scholarly journals Defense mechanisms against Distributed Denial of Service attacks: Comparative Review

2021 ◽  
Vol 4 (1) ◽  
pp. 81-94
Author(s):  
Fahad Alatawi
Keyword(s):  
Defense Mechanisms ◽  
Large Scale ◽  
Defense Mechanism ◽  
Denial Of Service ◽  
Detection Accuracy ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Response Mechanism ◽  
Packet Filtering ◽  
Comparative Review

Distributed Denial of Service (DDoS) remains a big concern in Cybersecurity. DDoS attacks are implemented to prevent legitimate users from getting access to services. The attackers make use of multiple hosts that have been compromised (i.e., Botnets) to organize a large-scale attack on targets. Developing an effective defensive mechanism against existing and potential DDoS attacks remains a strong desire in the cybersecurity research community. However, development of effective mechanisms or solutions require adequate evaluation of existing defense mechanism and a critical analysis of how these methods have been implemented in preventing, detecting, and responding to DDoS attacks. This paper adopted a systematic review method to critically analyze the existing mechanisms. The review of existing literature helped classify the defense mechanism into four categories: source-based, core-router, victim-based, and distributed systems. A qualitative analysis was used to exhaustively evaluate these defense mechanisms and determine their respective effectiveness. The effectiveness of the defense mechanisms was evaluated on six key parameters: coverage, implementation, deployment, detection accuracy, response mechanism, and robustness. The comparative analysis reviewed the shortcomings and benefits of each mechanism. The evaluation determined that victim-based defense mechanisms have a high detection accuracy but is associated with massive collateral as the detection happens when it is too late to protect the system. On the other hand, whereas stopping an attack from the source-end is ideal, detection accuracy at this point is too low as it is hard to differentiate legitimate and malicious traffic. The effectiveness of the core-based defense systems is not ideal because the routers do not have enough CPU cycles and memory to profile the traffic. Distributed defense mechanisms are effective as components can be spread out across the three locations in a way that takes advantage of each location. The paper also established that the rate-limiting response mechanism is more effective than packet filtering method because it does not restrict legitimate traffic. The analysis revealed that there is no single defense mechanism that offers complete protection against DDoS attacks but concludes that the best defense mechanism is the use of distributed defense because it ensures that defense components are placed on all locations.

scholarly journals Application Layer DDoS Attack Defense Methods and A new Defense Mechanism against Flooding

2020 ◽  
Vol 8 (6) ◽  
pp. 208-212
Keyword(s):  
Machine Learning ◽  
Defense Mechanisms ◽  
Defense Mechanism ◽  
Denial Of Service ◽  
Distributed Denial Of Service ◽  
Network Environment ◽  
Ddos Attacks ◽  
Application Layer ◽  
New Approach ◽  
Ddos Attack

In a network environment, Distributed Denial of Service (DDoS) attacks eemploys a network or server is unavailable to its normal users. Application-layer Distributed Denial of Service (App-DDoS) attacks are serious issues for the webserver itself. The multitude and variety of such attacks and defense approaches are overwhelming. This paper here follows, we analyze the different defense mechanisms for application-layer DDoS attacks and proposes a new approach to defend using machine learning.

Prediction, Detection, and Mitigation of DDoS Attacks Using HPCs

2021 ◽  
pp. 523-538
Author(s):  
Pablo Pessoa Do Nascimento ◽  
Isac F. A. F. Colares ◽  
Ronierison Maciel ◽  
Humberto Caetano Da Silva ◽  
Paulo Maciel
Keyword(s):  
Web Service ◽  
Denial Of Service ◽  
Intrusion Detection Systems ◽  
Detection Accuracy ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Intrusion Prevention ◽  
Detection Systems ◽  
Use Of Data ◽  
Adaptive Architecture

Web service interruptions caused by DDoS (distributed denial of service) attacks have increased considerably over the years, and intrusion detection systems (IDS) are not enough to detect threats on the network, even when used together with intrusion prevention systems (IPS), taking into account the increase of assets in the traffic path, where it creates unique points of failure in the system, and also taking into account the use of data that contains information about normal traffic situations and attacks, where this comparison and analysis can cost a significant amount of host resources, to try to guarantee the prediction, detection, and mitigation of attacks in real-time or in time between detection and mitigation, being crucial in harm reduction. This chapter presents an adaptive architecture that combines techniques, methods, and tools from different segments to improve detection accuracy as well as the prediction and mitigation of these threats and to show that it is capable of implementing a powerful architecture against this type of threat, DDoS attacks.

scholarly journals On Distributed Denial of Service Current Defense Schemes

Technologies ◽  
2019 ◽  
Vol 7 (1) ◽  
pp. 19 ◽  
Author(s):  
Seth Kotey ◽  
Eric Tchao ◽  
James Gadze
Keyword(s):  
Service Provider ◽  
Defense Mechanisms ◽  
Denial Of Service ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Major Threat ◽  
Highly Skilled

Distributed denial of service (DDoS) attacks are a major threat to any network-based service provider. The ability of an attacker to harness the power of a lot of compromised devices to launch an attack makes it even more complex to handle. This complexity can increase even more when several attackers coordinate to launch an attack on one victim. Moreover, attackers these days do not need to be highly skilled to perpetrate an attack. Tools for orchestrating an attack can easily be found online and require little to no knowledge about attack scripts to initiate an attack. Studies have been done severally to develop defense mechanisms to detect and defend against DDoS attacks. As defense schemes are designed and developed, attackers are also on the move to evade these defense mechanisms and so there is a need for a continual study in developing defense mechanisms. This paper discusses the current DDoS defense mechanisms, their strengths and weaknesses.

scholarly journals Adaptive Learning and Automatic Filtering of Distributed Denial of Service (DDoS) Attacks in Cloud Computing Environment

2019 ◽  
Vol 9 (1S3) ◽  
pp. 200-205
Keyword(s):  
Cloud Computing ◽  
Adaptive Learning ◽  
Denial Of Service ◽  
Cloud Services ◽  
Detection Accuracy ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Computing Environment ◽  
Cloud Computing Environment ◽  
Automatic Filtering

Distributed Denial of Service (DDoS) attacks has become the most powerful cyber weapon to target the businesses that operate on the cloud computing environment. The sophisticated DDoS attack affects the functionalities of the cloud services and affects its core capabilities of cloud such as availability and reliability. The current intrusion detection system (IDS) must cope with the dynamicity and intensity of immense traffic at the cloud hosted applications and the security attack must be inspected based on the attack flow characteristics. Hence, the proposed Adaptive Learning and Automatic Filtering of Distributed Denial of Service (DDoS) Attacks in Cloud Computing Environment is designed to adapt with varying kind of protocol attacks using misuse detection. The system is equipped with custom and threshold techniques that satisfies security requirements and can identify the different DDoS security attacks. The proposed system provides promising results in detecting the DDoS attacks in cloud environment with high detection accuracy and good alert reduction. Threshold method provides 98% detection accuracy with 99.91%, 99.92% and 99.94% alert reduction for ICMP, UDP and TCP SYN flood attack. The defense system filters the attack sources at the target virtual instance and protects the cloud applications from DDoS attacks.

Taxonomy of Distributed Denial of Service (DDoS) Attacks and Defense Mechanisms in Present Era of Smartphone Devices

2018 ◽  
Vol 10 (2) ◽  
pp. 58-74 ◽  
Author(s):  
Kavita Sharma ◽  
B. B. Gupta
Keyword(s):  
Defense Mechanisms ◽  
Computer Network ◽  
Denial Of Service ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Dos Attacks ◽  
Network Resources ◽  
Common People ◽  
Ddos Attack ◽  
Legitimate User

This article describes how in the summer of 1999, the Computer Incident Advisory Capability first reported about Distributed Denial of Service (DDoS) attack incidents and the nature of Denial of Service (DoS) attacks in a distributed environment that eliminates the availability of resources or data on a computer network. DDoS attack exhausts the network resources and disturbs the legitimate user. This article provides an explanation on DDoS attacks and nature of these attacks against Smartphones and Wi-Fi Technology and presents a taxonomy of various defense mechanisms. The smartphone is chosen for this study, as they have now become a necessity rather than a luxury item for the common people.

Against Spoofing Attacks in Network Layer

2016 ◽  
pp. 41-56
Author(s):  
Kavisankar L. ◽  
Chellappan C. ◽  
Poovammal E.
Keyword(s):  
Network Security ◽  
Defense Mechanism ◽  
Open Systems ◽  
Denial Of Service ◽  
Internet Protocol ◽  
Network Protocol ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Network Layer ◽  
Open Systems Interconnection

In the context of network security, a spoofing attack is a condition in which one person or a program successfully masquerades as another. This is done by providing counterfeit data with the malicious intention of gaining an illegitimate advantage. Spoofing attack which may be generated in various layer of Open Systems Interconnection model (OSI model) is discussed in this chapter. The chapter ends with discussing about the possible spoofing attacks in network layer and the relevant defense mechanism of the same. The detailed analysis and discussion is made on the spoofing attack over the Network layer because, Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) attacks more devastating while using network protocol like Internet Protocol (IP) which have become more of a threat than ever for the past few years.

DDoS Attacks and Their Types

2016 ◽  
pp. 197-205 ◽  
Author(s):  
Dileep Kumar
Keyword(s):  
Large Scale ◽  
Denial Of Service ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Network Resource ◽  
Financial Trading ◽  
Ddos Attack ◽  
Site Access ◽  
Gain Access

Billions of people rely on internet to discover and share ideas with the world. However, the websites are vulnerable to deliver the attacks, preventing people to access them. The recent study of global surveys showed that DDoS Attacks evolved in strategy and tactics. A Distributed Denial of Service (DDoS) attack is a new emerging bigger threat that target organization's business critical services such as e-commerce transactions, financial trading, email or web site access. A DDoS attack is a large-scale, coordinated attack on the availability of services of a victim system or network resource, launched indirectly through many compromised computers on the Internet. To create attacks, attackers first discover vulnerable sites or hosts on the network. Then vulnerable hosts are exploited by attackers who use their vulnerability to gain access to these hosts. This chapter deals with the introduction, architecture and classification of DDoS Attacks.

scholarly journals A Proposed DoS Detection Scheme for Mitigating DoS Attack Using Data Mining Techniques

Computers ◽  
2019 ◽  
Vol 8 (4) ◽  
pp. 85 ◽  
Author(s):  
Djanie ◽  
Tutu ◽  
Dzisi
Keyword(s):  
Defense Mechanisms ◽  
Defense Mechanism ◽  
Computer Network ◽  
Denial Of Service ◽  
Svm Classifier ◽  
Detection Accuracy ◽  
Dos Attack ◽  
Detection Mechanism ◽  
Detection Scheme ◽  
Using Data

A denial of service (DoS) attack in a computer network is an attack on the availability of computer resources to prevent users from having access to those resources over the network. Denial of service attacks can be costly, capable of reaching $100,000 per hour. Development of easily-accessible, simple DoS tools has increased the frequency and reduced the level of expertise needed to launch an attack. Though these attack tools have been available for years, there has been no proposed defense mechanism targeted specifically at them. Most defense mechanisms in literature are designed to defend attacks captured in datasets like the KDD Cup 99 dataset from 20 years ago and from tools no longer in use in modern attacks. In this paper, we capture and analyze traffic generated by some of these DoS attack tools using Wireshark Network Analyzer and propose a signature-based DoS detection mechanism based on SVM classifier to defend against attacks launched by these attack tools. Our proposed detection mechanism was tested with Snort IDS and compared with some already existing defense mechanisms in literature and had a high detection accuracy, low positive rate and fast detection time.

Sign in / Sign up

Export Citation Format

Share Document