<p>Distributed Denial of Service (DDoS) attacks have plagued the Internet for decades. Despite the ever-increasing investments into mitigation solution developments, DDoS attacks are also growing with ever-increasing frequency and magnitude. To identify the root cause of the above-observed trend, in this paper, we perform a systematic analysis of volumetric DDoS detection and mitigation efforts over the last four decades. To that end, we introduce a novel approach for systematizing comparisons for DDoS research resulting in the comprehensive examination of the DDoS literature spanning more than 24,000 papers, articles, and RFCs over 30+ years. Our analysis illustrates common design patterns across seemingly disparate solutions, and reveals insights into which aspects of DDoS solutions correlate with deployment traction and success. Furthermore, we discuss economic incentives and the lack of harmony between synergistic but independent approaches for detection and mitigation. As expected, defenses with a clear cost/benefit rationale are more prevalent than ones that require extensive infrastructure changes. Finally, we discuss the lessons learned which we hope can shed light on future directions that can potentially allow us to turn the tide on the war against DDoS.</p>
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.