Denial of Service (DoS) is a prevalent threat in today's networks because DoS attacks are easy to launch, while defending a network resource against them is disproportionately difficult. Despite the extensive research in recent years, DoS attacks continue to harm, as the attackers adapt to the newer protection mechanisms. For this reason, we start our survey with a historical timeline of DoS incidents, where we illustrate the variety of types, targets and motives for such attacks and how they evolved during the last two decades. We then provide an extensive literature review on the existing research on denial of service protection with an emphasis on the research of the last years and the most demanding aspects of defence. These include traceback, detection, classification of incoming traffic, response in the presence of an attack, and mathematical modelling of attack and defence mechanisms. Our discussion aims to identify the trends in DoS attacks, the weaknesses of protection approaches and the qualities that modern ones should exhibit, so as to suggest new directions that DoS research can follow.
Abstract-Denial of Service (DoS) is a prevalent threat in today's networks. While such an attack is not difficult to launch, defending a network resource against it is disproportionately difficult, and despite the extensive research in recent years, DoS attacks continue to harm. The first goal of any protection scheme against DoS is the detection of its existence, ideally long before the destructive traffic build-up. In this paper we propose a generic approach which uses multiple Bayesian classifiers, and we present and compare four different implementations of it, combining likelihood estimation and the Random Neural Network (RNN). The RNNs are biologically inspired structures which represent the true functioning of a biophysical neural network, where the signals travel as spikes rather than analog signals. We use such an RNN structure to fuse real-time networking statistical data and distinguish between normal and attack traffic during a DoS attack. We present experimental results obtained for different traffic data in a large networking testbed.
Citation for this version held on GALA:Oke, Gulay and Loukas, George (2007)
AbstractIn spite of extensive research in defence against Denial of Service (DoS), such attacks remain a predominant threat in today's networks. Due to the simplicity of the concept and the availability of the relevant attack tools, launching a DoS attack is relatively easy, while defending a network resource against it is disproportionately difficult. The first step of any comprehensive protection scheme against DoS is the detection of its existence, ideally long before the destructive traffic build-up. In this paper we propose a generic approach for DoS detection which uses multiple Bayesian classifiers and random neural networks (RNN). Our method is based on measuring various instantaneous and statistical variables describing the incoming network traffic, acquiring a likelihood estimation and fusing the information gathered from the individual input features using likelihood averaging and different architectures of RNNs. We present and compare seven different implementations of it and evaluate our experimental results obtained in a large networking testbed.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.