Characterizing DDoS attacks and flash events: Review, research gaps and future directions

Behal, Sunny; Kumar, Krishan; Sachdeva, Monika

doi:10.1016/j.cosrev.2017.07.003

Cited by 46 publications

(23 citation statements)

References 24 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Journal of Computer Networks and Communications Journal of Computer Networks and Communications detection method should not only work to achieve an academic target but also offer an option for the world cyber security in detecting HTTP DDoS attacks. e proposed solutions to DDoS are academic interest, and only some have been implemented in real time [47,48]. e use of real tools of HTTP DDoS attack will help to gain input about the current attack strategies and prediction about a future attack.…”

Section: Detection Methods For Future Workmentioning

confidence: 99%

Review of Recent Detection Methods for HTTP DDoS Attack

Jaafar

Abdullah

Ismail

2019

Journal of Computer Networks and Communications

View full text Add to dashboard Cite

With increment in dependency on web technology, a commensurate increase has been noted in destructive attempts to disrupt the essential web technologies, hence leading to service failures. Web servers that run on Hypertext Transfer Protocol (HTTP) are exposed to denial-of-service (DoS) attacks. A sophisticated version of this attack known as distributed denial of service (DDOS) is among the most dangerous Internet attacks, with the ability to overwhelm a web server, thereby slowing it down and potentially taking it down completely. This paper reviewed 12 recent detection of DDoS attack at the application layer published between January 2014 and December 2018. A summary of each detection method is summarised in table view, along with in-depth critical analysis, for future studies to conduct research pertaining to detection of HTTP DDoS attack.

show abstract

Section: Detection Methods For Future Workmentioning

confidence: 99%

Review of Recent Detection Methods for HTTP DDoS Attack

Jaafar

Abdullah

Ismail

2019

Journal of Computer Networks and Communications

View full text Add to dashboard Cite

show abstract

“…Peng et al [44] and Alsaleem et al [61] proposed a rule-based mechanism by which HTTP denial of service (DoS) attacks could be detected and isolated during flash events, while in the same vein, Saad et al [62] proposed a rule-based technique for the detection of anomalous ICMPv6 behaviours; all for the purpose of reducing the rates of false positives and negatives in threat situations. Also, Jazi et al [63] proposed a technique for detecting HTTP-based DoS attacks at the application layers of web servers using sampling techniques, while Behal et al [64] reviews existing strategies and methods for characterising and isolating Distributed Denial of Service (DDoS) attacks, even in the midst of flash events. Lonea [65] proposed a quantitative method for detecting DDoS attacks in cloud environments by analysing intrusion detection system alerts, while D'Cruze [66] proposed an efficient and flexible Software-Defined Networking (SDN) solution to mitigate DDoS attacks on Internet Service Provider (ISP) networks.…”

Section: Botnet Countermeasuresmentioning

confidence: 99%

A Botnets Circumspection: The Current Threat Landscape, and What We Know So Far

et al. 2019

View full text Add to dashboard Cite

Botnets have carved a niche in contemporary networking and cybersecurity due to the impact of their operations. The botnet threat continues to evolve and adapt to countermeasures as the security landscape continues to shift. As research efforts attempt to seek a deeper and robust understanding of the nature of the threat for more effective solutions, it becomes necessary to again traverse the threat landscape, and consolidate what is known so far about botnets, that future research directions could be more easily visualised. This research uses the general exploratory approach of the qualitative methodology to survey the current botnet threat landscape: Covering the typology of botnets and their owners, the structure and lifecycle of botnets, botnet attack modes and control architectures, existing countermeasure solutions and limitations, as well as the prospects of a botnet threat. The product is a consolidation of knowledge pertaining the nature of the botnet threat; which also informs future research directions into aspects of the threat landscape where work still needs to be done.

show abstract

“…At present, there are 45 kinds of DDoS attacks based on TCP and UDP protocols [38][39][40]. Many researchers have proposed DDoS attack classification methods [41][42][43][44]. In view of the current types of DDoS attacks, this paper extracts 102 features by summarizing the research results of these researchers [8][9][10][11].…”

Section: System Model and Problem Statementmentioning

confidence: 99%

“…If we can acquire some features, we can lock the DDoS attack type range, which will greatly help the later DDoS mitigation. According to the method proposed by researchers in [41][42][43][44], each attack vector can be characterized by feature subsets to construct the attack vector feature tree. When a DDoS attack occurs, the attack feature tree can be used to quickly locate the DDoS attack type.…”

Section: Definition 2 One-way Flow: Refers To a List Of Data Packetsmentioning

confidence: 99%

See 1 more Smart Citation

A Feature Analysis Based Identifying Scheme Using GBDT for DDoS with Multiple Attack Vectors

et al. 2019

View full text Add to dashboard Cite

In recent years, distributed denial of service (DDoS) attacks have increasingly shown the trend of multiattack vector composites, which has significantly improved the concealment and success rate of DDoS attacks. Therefore, improving the ubiquitous detection capability of DDoS attacks and accurately and quickly identifying DDoS attack traffic play an important role in later attack mitigation. This paper proposes a method to efficiently detect and identify multivector DDoS attacks. The detection algorithm is applicable to known and unknown DDoS attacks.

show abstract

Characterizing DDoS attacks and flash events: Review, research gaps and future directions

Cited by 46 publications

References 24 publications

Review of Recent Detection Methods for HTTP DDoS Attack

Review of Recent Detection Methods for HTTP DDoS Attack

A Botnets Circumspection: The Current Threat Landscape, and What We Know So Far

A Feature Analysis Based Identifying Scheme Using GBDT for DDoS with Multiple Attack Vectors

Contact Info

Product

Resources

About