We present Ack-storm DoS attacks, a new family of DoS attacks exploiting a subtle design flaw in the core TCP specifications. The attacks can be launched by a very weak MitM attacker, which can only eavesdrop occasionally and spoof packets (a Weakling in the Middle (WitM)). The attacks can reach theoretically unlimited amplification; we measured amplification of over 400,000 against popular web...

Recently, we introduced a new congestion signaling method called ACK Spoofing, which offers significant benefits over existing methods, such as packet dropping and Explicit Congestion Notification (ECN). Since ACK Spoofing requires the router to create a “short circuit” signaling path, by matching marked data packets in a congested buffer with ACK packets belonging to the same flow that are tra...

IEEE 802.11n standard has introduced the new schemes in MAC and HT-PHY layers to improve network throughput. The new schemes in MAC layer are A-MSDU, A-MPDU and Block ACK. In the HT-PHY layer there are MIMO transmission using up to 4 spatial streams, 40 MHz bandwidth channel and 400 ns guard interval. In this paper, we proposed an analytical model that can be used to estimates the throughput of...

Many TCP connections show an asymmetric traffic pattern where significantly more data is sent in one direction than the other resulting in large numbers of ACK-only packets to be generated. In this work we propose and evaluate two independent approaches for how to make better use of the available space in TCP ACK-only packets to improve data transfer. The first approach provides packet-efficien...

By identifying weaknesses in TCP’s RFC specifications, Savage et al. are able to bypass TCP’s congestion control behaviours. They specifically demonstrate three techniques: ACK division, DupACK spoofing, and Optimistic ACKing. ACK division increases the sender’s transmission window artificially by ACKing at byte granularity rather than segment granularity. DupACK spoofing sends a stream of dupl...

To tackle the major problem of traditional TCP in wireless network, an end-to-end congestion control algorithm (TSBCC) is proposed based on time series. The algorithm creates time series consisting of the time interval of ACK, calculates the next ACK arrival time by the GARCH modal, analyzes the types of data packet loss, and sets congestion window size using different strategies according to d...

In the last few years, the number of wireless devices has increased significantly. Today’s enterprise networks are facing challenges to manage such a large number of devices with the limited wireless resources. To increase the capacity, today’s enterprise networks use a dense deployment of Access Points (APs) [5]. In this scenario, adjacent and overlapping WiFi hotspots (AP-STA clusters, where ...