early detection]] (RED) algorithm and its variants are found vulnerable to emerging attacks, especially the [http://sites.google.com/site/cwzhangres/home/files/RREDRobustREDAlgorithmtoCounterLow-rateDenial-of-ServiceAttacks.pdf?attredirects=0 Low-rate Denial-of-Service] (LDoS) attacks. Experiments have confirmed that the existing RED-like algorithms are notably vulnerable under LDoS attacks due to the oscillating TCP queue size caused by the attacks.<ref name=RRED>~~Changwang~~{{cite ~~Zhang, Jianping Yin, Zhiping Cai, and Weifeng Chen, [http://sites~~doi\|10.~~google.com~~1109/~~site/cwzhangres/home/files/RREDRobustREDAlgorithmtoCounterLow-rateDenial-of-ServiceAttacks~~LCOMM.~~pdf?attredirects=0 RRED: Robust RED Algorithm to Counter Low-rate Denial-of-Service Attacks], IEEE Communications Letters, vol. 14, pp. 489-491,~~ 2010. ~~[http://ieeexplore~~05.~~ieee.org/xpl/freeabs_all.jsp?arnumber=5456075 Ref]~~091407}}</ref> A Robust RED (RRED) algorithm was proposed to improve the TCP throughput against LDoS attacks. The basic idea behind the RRED is to detect and filter out attack packets before a normal RED algorithm is applied to incoming flows. RRED algorithm can significantly improve the performance of TCP under Low-rate [[denial-of-service attack]]s.<ref name="RRED"/>

Robust random early detection: Difference between revisions