Shrew attack is a type of typical transmission control protocol (TCP)-targeted low-rate denial of service attacks. Guirguis proposed a variant of the Shrew attack, which is called the full-buffer Shrew (FB-Shrew) attack. By maximizing the attack period and minimizing the attack rate, FB-Shrew attack can achieve the optimal impact. However, Guirguis's study has some limitations that mainly lie in neglecting the competition between TCP packets and attack packets. In this letter, we restudy the behavior model of TCP congestion window with a single TCP flow to expose the upper bound of attack impact. Test results of NS-2 experiments indicate that, compared with Guirguis's model, our model provides a more realistic, more accurate, and higher upper bound on the impact of the FB-Shrew attack.

• 出版日期2016-10
• 单位中国民航大学; 天津大学