Rescuing QUIC Flows From Countermeasures Against UDP Flooding Attacks

Junseok Lee, Minhyeong Kim, Wonjun Song, Younghoon Kim, Dohyung Kim

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

1 Scopus citations

Abstract

Due to advantages such as quick connection establishment and multiple streaming over a single connection, QUIC was included in the new standard of HTTP 3.0 as an alternative transport layer protocol. Since QUIC operates on UDP, however, QUIC flows can be blocked by existing countermeasures against UDP flooding attacks, even if transmission rates are fairly controlled by congestion control algorithms, such as TCP. In this paper, we confirm that such a problem arises in real-world Internet environment and design effective approaches to avoid it. In the first approach, the gateway router dynamically sets the rate limit for the QUIC flow, based on the expected next CWND size estimated by the receiver using a built-in congestion control algorithm. The second approach leverages the proactive dropping of packets (or ECN marking) to distinguish whether the flow is a self-regulated QUIC flow or an unresponsive UDP attack/selfish flow. Simulation studies using the ns-3 simulator confirm that the proposed approaches can selectively allow QUIC flows regardless of their short-term transmission rates while preserving the effectiveness of existing countermeasures against UDP flooding attacks.

Original languageEnglish
Title of host publication39th Annual ACM Symposium on Applied Computing, SAC 2024
PublisherAssociation for Computing Machinery
Pages1072-1080
Number of pages9
ISBN (Electronic)9798400702433
DOIs
StatePublished - Apr 8 2024
Externally publishedYes
Event39th Annual ACM Symposium on Applied Computing, SAC 2024 - Avila, Spain
Duration: Apr 8 2024Apr 12 2024

Publication series

NameProceedings of the ACM Symposium on Applied Computing

Conference

Conference39th Annual ACM Symposium on Applied Computing, SAC 2024
Country/TerritorySpain
CityAvila
Period04/8/2404/12/24

Keywords

  • network security
  • receiver-side RTT estimation in QUIC
  • self-regulated QUIC flows
  • UDP flooding attacks

Fingerprint

Dive into the research topics of 'Rescuing QUIC Flows From Countermeasures Against UDP Flooding Attacks'. Together they form a unique fingerprint.

Cite this