Denial of service attacks – an updated perspective

ABSTRACT Network security is a specialized field consisting of the provisions and policies to prevent and monitor unauthorized access, misuse, modification or denial of a computer network and network-accessible resources as well as ensuring their availability through proper procedures. Many security mechanisms tools are being developed and deployed to defend against network attacks and to make the network computing resources available to the legitimate users. In spite of all these efforts, the organizations around the world continue to suffer security attacks specially called denial of service (DoS) attacks. DoS attacks constitute one of the major threats and among the hard security problems in today's Internet. These attacks can easily consume computing and communication resources of the victim or disrupt clog availability of resources to the intended users within a short period of time. The problem is a serious concern in today's network security field. Several defence mechanisms have been proposed to tackle the problem of DoS attacks. This paper highlights a structural way to understand DoS attacks with respect to different layers of the Open System Interconnection (OSI) reference model proposed by International Organization of Standardization. Moreover, various attack vectors, attack tools, and trends in detection and mitigation mechanisms are delineated. The goal of the paper is to communicate an updated perspective of DoS attacks and their detection and mitigation mechanisms for a better understanding of these attacks; consequently more efficient and effective mechanisms to combat these attacks may be developed.

[1]  David Schneider,et al.  The state of network security , 2012, Netw. Secur..

[2]  Gulshan Kumar,et al.  Network security – an updated perspective , 2014 .

[3]  Peter Reiher,et al.  A taxonomy of DDoS attack and DDoS defense mechanisms , 2004, CCRV.

[4]  Gulshan Kumar,et al.  Survey on Data Mining Techniques in Intrusion Detection , 2012 .

[5]  Muttukrishnan Rajarajan,et al.  A survey of intrusion detection techniques in Cloud , 2013, J. Netw. Comput. Appl..

[6]  Gulshan Kumar,et al.  The use of artificial intelligence based techniques for intrusion detection: a review , 2010, Artificial Intelligence Review.

[7]  Muhammad Morshed Alam,et al.  A Practical Approach and Mitigation Techniques on Application Layer DDoS Attack in Web Server , 2015 .

[8]  Mihaela Cardei,et al.  A Survey of Attacks and Countermeasures in Mobile Ad Hoc Networks , 2007 .

[9]  Cristina Nita-Rotaru,et al.  A survey of attack and defense techniques for reputation systems , 2009, CSUR.

[10]  George Kesidis,et al.  Denial-of-service attack-detection techniques , 2006, IEEE Internet Computing.

[11]  A. Saafan,et al.  Distributed Denial of Service Attacks: Explain nation, classification and suggested Solutions , 2009 .

[12]  M. Abliz Internet Denial of Service Attacks and Defense Mechanisms , 2011 .

[13]  PengTao,et al.  Survey of network-based defense mechanisms countering the DoS and DDoS problems , 2007 .

[14]  L. Schwartz,et al.  Sophisticated Denial of Service attacks aimed at application layer , 2012, 2012 ELEKTRO.

[15]  Michalis Faloutsos,et al.  Denial of service attacks at the MAC layer in wireless ad hoc networks , 2002, MILCOM 2002. Proceedings.

[16]  Aikaterini Mitrokotsa,et al.  DDoS attacks and defense mechanisms: classification and state-of-the-art , 2004, Comput. Networks.