Distributed Defence of Service (DiDoS): A Network-layer Reputation-based DDoS Mitigation Architecture

Otung, Andikan; Martin, Andrew

doi:10.5220/0009091206190630

Cited by 4 publications

(2 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Benign traffic and malicious data flow compose the total number of arrivals to a victim for a given time in an attack. Various methods of fighting with DDoS attacks may include challengeresponse [19], reputation-based access [20], resource limits [21], anomaly detection [22], source tracing [23], filtering, resource scaling [24], etc. It is worth mentioning that the goal of our article is to strengthen cooperation against attacks from the perspective of attacking expense.…”

Section: Attack Model and Assumptionsmentioning

confidence: 99%

Too Expensive to Attack: A Joint Defense Framework to Mitigate Distributed Attacks for the Internet of Things Grid

Li¹,

Liu²,

Jin³

et al. 2021

Preprint

View full text Add to dashboard Cite

The distributed denial of service (DDoS) attack is detrimental to businesses and individuals as we are heavily relying on the Internet. Due to remarkable profits, crackers favor DDoS as cybersecurity weapons in attacking servers, computers, IoT devices, and even the entire Internet. Many current detection and mitigation solutions concentrate on specific technologies in combating DDoS, whereas the attacking expense and the cross-defender collaboration have not drawn enough attention. Under this circumstance, we revisit the DDoS attack and defense in terms of attacking cost and populations of both parties, proposing a joint defense framework to incur higher attacking expense in a grid of Internet service providers (ISPs), businesses, individuals, and third-party organizations (IoT Grid). Meanwhile, the defender's cost does not grow much during combats. The skyrocket of attacking expense discourages profitdriven attackers from launching further attacks effectively. The quantitative evaluation and experimental assessment reinforce the effectiveness of our framework.

show abstract

Section: Attack Model and Assumptionsmentioning

confidence: 99%

Too Expensive to Attack: A Joint Defense Framework to Mitigate Distributed Attacks for the Internet of Things Grid

Li¹,

Liu²,

Jin³

et al. 2021

Preprint

View full text Add to dashboard Cite

show abstract

“…Distributed denial of service attacks (DDoS) are a form of DoS attacks that are executed by multiple distributed agents. Since their emergence two decades ago [1], and despite a plethora of ensuing research, DDoS attacks have plagued the Internet, growing consistently in magnitude and prevalence, to become recognized by Internet Service Providers as the top operational threat to their customers [2], [3]; costing victims hundreds of thousands of dollars per attack [4], [5]. This threat is being compounded by growth in the Internet of Things (IoT) [6], [7].…”

Section: Introductionmentioning

confidence: 99%

Towards Comparative Evaluation of DDoS Defences

Otung

Martin

2022

2022 15th International Conference on Security of Information and Networks (SIN)

View full text Add to dashboard Cite

DDoS defence evaluation provides a way to capture the usefulness of defensive solutions to one of the most notorious Internet attacks of our computing generation. An alternative approach to evaluation offers a valuable mechanism by which different DDoS defences can be commensurably and objectively compared. Such a development would not only enable individual organizations to make better informed decisions on which defences to implement but could also aid collaborations to realize global solutions; and reveal insights into aspects requiring further investigation.We present CED3 (pronounced "Seed"), a DDoS defence evaluation framework designed to facilitate the commensurable comparison between DDoS defences in a way that captures their strengths and weaknesses. Firstly, CED3 introduces the notion of true effectiveness, which addresses the problem, identified in the literature, of previously validated defences subsequently being shown to be ineffective when evaluated under different attack conditions. CED3 leverages a structured theoretical analysis process to drive empirical data acquisition in order to enhance consistency, transparency and, ultimately, longevity of evaluation conclusions. Lastly, CED3 introduces the concept of defence maps, which applies the idea of true effectiveness to "scopes" in order to communicate the strengths and weaknesses of defences in a way that allows them to be visually compared.We demonstrate the CED3 framework by applying it to comparatively evaluate three DDoS defences. Using results obtained from extensive simulations in NS-3, we show how the strengths and weaknesses of different defences can be visually compared. We conclude by discussing the merits and limitations of CED3.

show abstract

DDoS Attacks Analysis with Cyber Data Forensics using Weighted Logistic Regression and Random Forest

Tolanur

Chaudhari

2023

2023 International Conference on Device Intelligence, Computing and Communication Technologies, (DICCT)

View full text Add to dashboard Cite

Distributed Defence of Service (DiDoS): A Network-layer Reputation-based DDoS Mitigation Architecture

Cited by 4 publications

References 0 publications

Too Expensive to Attack: A Joint Defense Framework to Mitigate Distributed Attacks for the Internet of Things Grid

Too Expensive to Attack: A Joint Defense Framework to Mitigate Distributed Attacks for the Internet of Things Grid

Towards Comparative Evaluation of DDoS Defences

DDoS Attacks Analysis with Cyber Data Forensics using Weighted Logistic Regression and Random Forest

Contact Info

Product

Resources

About