A comprehensive taxonomy of DDOS attacks and defense mechanism applying in a smart classification

Authors:
Abbass Asosheh, Dr.;Naghmeh Ramezani
Affiliations:
Information Technology Department, Tarbiat Modares University, Tehran, Iran;Information Technology Department, Tarbiat Modares University, Tehran, Iran
Venue:
WSEAS Transactions on Computers
Year:
2008

Citing 12
Cited 1

Practical network support for IP traceback

Proceedings of the conference on Applications, Technologies, Architectures, and Protocols for Computer Communication
Protecting web servers from distributed denial of service attacks

Proceedings of the 10th international conference on World Wide Web
Hash-based IP traceback

Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
Resilient overlay networks

SOSP '01 Proceedings of the eighteenth ACM symposium on Operating systems principles
A framework for classifying denial of service attacks

Proceedings of the 2003 conference on Applications, technologies, architectures, and protocols for computer communications
Data Mining: Concepts and Techniques

Data Mining: Concepts and Techniques
Introduction to Data Mining, (First Edition)

Introduction to Data Mining, (First Edition)
MULTOPS: a data-structure for bandwidth attack detection

SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Probability principle of a reliable approach to detect signs of DDOS flood attacks

PDCAT'04 Proceedings of the 5th international conference on Parallel and Distributed Computing: applications and Technologies
A formalized taxonomy of DDoS attacks based on similarity

ISI'06 Proceedings of the 4th IEEE international conference on Intelligence and Security Informatics
A comprehensive categorization of DDoS attack and DDoS defense techniques

ADMA'06 Proceedings of the Second international conference on Advanced Data Mining and Applications
Detection of distributed denial of service attacks using statistical pre-processor and unsupervised neural networks

ISPEC'05 Proceedings of the First international conference on Information Security Practice and Experience

DDoS attacks detection model and its application

WSEAS Transactions on Computers

Quantified Score

Hi-index	0.00

Visualization

Abstract

A Distributed denial of service (DDoS) attack uses multiple machines operating in concern to attack a network or site. It is the most important security problem for IT managers. These attacks are very simple organized for intruders and hence so disruptive. The detection and defense of this attack has specific importance among network specialists. In this paper a new and smart taxonomy of DDoS attack and defense mechanism will be introduced. The attacks taxonomy is introduced using both known and potential attack mechanisms. It comprises all types of attacks and provides a comprehensive point of view for DDoS attacks. We introduce a useful tool that can be employed to a sophisticated selection defense method for DDoS attacks. Furthermore a smart taxonomy method of DDOS attacks will be proposed to help selection an appropriate defense mechanism. This method uses some features of DDOS attacks and classifies it to several clusters by Kmean algorithm and labels each cluster with a defense mechanism. If an IDS detects a DDOS attack, proposed system extract attack features and classify it by KNN (K-Nearest-Neighbor) to determine the cluster in which it belongs to. The defense mechanisms taxonomy is using the currently known approaches. Also the comprehensive defense classification will help to find the appropriate strategy to overcome the DDoS attack.