Denial-of-Service Attack-Detection Techniques
IEEE Internet Computing
Scalable network-layer defense against internet bandwidth-flooding attacks
IEEE/ACM Transactions on Networking (TON)
NetFence: preventing internet denial of service from inside out
Proceedings of the ACM SIGCOMM 2010 conference
Traceback of DDoS Attacks Using Entropy Variations
IEEE Transactions on Parallel and Distributed Systems
Hi-index | 0.00 |
Socially and economically, the distributed denial-of-service (DDoS) attacks have been serious threats in the cyber world. Despite of many researches, current defense methods can be vulnerable to the DDoS attacks of unknown traffic pattern to avoid the methods. That is because most of the defense policies configured for the methods are fixed thresholds that were mainly determined by the learning of traffic volume. To overcome the problem caused by the fixed thresholds, we introduce the endpoint mitigation method based on the dynamic thresholding of DDoS defense policies according to the usage changes of system resources. We focused on the fact that the usage changes of system resources show the abnormal statuses of server if the failure/delay of service is occurred by the DDoS attacks that have not been blocked by current defense thresholds. The proposed method detects the server overload as measuring the usage changes of system resources and automatically adjusts current defense thresholds in conjunction with the strength of usage change. As the result, the service problem caused by the DDoS attacks can be gradually mitigated by the automatic threshold controlling of our method.