Review: Analyzing well-known countermeasures against distributed denial of service attacks

Authors:
Hakem Beitollahi;Geert Deconinck
Affiliations:
Katholieke Universiteit Leuven, Electrical Engineering Department, Kasteelpark Arenberg 10, Leuven, Belgium;Katholieke Universiteit Leuven, Electrical Engineering Department, Kasteelpark Arenberg 10, Leuven, Belgium
Venue:
Computer Communications
Year:
2012

Citing 47
Cited 3

Traffic analysis: protocols, attacks, design issues, and open problems

International workshop on Designing privacy enhancing technologies: design issues in anonymity and unobservability
On the effectiveness of route-based packet filtering for distributed DoS attack prevention in power-law internets

Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
Network support for IP traceback

IEEE/ACM Transactions on Networking (TON)
An algebraic approach to IP traceback

ACM Transactions on Information and System Security (TISSEC)
Controlling high bandwidth aggregates in the network

ACM SIGCOMM Computer Communication Review
Passive estimation of TCP round-trip times

ACM SIGCOMM Computer Communication Review
Denial-of-Service Attacks Rip the Internet

Computer
A framework for classifying denial of service attacks

Proceedings of the 2003 conference on Applications, technologies, architectures, and protocols for computer communications
Using graphic turing tests to counter automated DDoS attacks against web servers

Proceedings of the 10th ACM conference on Computer and communications security
Variability in TCP round-trip times

Proceedings of the 3rd ACM SIGCOMM conference on Internet measurement
Telling humans and computers apart automatically

Communications of the ACM - Information cities
Taming IP packet flooding attacks

ACM SIGCOMM Computer Communication Review
Alliance formation for DDoS defense

Proceedings of the 2003 workshop on New security paradigms
Internet indirection infrastructure

IEEE/ACM Transactions on Networking (TON)
A taxonomy of DDoS attack and DDoS defense mechanisms

ACM SIGCOMM Computer Communication Review
Tracing Anonymous Packets to Their Approximate Source

LISA '00 Proceedings of the 14th USENIX conference on System administration
Change-Point Monitoring for the Detection of DoS Attacks

IEEE Transactions on Dependable and Secure Computing
Defending against distributed denial-of-service attacks with max-min fair server-centric router throttles

IEEE/ACM Transactions on Networking (TON)
Low-Cost Traffic Analysis of Tor

SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
Trade-offs in probabilistic packet marking for IP traceback

Journal of the ACM (JACM)
D-WARD: A Source-End Defense against Flooding Denial-of-Service Attacks

IEEE Transactions on Dependable and Secure Computing
Denial-of-Service Attack-Detection Techniques

IEEE Internet Computing
Inferring Internet denial-of-service activity

ACM Transactions on Computer Systems (TOCS)
Mitigating denial of service attacks: a tutorial

Journal of Computer Security
Detecting and Isolating Malicious Routers

IEEE Transactions on Dependable and Secure Computing
Defense against spoofed IP traffic using hop-count filtering

IEEE/ACM Transactions on Networking (TON)
Centertrack: an IP overlay network for tracking DoS floods

SSYM'00 Proceedings of the 9th conference on USENIX Security Symposium - Volume 9
A Divide-and-Conquer Strategy for Thwarting Distributed Denial-of-Service Attacks

IEEE Transactions on Parallel and Distributed Systems
How dynamic are IP addresses?

Proceedings of the 2007 conference on Applications, technologies, architectures, and protocols for computer communications
Collaborative Detection of DDoS Attacks over Multiple Network Domains

IEEE Transactions on Parallel and Distributed Systems
A low-cost attack on a Microsoft captcha

Proceedings of the 15th ACM conference on Computer and communications security
Large-scale IP traceback in high-speed internet: practical techniques and information-theoretic foundation

IEEE/ACM Transactions on Networking (TON)
A large-scale hidden semi-Markov model for anomaly detection on user browsing behaviors

IEEE/ACM Transactions on Networking (TON)
Real-time detection of distributed denial-of-service attacks using RBF networks and statistical features

Computer Networks: The International Journal of Computer and Telecommunications Networking
Distinguishing DDoS Attacks from Flash Crowds Using Probability Metrics

NSS '09 Proceedings of the 2009 Third International Conference on Network and System Security
Making Overlay Networks more Robust to Massive Failures

PRDC '09 Proceedings of the 2009 15th IEEE Pacific Rim International Symposium on Dependable Computing
RAD: Reflector Attack Defense Using Message Authentication Codes

ACSAC '09 Proceedings of the 2009 Annual Computer Security Applications Conference
A Puzzle-Based Defense Strategy Against Flooding Attacks Using Game Theory

IEEE Transactions on Dependable and Secure Computing
Detecting distributed denial of service attacks by sharing distributed beliefs

ACISP'03 Proceedings of the 8th Australasian conference on Information security and privacy
Sampled traffic analysis by internet-exchange-level adversaries

PET'07 Proceedings of the 7th international conference on Privacy enhancing technologies
Honeypot back-propagation for mitigating spoofing distributed denial-of-service attacks

IPDPS'06 Proceedings of the 20th international conference on Parallel and distributed processing
An Improved Wavelet Analysis Method for Detecting DDoS Attacks

NSS '10 Proceedings of the 2010 Fourth International Conference on Network and System Security
Recognizing objects in adversarial clutter: breaking a visual captcha

CVPR'03 Proceedings of the 2003 IEEE computer society conference on Computer vision and pattern recognition
A Cooperative Mechanism to Defense against Distributed Denial of Service Attacks

TRUSTCOM '11 Proceedings of the 2011IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications
Enhanced CAPTCHAs: using animation to tell humans and computers apart

CMS'06 Proceedings of the 10th IFIP TC-6 TC-11 international conference on Communications and Multimedia Security
Robust Detection of MAC Layer Denial-of-Service Attacks in CSMA/CA Wireless Networks

IEEE Transactions on Information Forensics and Security
SOS: an architecture for mitigating DDoS attacks

IEEE Journal on Selected Areas in Communications

Detecting latent attack behavior from aggregated Web traffic

Computer Communications
Review: The role of communication systems in smart grids: Architectures, technical solutions and research challenges

Computer Communications
Real-time detection of application-layer DDoS attack using time series analysis

Journal of Control Science and Engineering - Special issue on Advances in Methods for Networked and Cyber-Physical System

Quantified Score

Hi-index	0.24

Visualization

Abstract

This paper reviews and analyzes well-known countermeasures against distributed denial of service (DDoS) attacks. This paper provides an in-depth analysis of each countermeasure and enumerates strengths and challenges of each technique. If it is possible, the paper designs a countermeasure against each defense mechanism from the attacker's point of view. We believe that this survey is the most complete survey that analyzes the most cited DDoS defense techniques in detail. We expect that this survey will assist the potential victims to choose suitable countermeasures against DDoS attacks based on the analysis presented here and as well as the capabilities that they have to implement the techniques. The analysis done in this paper provides a great opportunity for both academic and industrial researchers to improve the state of the art countermeasures against DDoS attacks.