- 【Updated on May 12, 2025】 Integration of CiNii Dissertations and CiNii Books into CiNii Research
- Trial version of CiNii Research Knowledge Graph Search feature is available on CiNii Labs
- Suspension and deletion of data provided by Nikkei BP
- Regarding the recording of “Research Data” and “Evidence Data”
An Analysis of TCP ACK Storm DoS Attack on Virtual Network
Description
Recent research shows that virtual systems are more vulnerable under DoS attacks. However, there appears to be a lack of academic research regarding novel DoS attack techniques on virtual systems. The decline of NTP Amplification DDoS attacks shows that proper understanding of threats can help in mitigating DoS attacks. Therefore, it is essential to early understand and explore a new threat that can lead to a new DoS attack. In this paper, we analyze the effect of TCP ACK Storm DoS attacks, a family of DoS attacks exploiting a subtle design flaw in the core TCP specifications, on virtual networks. In these attacks, a very weak Man-in-the-Middle attacker, who can only eavesdrop occasionally, can send spoof packets to the host machine of the virtual network and makes all virtual machines on that network could not connect to the external network. We created a virtual network using VMWare Workstation Pro 14 and perform the experimental attacks. In the analysis, we explore gateway’s behavior under this kind of attack. We also introduce some countermeasures against this kind of attack.
Journal
-
- 2019 19th International Symposium on Communications and Information Technologies (ISCIT)
-
2019 19th International Symposium on Communications and Information Technologies (ISCIT) 288-293, 2019-09-01
IEEE