Countermeasures against Distributed Denial of Service A Literature Review
نویسندگان
چکیده
A distributed denial-of-service (DDoS) attack is carried out by simultaneously by compromised systems against targets causing system and service unavailability. Regardless of industry and size, companies worldwide are increasingly becoming target of DDOS attacks. The sophistication and intensity of these attacks are exponentially rising due to increase in number of compromised systems, unpatched vulnerabilities and increased business impact. The paper reviews more than 200 research articles in the area of DDOS, of which 142 present countermeasures and mitigation against DDOS. The paper develops an ontological framework to classify the proposed mitigation methods under three layers of defense-in-depth prevent, detect and respond. Research done each of these 3 pillars are further conceptualized based on underlying design and security principles. The paper also proposes alternate classification schemes based on placements of target components, while presenting qualitative analyses on research activities on DDOS
منابع مشابه
Neural Network Based Protection of Software Defined Network Controller against Distributed Denial of Service Attacks
Software Defined Network (SDN) is a new architecture for network management and its main concept is centralizing network management in the network control level that has an overview of the network and determines the forwarding rules for switches and routers (the data level). Although this centralized control is the main advantage of SDN, it is also a single point of failure. If this main contro...
متن کاملHF-Blocker: Detection of Distributed Denial of Service Attacks Based On Botnets
Abstract—Today, botnets have become a serious threat to enterprise networks. By creation of network of bots, they launch several attacks, distributed denial of service attacks (DDoS) on networks is a sample of such attacks. Such attacks with the occupation of system resources, have proven to be an effective method of denying network services. Botnets that launch HTTP packet flood attacks agains...
متن کاملDistributed Denial of Service:
Distributed Denial of Service (DDoS) attacks have become a large problem for users of computer systems connected to the Internet. DDoS attackers hijack secondary victim systems using them to wage a coordinated large-scale attack against primary victim systems. As new countermeasures are developed to prevent or mitigate DDoS attacks, attackers are constantly developing new methods to circumvent ...
متن کاملA Review of Intrusion Detection Defense Solutions Based on Software Defined Network
Most networks without fixed infrastructure are based on cloud computing face various challenges. In recent years, different methods have been used to distribute software defined network to address these challenges. This technology, while having many capabilities, faces some vulnerabilities in the face of some common threats and destructive factors such as distributed Denial of Service. A review...
متن کاملDenial of service in public key protocols
Network denial of service attacks have become a widespread problem on the Internet. However, denial of service is often considered to be an implementation issue by protocol designers. In this paper I present a survey of the literature on designing denial of service resistant communication protocols. I consider several different types of resources vulnerable to resource consumption attacks, and ...
متن کامل