Vulnerability of small networks for the TTL expiry DDoS attack

Abstract

Even though core or backbone routers may have not vulnerability issues for TTL expiry DDoS attack, routers which have only a single processor for packet forwarding and control used in the small network may vulnerable for an TTL expiry DDoS attack. The reason is that forwarding and control functions are not completely separated so the packet dropping due to TTL expiration affects to packet forwarding. In this paper we presents effect of the TTL Expiry DDoS attack with the attack scenario in the testbed consisted with commercialized network equipments. The results show that the TTL attack using small packets in low utilization is more effective than the attack using large packets.