Random flow network modeling and simulations for DDoS attack mitigation
نویسندگان
چکیده
Recent events show that distributed denial-of-service (DDoS) attack imposes great threat to availability of Internet services. In this paper, we study and evaluate DDoS attacks in a random flow network model, a novel and general approach to DDoS attack prevention and tolerance. The model can be used to evaluate the effectiveness of a DDoS countermeasure framework. Following the random flow network model and state-ofart Internet topology and traffic models, our simulation reveals the general relationship among several metrics derived from the model. Based on the simulation results, we suggest to build a more complete and effective DDoS countermeasure framework using complementary solutions to achieve DDoS attack detection, prevention, and tolerance at same time.
منابع مشابه
Neural Network Based Protection of Software Defined Network Controller against Distributed Denial of Service Attacks
Software Defined Network (SDN) is a new architecture for network management and its main concept is centralizing network management in the network control level that has an overview of the network and determines the forwarding rules for switches and routers (the data level). Although this centralized control is the main advantage of SDN, it is also a single point of failure. If this main contro...
متن کاملRESCUE: Reputation based Service for Cloud User Environment
Exceptional characteristics of Cloud computing has replaced all traditional computing. With reduced resource management and without in-advance investment, it has been victorious in making the IT world to migrate towards it. Microsoft announced its office package as Cloud, which can prevent people moving from Windows to Linux. As this drift is escalating in an exponential rate, the cloud environ...
متن کاملReval: A Tool for Real-time Evaluation of DDoS Mitigation Strategies
There is a growing number of DDoS attacks on the Internet, resulting in significant impact on users. Network operators today have little access to scientific means to effectively deal with these attacks in real time. The need of the hour is a tool to accurately assess the impact of attacks and more importantly identify feasible mitigation responses enabling real-time decisionmaking. We designed...
متن کاملMulti-domain DDoS Mitigation Based on Blockchains
The exponential increase of the traffic volume makes Distributed Denial-of-Service (DDoS) attacks a top security threat to service providers. Existing DDoS defense mechanisms lack resources and flexibility to cope with attacks by themselves, and by utilizing other’s companies resources, the burden of the mitigation can be shared. Technologies as blockchain and smart contracts allow distributing...
متن کاملF-STONE: A Fast Real-Time DDOS Attack Detection Method Using an Improved Historical Memory Management
Distributed Denial of Service (DDoS) is a common attack in recent years that can deplete the bandwidth of victim nodes by flooding packets. Based on the type and quantity of traffic used for the attack and the exploited vulnerability of the target, DDoS attacks are grouped into three categories as Volumetric attacks, Protocol attacks and Application attacks. The volumetric attack, which the pro...
متن کامل