Distributed Denial of Service Attacks and Defense Mechanisms: Current Landscape and Future Directions

Bhatia, Sajal; Behal, Sunny; Ahmed, Irfan

doi:10.1007/978-3-319-97643-3_3

Cited by 36 publications

(28 citation statements)

References 69 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Once such a connection has been established, the attacker generates an enormous number of HTTP requests, with the aim of flooding the victim's server and depleting its available resources. HTTP flood attacks are difficult to detect [24] because the attacker is able to mimic legitimate users' behavior, making it appear as if the HTTP requests originated from legitimate sources [25]. To conduct this type of attack, attackers use either tools such as bonesi and goldeneye or a script written by professional hackers.…”

Section: A Http Flood Attacksmentioning

confidence: 99%

Machine Learning Approaches for Combating Distributed Denial of Service Attacks in Modern Networking Environments

Aljuhani

2021

IEEE Access

View full text Add to dashboard Cite

Section: A Http Flood Attacksmentioning

confidence: 99%

Machine Learning Approaches for Combating Distributed Denial of Service Attacks in Modern Networking Environments

Aljuhani

2021

IEEE Access

View full text Add to dashboard Cite

“…Many research efforts have been devoted to tackle DDoS attacks leveraging ML and/or SDN [2]- [4], [14]. In what follows, we will review the main defense mechanisms proposed in the literature to handle DDoS attacks exploiting the intelligence of ML techniques and/or the flexibility provided by network programmability (i.e., SDN).…”

Section: Related Workmentioning

confidence: 99%

Robust Self-Protection Against Application-Layer (D)DoS Attacks in SDN Environment

Benzaïd

Boukhalfa

Taleb

2020

2020 IEEE Wireless Communications and Networking Conference (WCNC)

View full text Add to dashboard Cite

The expected high bandwidth of 5G and the envisioned massive number of connected devices will open the door to increased and sophisticated attacks, such as applicationlayer DDoS attacks. Application-layer DDoS attacks are complex to detect and mitigate due to their stealthy nature and their ability to mimic genuine behavior. In this work, we propose a robust application-layer DDoS self-protection framework that empowers a fully autonomous detection and mitigation of the application-layer DDoS attacks leveraging on Deep Learning (DL) and SDN enablers. The DL models have been proven vulnerable to adversarial attacks, which aim to fool the DL model into taking wrong decisions. To overcome this issue, we build a DL-based application-layer DDoS detection model that is robust to adversarial examples. The performance results show the effectiveness of the proposed framework in protecting against application-layer DDoS attacks even in the presence of adversarial attacks.

show abstract

“…To position our work in the right perspective, we note that there are two main families of DDoS defense techniques depending on where the detection of mitigation of the DDoS attack is performed: source‐end DDoS methods and victim‐end DDoS methods . Our approach is a victim‐end DDoS defense.…”

Section: Related Workmentioning

confidence: 99%

Mitigating DDoS using weight‐based geographical clustering

Kongshavn¹,

Haugerud

Yazidi

et al. 2020

Concurrency and Computation

View full text Add to dashboard Cite

Distributed denial of service (DDoS) attacks have for the last two decades been among the greatest threats facing the internet infrastructure. Mitigating DDoS attacks is a particularly challenging task as an attacker tries to conceal a huge amount of traffic inside a legitimate traffic flow. This article proposes to use data mining approaches to find unique hidden data structures which are able to characterize the normal traffic flow. This will serve as a mean for filtering illegitimate traffic under DDoS attacks. In this endeavor, we devise three algorithms built on previously uncharted areas within mitigation techniques where clustering techniques are used to create geographical clusters in regions which are likely to contain legitimate traffic. We argue through extensive experimental results that establishing clusters around this narrative is a superior solution to clustering algorithms which rely on bitwise distances between IP addresses. In addition, the DDoS filtering algorithm is deployed in a virtual Linux environment using Nfqueue and tested in a simulated real-life DDoS attack.

show abstract

Distributed Denial of Service Attacks and Defense Mechanisms: Current Landscape and Future Directions

Cited by 36 publications

References 69 publications

Machine Learning Approaches for Combating Distributed Denial of Service Attacks in Modern Networking Environments

Machine Learning Approaches for Combating Distributed Denial of Service Attacks in Modern Networking Environments

Robust Self-Protection Against Application-Layer (D)DoS Attacks in SDN Environment

Mitigating DDoS using weight‐based geographical clustering

Contact Info

Product

Resources

About