Increasing Communications Security Through Protocol Parameter Diversity
Pulsing attacks use carefully synchronized high-rate low-duration bursts of traffic that are injected into a network to induce denial-of-service. These attacks are effective because the bursts force protocols into low-performance states. The synchronization relies on the fact that most computers run protocols with identical parameter values. The use of diverse parameter value could make the attacks much less likely to succeed. This paper describes how parameters in TCP protocol implementations can be automatically diversified, introduces several evaluation metrics, and assesses the efficacy of this defense using Kuzmanovic's shrew pulsing attack.