A survey of distributed denial-of-service attack, prevention, and mitigation techniques
暂无分享,去创建一个
Yang Xiao | Guang Sun | Wangdong Jiang | Tasnuva Mahjabin | Tasnuva Mahjabin | Yang Xiao | Guang Sun | Wangdong Jiang
[1] Gitae Kim,et al. NOMAD: traffic-based network monitoring framework for anomaly detection , 1999, Proceedings IEEE International Symposium on Computers and Communications (Cat. No.PR00250).
[2] Yang Xiao,et al. Detection of Fraudulent Usage in Wireless Networks , 2007, IEEE Transactions on Vehicular Technology.
[3] Heejo Lee,et al. On the effectiveness of route-based packet filtering for distributed DoS attack prevention in power-law internets , 2001, SIGCOMM '01.
[4] Vrizlynn L. L. Thing,et al. ICMP Traceback with Cumulative Path, an Efficient Solution for IP Traceback , 2003, ICICS.
[5] Jin Wang,et al. Privacy-Preserving Smart Similarity Search Based on Simhash over Encrypted Data in Cloud Computing , 2015 .
[6] Minyi Guo,et al. A Feasible IP Traceback Framework through Dynamic Deterministic Packet Marking , 2016, IEEE Transactions on Computers.
[7] Jing Liu,et al. Internet of things' authentication and access control , 2012, Int. J. Secur. Networks.
[8] Yang Xiao,et al. Intrusion detection techniques in mobile ad hoc and wireless sensor networks , 2007, IEEE Wireless Communications.
[9] Kotagiri Ramamohanarao,et al. Protection from distributed denial of service attacks using history-based IP filtering , 2003, IEEE International Conference on Communications, 2003. ICC '03..
[10] Xin Liu,et al. To filter or to authorize: network-layer DoS defense against multimillion-node botnets , 2008, SIGCOMM '08.
[11] Dawn Xiaodong Song,et al. StackPi: New Packet Marking and Filtering Mechanisms for DDoS and IP Spoofing Defense , 2006, IEEE Journal on Selected Areas in Communications.
[12] Shun-Zheng Yu,et al. A large-scale hidden semi-Markov model for anomaly detection on user browsing behaviors , 2009 .
[13] Ruby B. Lee,et al. Distributed Denial of Service: Taxonomies of Attacks, Tools, and Countermeasures , 2004, PDCS.
[14] Nirwan Ansari,et al. IP traceback with deterministic packet marking , 2003, IEEE Communications Letters.
[15] Gaurav Somani,et al. Index Page Based EDoS Attacks in Infrastructure Cloud , 2014, SNDS.
[16] David K. Y. Yau,et al. You can run, but you can't hide: an effective statistical methodology to trace back DDoS attackers , 2005, IEEE Transactions on Parallel and Distributed Systems.
[17] Vern Paxson,et al. Bro: a system for detecting network intruders in real-time , 1998, Comput. Networks.
[18] Kevin J. Houle,et al. Trends in Denial of Service Attack Technology , 2001 .
[19] Daniel Massey,et al. On design and evaluation of "intention-driven" ICMP traceback , 2001, Proceedings Tenth International Conference on Computer Communications and Networks (Cat. No.01EX495).
[20] Christopher Leckie,et al. An efficient filter for denial-of-service bandwidth attacks , 2003, GLOBECOM '03. IEEE Global Telecommunications Conference (IEEE Cat. No.03CH37489).
[21] Ross J. Anderson,et al. The XenoService { A Distributed Defeat for Distributed Denial of Service , 2000 .
[22] Shun-Zheng Yu,et al. A Large-Scale Hidden Semi-Markov Model for Anomaly Detection on User Browsing Behaviors , 2009, IEEE/ACM Transactions on Networking.
[23] Yang Xiao,et al. Self-Propagate Mal-Packets in Wireless Sensor Networks: Dynamics and Defense Implications , 2008, IEEE GLOBECOM 2008 - 2008 IEEE Global Telecommunications Conference.
[24] Hidema Tanaka,et al. Analysis of Slow Read DoS attack , 2014, 2014 International Symposium on Information Theory and its Applications.
[25] Yang Xiao,et al. A survey of intrusion detection systems in smart grid , 2017, Int. J. Sens. Networks.
[26] Dawn Xiaodong Song,et al. SIFF: a stateless Internet flow filter to mitigate DDoS flooding attacks , 2004, IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004.
[27] Jian Shen,et al. A secure cloud-assisted urban data sharing framework for ubiquitous-cities , 2017, Pervasive Mob. Comput..
[28] Jose Nazario,et al. DDoS: DDoS attack evolution , 2008 .
[29] Zhifeng Xiao,et al. Security and Privacy in Cloud Computing , 2013, IEEE Communications Surveys & Tutorials.
[30] Michal Szymaniak,et al. Replication for web hosting systems , 2004, CSUR.
[31] Nada Golmie,et al. NIST Framework and Roadmap for Smart Grid Interoperability Standards, Release 1.0 , 2010 .
[32] Robert Beverly,et al. Understanding the efficacy of deployed internet source address validation filtering , 2009, IMC '09.
[33] Fei Li,et al. A moving target DDoS defense mechanism , 2014, Comput. Commun..
[34] Ratul Mahajan,et al. Controlling high bandwidth aggregates in the network , 2002, CCRV.
[35] Peter Reiher,et al. A taxonomy of DDoS attack and DDoS defense mechanisms , 2004, CCRV.
[36] Yao Zheng,et al. DDoS attack protection in the era of cloud computing and Software-Defined Networking , 2015, Comput. Networks.
[37] Saman Taghavi Zargar,et al. A Survey of Defense Mechanisms Against Distributed Denial of Service (DDoS) Flooding Attacks , 2013, IEEE Communications Surveys & Tutorials.
[38] Wonsuck Lee,et al. MAC aggregation protocols resilient to DoS attacks , 2012, Int. J. Secur. Networks.
[39] Martin Roesch,et al. Snort - Lightweight Intrusion Detection for Networks , 1999 .
[40] Yang Xiao,et al. Implementation of DoS attack and mitigation strategies in IEEE 802.11b/g WLAN , 2010, Defense + Commercial Sensing.
[41] H. Jonathan Chao,et al. PacketScore: a statistics-based packet filtering scheme against distributed denial-of-service attacks , 2006, IEEE Transactions on Dependable and Secure Computing.
[42] Mohsen Guizani,et al. Defending DoS Attacks on Broadcast Authentication in Wireless Sensor Networks , 2008, 2008 IEEE International Conference on Communications.
[43] Chuanyi Ji,et al. Optimal worm-scanning method using vulnerable-host distributions , 2007, Int. J. Secur. Networks.
[44] Aamir Shahzad,et al. Detecting flooding based DoS attack in cloud computing environment using covariance matrix approach , 2013, ICUIMC '13.
[45] Nicholas Weaver,et al. Potential Strategies for High Speed Active Worms : A Worst Case Analysis , 2002 .
[46] Rose F. Gamble,et al. DDoS Attacks in Service Clouds , 2015, 2015 48th Hawaii International Conference on System Sciences.
[47] Xin Liu,et al. NetFence: preventing internet denial of service from inside out , 2010, SIGCOMM '10.
[48] Fatih Alagöz,et al. A distributed filtering mechanism against DDoS attacks: ScoreForCore , 2016, Comput. Networks.
[49] Buquan Liu. High performance simulation technology in the Internet of Things , 2015, Int. J. Sens. Networks.
[50] Jugal K. Kalita,et al. E-LDAT: a lightweight system for DDoS flooding attack detection and IP traceback using extended entropy metric , 2016, Secur. Commun. Networks.
[51] John S. Heidemann,et al. Identification of Repeated Denial of Service Attacks , 2006, Proceedings IEEE INFOCOM 2006. 25TH IEEE International Conference on Computer Communications.
[52] Helen Gill,et al. Cyber-Physical Systems , 2019, 2019 IEEE International Conference on Mechatronics (ICM).
[53] A. Tamilarasi,et al. A backpressure technique for filtering spoofed traffic at upstream routers , 2010, Int. J. Secur. Networks.
[54] Chao Chen,et al. Characterising heterogeneity in vulnerable hosts on worm propagation , 2016, Int. J. Secur. Networks.
[55] M.T. Goodrich,et al. Probabilistic Packet Marking for Large-Scale IP Traceback , 2008, IEEE/ACM Transactions on Networking.
[56] Jerry R. Hobbs,et al. An algebraic approach to IP traceback , 2002, TSEC.
[57] Peng Zhang,et al. A transform domain-based anomaly detection approach to network-wide traffic , 2014, J. Netw. Comput. Appl..
[58] Seokung Yoon,et al. Security Issues on Smarthome in IoT Environment , 2015 .
[59] Yong Sheng,et al. Detecting 802.11 MAC Layer Spoofing Using Received Signal Strength , 2008, IEEE INFOCOM 2008 - The 27th Conference on Computer Communications.
[60] Klaus Wehrle,et al. Security Challenges in the IP-based Internet of Things , 2011, Wirel. Pers. Commun..
[61] Anna R. Karlin,et al. Practical network support for IP traceback , 2000, SIGCOMM.
[62] Mohamed Naili,et al. Election-based method for fault tolerance in a hierarchical sensor network EFTOHSN: a case study of an indoor localisation system , 2016 .
[63] Xin Yuan,et al. Controlling IP Spoofing through Interdomain Packet Filters , 2008, IEEE Transactions on Dependable and Secure Computing.
[64] Yao Zheng,et al. DDoS Attack Protection in the Era of Cloud Computing and Software-Defined Networking , 2014, 2014 IEEE 22nd International Conference on Network Protocols.
[65] Paul J Criscuolo,et al. Distributed Denial of Service: Trin00, Tribe Flood Network, Tribe Flood Network 2000, and Stacheldraht CIAC-2319 , 2000 .
[66] Wenke Lee,et al. Proactive detection of distributed denial of service attacks using MIB traffic variables-a feasibility study , 2001, 2001 IEEE/IFIP International Symposium on Integrated Network Management Proceedings. Integrated Network Management VII. Integrated Management Strategies for the New Millennium (Cat. No.01EX470).
[67] Paul Ferguson,et al. Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing , 1998, RFC.
[68] Richard L. Rosenbaum. Using the Domain Name System To Store Arbitrary String Attributes , 1993, RFC.
[69] M. Abliz. Internet Denial of Service Attacks and Defense Mechanisms , 2011 .
[70] H. T. Kung,et al. Use of spectral analysis in defense against DoS attacks , 2002, Global Telecommunications Conference, 2002. GLOBECOM '02. IEEE.
[71] Manjusha Pandey,et al. Distributed Denial of Service Attacks: A Review , 2014 .
[72] Minyi Guo,et al. Flexible Deterministic Packet Marking: An IP Traceback System to Find the Real Source of Attacks , 2009, IEEE Transactions on Parallel and Distributed Systems.
[73] Sylvie Perreau,et al. Detect DDoS flooding attacks in mobile ad hoc networks , 2010, Int. J. Secur. Networks.
[74] Jelena Mirkovic,et al. Attacking DDoS at the source , 2002, 10th IEEE International Conference on Network Protocols, 2002. Proceedings..
[75] Zhihua Xia,et al. A Privacy-Preserving and Copy-Deterrence Content-Based Image Retrieval Scheme in Cloud Computing , 2016, IEEE Transactions on Information Forensics and Security.
[76] Fred Baker,et al. Requirements for IP Version 4 Routers , 1995, RFC.
[77] David Moore,et al. Code-Red: a case study on the spread and victims of an internet worm , 2002, IMW '02.
[78] Jian Shen,et al. An Efficient Public Auditing Protocol With Novel Dynamic Structure for Cloud Data , 2017, IEEE Transactions on Information Forensics and Security.
[79] Kefu Xu,et al. You Can’t Hide: A Novel Methodology to Defend DDoS Attack Based on Botcloud , 2015 .
[80] Ashok Singh Sairam,et al. ICMP based IP traceback with negligible overhead for highly distributed reflector attack using bloom filters , 2014, Comput. Commun..
[81] Zhuo Lu,et al. Cyber security in the Smart Grid: Survey and challenges , 2013, Comput. Networks.
[82] Jarmo Mölsä,et al. Mitigating denial of service attacks: A tutorial , 2005, J. Comput. Secur..
[83] Geoffrey G. Xie,et al. Fault Tolerance Experiments in 4D Future Internet Architecture , 2010 .
[84] Lixin Tian,et al. Fault-tolerant topology evolution and analysis of sensing systems in IoT based on complex networks , 2015, Int. J. Sens. Networks.
[85] Insup Lee,et al. Cyber-physical systems: The next computing revolution , 2010, Design Automation Conference.
[86] Wonsuck Lee,et al. MAC aggregation resilient to DoS attacks , 2011, 2011 IEEE International Conference on Smart Grid Communications (SmartGridComm).
[87] Prajwal Gaikwad,et al. Passive IP Traceback: Disclosing the Locations of IP Spoofers from Path Backscatter , 2017 .
[88] John S. Heidemann,et al. A framework for classifying denial of service attacks , 2003, SIGCOMM '03.
[89] Steve Mansfield-Devine. DDoS: threats and mitigation , 2011, Netw. Secur..
[90] Ramesh Karri,et al. BRAIN: BehavioR Based Adaptive Intrusion Detection in Networks: Using Hardware Performance Counters to Detect DDoS Attacks , 2016, 2016 29th International Conference on VLSI Design and 2016 15th International Conference on Embedded Systems (VLSID).
[91] Zhangjie Fu,et al. Privacy-Preserving Smart Semantic Search Based on Conceptual Graphs Over Encrypted Outsourced Data , 2017, IEEE Transactions on Information Forensics and Security.
[92] Wanlei Zhou,et al. Low-Rate DDoS Attacks Detection and Traceback by Using New Information Metrics , 2011, IEEE Transactions on Information Forensics and Security.
[93] Yang Xiao,et al. Cyber Security and Privacy Issues in Smart Grids , 2012, IEEE Communications Surveys & Tutorials.
[94] Xingming Sun,et al. Toward Efficient Multi-Keyword Fuzzy Search Over Encrypted Outsourced Data With Accuracy Improvement , 2016, IEEE Transactions on Information Forensics and Security.
[95] Jun Li,et al. SAVE: source address validity enforcement protocol , 2002, Proceedings.Twenty-First Annual Joint Conference of the IEEE Computer and Communications Societies.
[96] Song Guo,et al. Can We Beat DDoS Attacks in Clouds? , 2014, IEEE Transactions on Parallel and Distributed Systems.
[97] Manoj Singh Gaur,et al. DDoS attacks in cloud computing: Issues, taxonomy, and future directions , 2015, Comput. Commun..
[98] Arnaud Jacquet,et al. Policing congestion response in an internetwork using re-feedback , 2005, SIGCOMM '05.
[99] Ion Stoica,et al. Towards a More Functional and Secure Network Infrastructure , 2003 .
[100] Xiaowei Yang,et al. A DoS-limiting network architecture , 2005, SIGCOMM '05.
[101] Yang Xiao,et al. Security tests and attack experimentations of ProtoGENI , 2015, Int. J. Secur. Networks.
[102] Thomer M. Gil,et al. MULTOPS: A Data-Structure for Bandwidth Attack Detection , 2001, USENIX Security Symposium.
[103] J. M. Pullen,et al. Countering denial-of-service attacks using congestion triggered packet sampling and filtering , 2001, Proceedings Tenth International Conference on Computer Communications and Networks (Cat. No.01EX495).
[104] Michael Menth,et al. Capacity overprovisioning for networks with resilience requirements , 2006, SIGCOMM.
[105] Aikaterini Mitrokotsa,et al. DDoS attacks and defense mechanisms: classification and state-of-the-art , 2004, Comput. Networks.
[106] Shivakant Mishra,et al. Limiting DoS attacks during multihop data delivery in wireless sensor networks , 2006, Int. J. Secur. Networks.
[107] Gürkan Gür,et al. Filtering-Based Defense Mechanisms Against DDoS Attacks: A Survey , 2017, IEEE Systems Journal.
[108] Kang G. Shin,et al. Hop-count filtering: an effective defense against spoofed DDoS traffic , 2003, CCS '03.
[109] Yang Xiao. Flow-net methodology for accountability in wireless networks , 2009, IEEE Network.
[110] Vern Paxson,et al. How to Own the Internet in Your Spare Time , 2002, USENIX Security Symposium.
[111] Manoj Singh Gaur,et al. DDoS attacks in cloud computing: Issues, taxonomy, and future directions , 2017, Comput. Commun..
[112] Angelos D. Keromytis,et al. SOS: secure overlay services , 2002, SIGCOMM '02.
[113] Fadi A. Aloul,et al. Smart Grid Security: Threats, Vulnerabilities and Solutions , 2012 .
[114] Kotagiri Ramamohanarao,et al. Survey of network-based defense mechanisms countering the DoS and DDoS problems , 2007, CSUR.
[115] Nathalie Weiler,et al. Honeypots for distributed denial-of-service attacks , 2002, Proceedings. Eleventh IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises.
[116] Michael Menth,et al. Capacity overprovisioning for networks with resilience requirements , 2006, SIGCOMM 2006.
[117] Yang Xiao,et al. Self-Propagate Mal-Packets in Wireless Sensor Networks: Dynamics and Defense Implications , 2008, GLOBECOM.
[118] Guang Jin,et al. Deterministic packet marking based on redundant decomposition for IP traceback , 2006, IEEE Communications Letters.
[119] Dawn Xiaodong Song,et al. Pi: a path identification mechanism to defend against DDoS attacks , 2003, 2003 Symposium on Security and Privacy, 2003..
[120] Yonghong Chen,et al. DDoS Detection Method Based on Chaos Analysis of Network Traffic Entropy , 2014, IEEE Communications Letters.
[121] Jose Nazario,et al. Politically Motivated Denial of Service Attacks , 2009 .
[122] Brij B. Gupta,et al. A Recent Survey on DDoS Attacks and Defense Mechanisms , 2011 .
[123] Andrew B. Whinston,et al. Defeating distributed denial of service attacks , 2000 .
[124] Anna R. Karlin,et al. Practical network support for IP traceback , 2000, SIGCOMM.
[125] Yang Xiao,et al. Botnet: Classification, Attacks, Detection, Tracing, and Preventive Measures , 2009, EURASIP J. Wirel. Commun. Netw..
[126] Xingming Sun,et al. Enabling Semantic Search Based on Conceptual Graphs over Encrypted Outsourced Data , 2019, IEEE Transactions on Services Computing.
[127] Benny Rochwerger,et al. Scalable Cloud Defenses for Detection, Analysis and Mitigation of DDoS Attacks , 2010, Future Internet Assembly.
[128] Lukas Krämer,et al. AmpPot: Monitoring and Defending Against Amplification DDoS Attacks , 2015, RAID.