A Study on Recent Approaches in Handling DDoS Attacks

In this paper, we present a study on the recent approaches in handling Distributed Denial of Service (DDoS) attacks. DDoS attack is a fairly new type of attack to cripple the availability of Internet services and resources. A DDos attack can originate from anywhere in the network and typically overwhelms the victim server by sending a huge number of packets. Several remedial measures have been proposed by various researchers. This paper attempts to discuss the recent offerings to handle the DDoS attacks.

[1]  Miss A.O. Penney (b) , 1974, The New Yale Book of Quotations.

[2]  Paul J Criscuolo,et al.  Distributed Denial of Service: Trin00, Tribe Flood Network, Tribe Flood Network 2000, and Stacheldraht CIAC-2319 , 2000 .

[3]  Riccardo Bettati,et al.  A Gateway-based Defense System for Distributed DoS Attacks in High-Speed Networks , 2001 .

[4]  Vern Paxson,et al.  An analysis of using reflectors for distributed denial-of-service attacks , 2001, CCRV.

[5]  Craig Partridge,et al.  Single-packet IP traceback , 2002, TNET.

[6]  Ratul Mahajan,et al.  Controlling high bandwidth aggregates in the network , 2002, CCRV.

[7]  Kihong Park Scalable DDoS Protection Using Route-Based Filtering , 2003 .

[8]  Ruby B. Lee,et al.  Taxonomies of Distributed Denial of Service Networks, Attacks, Tools, and Countermeasures , 2003 .

[9]  Nirwan Ansari,et al.  On IP traceback , 2003, IEEE Commun. Mag..

[10]  Kihong Park Scalable DDoS protection using route-based filtering - DISCEX III demonstration , 2003, Proceedings DARPA Information Survivability Conference and Exposition.

[11]  Kotagiri Ramamohanarao,et al.  Protection from distributed denial of service attacks using history-based IP filtering , 2003, IEEE International Conference on Communications, 2003. ICC '03..

[12]  Dawn Xiaodong Song,et al.  SIFF: a stateless Internet flow filter to mitigate DDoS flooding attacks , 2004, IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004.

[13]  Jarmo Mölsä,et al.  Effectiveness of rate-limiting in mitigating flooding DOS attacks , 2004, Communications, Internet, and Information Technology.

[14]  Fang-Yie Leu,et al.  IFTS: intrusion forecast and traceback based on union defense environment , 2005, 11th International Conference on Parallel and Distributed Systems (ICPADS'05).

[15]  G. Manimaran,et al.  Space-time encoding scheme for DDoS attack traceback , 2005, GLOBECOM '05. IEEE Global Telecommunications Conference, 2005..

[16]  Bernhard Plattner,et al.  Adaptive distributed traffic control service for DDoS attack mitigation , 2005, 19th IEEE International Parallel and Distributed Processing Symposium.

[17]  Wanlei Zhou,et al.  A Defense System against DDoS Attacks by Large-Scale IP Traceback , 2005, Third International Conference on Information Technology and Applications (ICITA'05).

[18]  Micah Adler,et al.  Efficient probabilistic packet marking , 2005, 13TH IEEE International Conference on Network Protocols (ICNP'05).

[19]  W. Timothy Strayer,et al.  Architecture for multi-stage network attack traceback , 2005, The IEEE Conference on Local Computer Networks 30th Anniversary (LCN'05)l.

[20]  Kai Hwang,et al.  Filtering of shrew DDoS attacks in frequency domain , 2005, The IEEE Conference on Local Computer Networks 30th Anniversary (LCN'05)l.

[21]  David K. Y. Yau,et al.  You can run, but you can't hide: an effective statistical methodology to trace back DDoS attackers , 2005, IEEE Transactions on Parallel and Distributed Systems.

[22]  Xiaowei Yang,et al.  A DoS-limiting network architecture , 2005, SIGCOMM '05.

[23]  Ming Li,et al.  A real-time traceback scheme for DDoS attacks , 2005, Proceedings. 2005 International Conference on Wireless Communications, Networking and Mobile Computing, 2005..

[24]  Jianping Pan,et al.  Vulnerability analysis of IP traceback schemes , 2005, GLOBECOM '05. IEEE Global Telecommunications Conference, 2005..

[25]  Zheng Xiao,et al.  O2-DN: An Overlay-based Distributed Rate Limit Framework to Defeat DDoS Attacks , 2006, International Conference on Networking, International Conference on Systems and International Conference on Mobile Communications and Learning Technologies (ICNICONSMCL'06).

[26]  G. Manimaran,et al.  Novel hybrid schemes employing packet marking and logging for IP traceback , 2006, IEEE Transactions on Parallel and Distributed Systems.

[27]  Jingtao Li,et al.  A Distributed-Log-based IP Traceback Scheme to Defeat DDoS Attacks , 2006, 20th International Conference on Advanced Information Networking and Applications - Volume 1 (AINA'06).

[28]  Dawn Xiaodong Song,et al.  StackPi: New Packet Marking and Filtering Mechanisms for DDoS and IP Spoofing Defense , 2006, IEEE Journal on Selected Areas in Communications.

[29]  Manish Parashar,et al.  Cooperative Defence Against DDoS Attacks , 2006, J. Res. Pract. Inf. Technol..

[30]  Michael Walfish,et al.  DDoS defense by offense , 2006, SIGCOMM 2006.