A Survey of Distributed Denial of Service Attacks and Defenses

A distributed denial-of-service (DDoS) attack is an attack wherein multiple compromised computer systems flood the bandwidth and/or resources of a target, such as a server, website or other network resource, and cause a denial of service for users of the targeted resource. The flood of incoming messages, connection requests or malformed packets to the target system forces it to slow down or even crash and shut down, thereby denying service to legitimate users or systems. This paper presents a literature review of DDoS attacks and the common defense mechanisms available. It also presents a literature review of the defenses for low-rate DDoS attacks that have not been handled effectively hitherto.

[1]  Marin Litoiu,et al.  Towards Mitigation of Low and Slow Application DDoS Attacks , 2014, 2014 IEEE International Conference on Cloud Engineering.

[2]  Wanlei Zhou,et al.  Low-Rate DDoS Attacks Detection and Traceback by Using New Information Metrics , 2011, IEEE Transactions on Information Forensics and Security.

[3]  Jugal K. Kalita,et al.  E-LDAT: a lightweight system for DDoS flooding attack detection and IP traceback using extended entropy metric , 2016, Secur. Commun. Networks.

[4]  Jugal K. Kalita,et al.  A novel measure for low-rate and high-rate DDoS attack detection using multivariate data analysis , 2016, 2016 8th International Conference on Communication Systems and Networks (COMSNETS).

[5]  Jugal K. Kalita,et al.  A novel measure for low-rate and high-rate DDoS attack detection using multivariate data analysis , 2016, COMSNETS.

[6]  Heejo Lee,et al.  On the effectiveness of route-based packet filtering for distributed DoS attack prevention in power-law internets , 2001, SIGCOMM 2001.

[7]  Zhiyang Li,et al.  Detecting DDoS attacks against data center with correlation analysis , 2015, Comput. Commun..

[8]  Zhijun Wu,et al.  Low-Rate DoS Attacks Detection Based on Network Multifractal , 2016, IEEE Transactions on Dependable and Secure Computing.

[9]  Nathalie Weiler,et al.  Honeypots for distributed denial-of-service attacks , 2002, Proceedings. Eleventh IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises.

[10]  Lu Zhou,et al.  Low-Rate DDoS Attack Detection Using Expectation of Packet Size , 2017, Secur. Commun. Networks.

[11]  Nabajyoti Medhi,et al.  FlowTrApp: An SDN based architecture for DDoS attack detection and mitigation in data centers , 2016, 2016 3rd International Conference on Signal Processing and Integrated Networks (SPIN).

[12]  Peter Reiher,et al.  A taxonomy of DDoS attack and DDoS defense mechanisms , 2004, CCRV.

[13]  Mario Gerla,et al.  Defense against low-rate TCP-targeted denial-of-service attacks , 2004, Proceedings. ISCC 2004. Ninth International Symposium on Computers And Communications (IEEE Cat. No.04TH8769).

[14]  Andrew B. Whinston,et al.  Defeating distributed denial of service attacks , 2000 .

[15]  Aiko Pras,et al.  Measuring the Adoption of DDoS Protection Services , 2016, Internet Measurement Conference.

[16]  Krishan Kumar,et al.  A traffic cluster entropy based approach to distinguish DDoS attacks from flash event using DETER testbed , 2014 .

[17]  Heejo Lee,et al.  On the effectiveness of route-based packet filtering for distributed DoS attack prevention in power-law internets , 2001, SIGCOMM '01.

[18]  B. B. Gupta,et al.  Taxonomy of DoS and DDoS attacks and desirable defense mechanism in a Cloud computing environment , 2017, Neural Computing and Applications.

[19]  Jun Li,et al.  SAVE: source address validity enforcement protocol , 2002, Proceedings.Twenty-First Annual Joint Conference of the IEEE Computer and Communications Societies.

[20]  Kotagiri Ramamohanarao,et al.  Protection from distributed denial of service attacks using history-based IP filtering , 2003, IEEE International Conference on Communications, 2003. ICC '03..

[21]  Tomasz Andrysiak,et al.  DDoS Attacks Detection by Means of Greedy Algorithms , 2012, IP&C.

[22]  Kai Hwang,et al.  Collaborative detection and filtering of shrew DDoS attacks using spectral analysis , 2006, J. Parallel Distributed Comput..

[23]  H. Jonathan Chao,et al.  PacketScore: a statistics-based packet filtering scheme against distributed denial-of-service attacks , 2006, IEEE Transactions on Dependable and Secure Computing.

[24]  Kai Hwang,et al.  HAWK: Halting Anomalies with Weighted Choking to Rescue Well-Behaved TCP Sessions from Shrew DDoS Attacks , 2005, ICCNMC.

[25]  Saman Taghavi Zargar,et al.  A Survey of Defense Mechanisms Against Distributed Denial of Service (DDoS) Flooding Attacks , 2013, IEEE Communications Surveys & Tutorials.

[26]  Arnaud Jacquet,et al.  Policing congestion response in an internetwork using re-feedback , 2005, SIGCOMM '05.

[27]  Ion Stoica,et al.  Towards a More Functional and Secure Network Infrastructure , 2003 .

[28]  Dawn Xiaodong Song,et al.  StackPi: New Packet Marking and Filtering Mechanisms for DDoS and IP Spoofing Defense , 2006, IEEE Journal on Selected Areas in Communications.

[29]  Ruby B. Lee,et al.  Distributed Denial of Service: Taxonomies of Attacks, Tools, and Countermeasures , 2004, PDCS.

[30]  Xin Liu,et al.  NetFence: preventing internet denial of service from inside out , 2010, SIGCOMM '10.