Denial-of-Service Attack-Detection Techniques
IEEE Internet Computing
Scalable network-layer defense against internet bandwidth-flooding attacks
IEEE/ACM Transactions on Networking (TON)
NetFence: preventing internet denial of service from inside out
Proceedings of the ACM SIGCOMM 2010 conference
Traceback of DDoS Attacks Using Entropy Variations
IEEE Transactions on Parallel and Distributed Systems
Hi-index | 0.00 |
In these day, we obtain various information through internet services and the distributed denial-of-service (DDoS) attacks for threatening the services are socially and economically serious threats. Recently, the attacks that occurred in July 2009 significantly damaged to the major internet services of countries such as South Korea. Due to the seriousness of DDoS attacks, these have been researched in a variety of ways in academies and industries to protect the internet services. However, the existing defense methods have the fundamental limitation that can be vulnerable to the unknown DDoS attacks of new traffic pattern to avoid the methods because the methods apply the defense policies of fixed thresholds that are mainly determined by the learning of traffic volume. Thus, whenever the new DDoS attacks are occurred, the damage is also repeated by the attacks. To overcome the problem caused by the fixed threshold, the paper introduces the automatic control method of defense policy against the DDoS attacks through the monitoring of current system resources. We focused on the fact that the usage ratios of various system resources show the abnormal statuses of server if the service failure of server is occurred by that attacks that were not blocked by current defense policies. Our method measures the usage changes of system resources and detects the abnormal situations and automatically adjusts current defense policies in conjunction with the strength of change. As a result, the DDoS attacks are gradually mitigated by the automatic threshold controlling of our method.