Characterizing DDoS attack distributions from emulation based experiments on DETER testbed

Quantified Score

Visualization

Abstract

In the present era Internet has changed the way traditional essential services such as banking, transportation, power, health and defense being operated. These operations are being replaced by cheaper and more efficient Internet-based applications. It is all because of rapid growth and success of Internet in every sector. Now days, the World is highly dependent on the Internet. Hence, availability of the Internet is very critical for the socio-economic growth of the society. Distributed denial of service (DDoS) attack is a kind of attack which poses immense threat on the availability of Internet. DDoS attacks occur almost every day. Due to lack of a comprehensive solution to these attacks, frequency and the volume of these attacks are soaring day by day. Currently there is no general consent in the researcher community regarding distribution of attack traffic that is being used by attackers to launch attack. As a result of which researchers generally use attack distributions which they feel more relevant and comfortable for testing and validating their defense approaches. This leads to incomplete, ambiguous and imprecise outcomes. In this paper, we have characterized DDoS attack distributions from emulated attack datasets created using DETER testbed. Attack traffic distributions created by us can be directly used by researchers to validate their defense mechanisms against DDoS attacks and hence will foster formulation of comprehensive defense solutions.