Exploring DDoS Defense Mechanisms
نویسندگان
چکیده
Nowadays, Distributed Denial-of-Service (DDoS) attacks are a major threat for all sizes of networks. The number of attacks against companies and institutions steadily increased over the last years. Downtime of an enterprise network usually causes financial damage. Therefore, it is important to have mechanism for DDoS defense. In this paper, various DDoS defense mechanisms are reviewed and compared with focus on rule and model based approaches. Large Botnets allow for new kinds of attacks like flash crowd simulation which mimic a huge mass of organic traffic. These kind of attacks are difficult to detect and new defense techniques are required. In order to discover new mitigation algorithms, it is necessary to understand at which layers attacks can happen. Therefore, we take a look on how attacks are classified in current research literature. In addition to the attack classification, rule and model based DDoS defense mechanisms are reviewed. For both model and rule based techniques scenarios exist where one algorithm outperforms the other one. Having this in mind, we list the advantages and drawbacks of both techniques based on insights of research literature. Emerging architectures like SDN may change the way DDoS defense is handled. Researchers are already working on algorithms that are suitable in SDN environments. The goal of this paper is to summarize current defense mechanisms and give a brief outlook on how DDoS defense could look like in the future.
منابع مشابه
A Study on Various Defense Mechanisms Against DDoS Attacks
Distributed Denial of service (DDOS) attack is one of the biggest security threat to the Internet. This research paper attempts to study the DDOS attacks and its main types. The study will provide good knowledge to try for the defense measures for these attacks. The network is always vulnerable to this type of attack even after providing the security measures. This study will also focus on the ...
متن کاملReview on Ddos Attacks and Various Detection Mechanisms
DDoS attack is a coordinated attack on massive scale and it is a major threat in current computer networks. It is not easy to detect the attack , The seriousness of the DDoS problem and the increased frequency of DDoS attacks have led to the advent of numerous DDoS defense mechanisms. Detection mechanism is the first step to avoid the DDoS attack. Some of these mechanisms address a specific kin...
متن کاملA Comprehensive Taxonomy of DDoS Attacks and Defense Mechanism Applying in a Smart Classification
-A Distributed denial of service (DDoS) attack uses multiple machines operating in concern to attack a network or site. It is the most important security problem for IT managers. These attacks are very simple organized for intruders and hence so disruptive. The detection and defense of this attack has specific importance among network specialists. In this paper a new and smart taxonomy of DDoS ...
متن کاملA Study of DDOS Attacks, Tools and DDOS Defense Mechanisms
This paper proposes a study of distributed denial-of service attacks and a study of the defense mechanism that strive to counter these attacks. The attack illustrate do using both known and potential attack mechanisms along with this classification we discuss important feature .So each attack category that in turn define the challenge involved in combating these threats. Distributed Denial of S...
متن کامل