Date Added: Oct 2010
Traffic burstiness is known to be undesirable for a router as it increases the router's queue length and hence the queueing delays of data flows. This poses a security problem in which an attacker intentionally introduces traffic burstiness into routers. The authors consider a correlation attack, whose fundamental characteristic is to correlate multiple attack flows to generate synchronized small attack bursts, in an attempt to aggregate the bursts into a large burst at a target router. In this paper, they develop an analytical, fluid-based framework that models how the correlation attack disrupts router queues and how it can be mitigated.