Menu
Home
People
Places
Arts
History
Plants & Animals
Science
Life & Culture
Technology
Reference.org
Robust random early detection
open-in-new
<h2 id="the-design-of-robust-red-rred">The design of Robust RED (RRED)</h2> <p>A detection and filter block is added in front of a regular RED block on a router. The basic idea behind the RRED is to detect and filter out LDoS attack packets from incoming flows before they feed to the RED algorithm. How to distinguish an attacking packet from normal TCP packets is critical in the RRED design. </p><p>Within a benign TCP flow, the sender will delay sending new packets if loss is detected (e.g., a packet is dropped). Consequently, a packet is suspected to be an attacking packet if it is sent within a short-range after a packet is dropped. This is the basic idea of the detection algorithm of Robust RED (RRED).<a class="footnote-ref" id="fnref:3" href="#fn:3"><sup>3</sup></a> </p> <h2 id="algorithm-of-the-robust-red-rred">Algorithm of the Robust RED (RRED)</h2> algorithm RRED-ENQUE(pkt) 01 f ← RRED-FLOWHASH(pkt) 02 Tmax ← MAX(Flow[f].T1, T2) 03 if pkt.arrivaltime is within [Tmax, Tmax+T*] then 04 reduce local indicator by 1 for each bin corresponding to f 05 else 06 increase local indicator by 1 for each bin of f 07 Flow[f].I ← maximum of local indicators from bins of f 08 if Flow[f].I ≥ 0 then 09 RED-ENQUE(pkt) // pass pkt to the RED block 10 if RED drops pkt then 11 T2 ← pkt.arrivaltime 12 else 13 Flow[f].T1 ← pkt.arrivaltime 14 drop(pkt) 15 return <ul><li><i>f.T1</i> is the arrival time of the last packet from flow <i>f</i> that is dropped by the detection and filter block.</li> <li><i>T2</i> is the arrival time of the last packet from any flow that is dropped by the <a href="/facts/Random_early_detection/h2YyDNQL">random early detection</a> (RED) block.</li> <li><i>Tmax = max(f.T1, T2)</i>.</li> <li><i>T*</i> is a short time period, which is empirically chosen to be 10 ms in a default RRED algorithm.<a class="footnote-ref" id="fnref:4" href="#fn:4"><sup>4</sup></a></li></ul> <h2 id="the-simulation-code-of-the-robust-red-rred">The simulation code of the Robust RED (RRED)</h2> <p>The simulation code of the RRED algorithm is published as an <a href="/facts/Active_queue_management/dPk4QqtM">active queue management</a> and <a href="/facts/Denial-of-service_attack/6nkoK02J">denial-of-service attack</a> (AQM&DoS) simulation platform. The <a href="https://sites.google.com/site/cwzhangres/home/posts/aqmdossimulationplatform">AQM&DoS Simulation Platform</a> is able to simulate a variety of DoS attacks (Distributed DoS, Spoofing DoS, Low-rate DoS, etc.) and active queue management (AQM) algorithms (<a href="/facts/Random_early_detection/h2YyDNQL">RED</a>, RRED, SFB, etc.). It automatically calculates and records the average throughput of normal TCP flows before and after DoS attacks to facilitate the analysis of the impact of DoS attacks on normal TCP flows and AQM algorithms. </p> <h2 id="external-links">External links</h2> <ul><li><a href="https://sites.google.com/site/cwzhangres/home/posts/aqmdossimulationplatform">AQM&DoS Simulation Platform</a></li> <li><a href="https://sites.google.com/site/cwzhangres/home/posts/recentpublicationsinlow-ratedosattacks">Recent Publications in Low-rate Denial-of-Service (LDoS) attacks </a></li> <li><a href="https://sites.google.com/site/cwzhangres/home/posts/recentpublicationsinrandomearlydetectionredschemes">Recent Publications in Random Early Detection (RED) schemes</a> <a href="https://web.archive.org/web/20160917055738/http://sites.google.com/site/cwzhangres/home/posts/recentpublicationsinrandomearlydetectionredschemes">Archived</a> 2016-09-17 at the <a href="/facts/Wayback_Machine/nmQ3a6JC">Wayback Machine</a></li> <li><a href="https://sites.google.com/site/cwzhangres/home/posts/recentpublicationsinactivequeuemanagementaqmschemes">Recent Publications in Active Queue Management (AQM) schemes</a></li></ul> <h2 id="references">References</h2> <ol> <li id="fn:1"><p>Zhang, C.; Yin, J.; Cai, Z.; Chen, W. (May 2010). "RRED: Robust RED algorithm to counter low-rate denial-of-service attacks" (PDF). IEEE Communications Letters. 14 (5): 489–491. doi:10.1109/LCOMM.2010.05.091407. S2CID 1121461. <a href="https://sites.google.com/site/cwzhangres/home/files/RREDRobustREDAlgorithmtoCounterLow-rateDenial-of-ServiceAttacks.pdf?attredirects=0" target="_blank">https://sites.google.com/site/cwzhangres/home/files/RREDRobustREDAlgorithmtoCounterLow-rateDenial-of-ServiceAttacks.pdf?attredirects=0</a> <a href="#fnref:1" class="footnote-back-ref">↩</a></p></li> <li id="fn:2"><p>Zhang, C.; Yin, J.; Cai, Z.; Chen, W. (May 2010). "RRED: Robust RED algorithm to counter low-rate denial-of-service attacks" (PDF). IEEE Communications Letters. 14 (5): 489–491. doi:10.1109/LCOMM.2010.05.091407. S2CID 1121461. <a href="https://sites.google.com/site/cwzhangres/home/files/RREDRobustREDAlgorithmtoCounterLow-rateDenial-of-ServiceAttacks.pdf?attredirects=0" target="_blank">https://sites.google.com/site/cwzhangres/home/files/RREDRobustREDAlgorithmtoCounterLow-rateDenial-of-ServiceAttacks.pdf?attredirects=0</a> <a href="#fnref:2" class="footnote-back-ref">↩</a></p></li> <li id="fn:3"><p>Zhang, C.; Yin, J.; Cai, Z.; Chen, W. (May 2010). "RRED: Robust RED algorithm to counter low-rate denial-of-service attacks" (PDF). IEEE Communications Letters. 14 (5): 489–491. doi:10.1109/LCOMM.2010.05.091407. S2CID 1121461. <a href="https://sites.google.com/site/cwzhangres/home/files/RREDRobustREDAlgorithmtoCounterLow-rateDenial-of-ServiceAttacks.pdf?attredirects=0" target="_blank">https://sites.google.com/site/cwzhangres/home/files/RREDRobustREDAlgorithmtoCounterLow-rateDenial-of-ServiceAttacks.pdf?attredirects=0</a> <a href="#fnref:3" class="footnote-back-ref">↩</a></p></li> <li id="fn:4"><p>Zhang, C.; Yin, J.; Cai, Z.; Chen, W. (May 2010). "RRED: Robust RED algorithm to counter low-rate denial-of-service attacks" (PDF). IEEE Communications Letters. 14 (5): 489–491. doi:10.1109/LCOMM.2010.05.091407. S2CID 1121461. <a href="https://sites.google.com/site/cwzhangres/home/files/RREDRobustREDAlgorithmtoCounterLow-rateDenial-of-ServiceAttacks.pdf?attredirects=0" target="_blank">https://sites.google.com/site/cwzhangres/home/files/RREDRobustREDAlgorithmtoCounterLow-rateDenial-of-ServiceAttacks.pdf?attredirects=0</a> <a href="#fnref:4" class="footnote-back-ref">↩</a></p></li> </ol>