A Survey of Defense Mechanisms Against Distributed Denial of Service (DDoS) Flooding Attacks

Abstract: Abstract-Distributed Denial of Service (DDoS) flooding attacks are one of the biggest concerns for security professionals. DDoS flooding attacks are typically explicit attempts to disrupt legitimate users' access to services. Attackers usually gain access to a large number of computers by exploiting their vulnerabilities to set up attack armies (i.e., Botnets). Once an attack army has been set up, an attacker can invoke a coordinated, large-scale attack against one or more targets. Developing a comprehensive d… Show more

“…Based on the impact they have on the target server, DDoS attacks can be broadly classified into two major types namely flood attack and crash attack [2][3]. Flood attack involves overwhelming the target server with several thousand requests thereby slowing down the service for legitimate users [4]. On the other hand, a crash attack exploits the vulnerabilities in the victim server causing it to hang, reboot or crash.…”

“…Typical temporary effects include flooding, slowdown of services, rapid consumption of resources, sudden spikes in processor usage etc. These attacks manifest themselves as temporary outages that cause non-availability of service for short periods of time [4]. On the other hand, permanent attacks are catastrophic and can result in server crashes, disruption of routing information, data corruption or in extreme cases render the server hardware unusable requiring complete hardware replacement.…”

“…Such attacks can result in long term outages and can severely damage the reputation of an enterprise resulting in a decline of user trust. Thus it has become imperative to protect vulnerable servers against such attacks [1][2][3][4].…”

“…Although absolute prevention of attacks is difficult, several techniques have been proposed to counter DDoS attacks. The two main techniques that deal with DDoS attacks involve mitigation of attacks and identification of the attack source [4]. Honeypots can be effectively used in both of these cases.…”

“…Unlike flooding attacks that cause short term outages and slowdown of services, crashing attacks manipulate vulnerabilities in production servers causing data corruption, theft of confidential information, server crashes and reboots causing long term outages [4]. Thus, preventing such attacks requires additional intelligence in honey VM's and daemons.…”

HoneyMesh: Preventing Distributed Denial of Service Attacks using Virtualized Honeypots

“…Based on the impact they have on the target server, DDoS attacks can be broadly classified into two major types namely flood attack and crash attack [2][3]. Flood attack involves overwhelming the target server with several thousand requests thereby slowing down the service for legitimate users [4]. On the other hand, a crash attack exploits the vulnerabilities in the victim server causing it to hang, reboot or crash.…”

“…Typical temporary effects include flooding, slowdown of services, rapid consumption of resources, sudden spikes in processor usage etc. These attacks manifest themselves as temporary outages that cause non-availability of service for short periods of time [4]. On the other hand, permanent attacks are catastrophic and can result in server crashes, disruption of routing information, data corruption or in extreme cases render the server hardware unusable requiring complete hardware replacement.…”

“…Such attacks can result in long term outages and can severely damage the reputation of an enterprise resulting in a decline of user trust. Thus it has become imperative to protect vulnerable servers against such attacks [1][2][3][4].…”

“…Although absolute prevention of attacks is difficult, several techniques have been proposed to counter DDoS attacks. The two main techniques that deal with DDoS attacks involve mitigation of attacks and identification of the attack source [4]. Honeypots can be effectively used in both of these cases.…”

“…Unlike flooding attacks that cause short term outages and slowdown of services, crashing attacks manipulate vulnerabilities in production servers causing data corruption, theft of confidential information, server crashes and reboots causing long term outages [4]. Thus, preventing such attacks requires additional intelligence in honey VM's and daemons.…”

HoneyMesh: Preventing Distributed Denial of Service Attacks using Virtualized Honeypots

Security Challenges for Cloud Radio Access Networks

IPTVNetwork Security: Threats and Countermeasures