DoS and DDoS Attacks: Defense, Detection and Traceback Mechanisms – A Survey

1
K Munivara Prasad
K Munivara Prasad B.Tech, ME, Ph.D.
2
K.Munivara Prasad
K.Munivara Prasad
3
Dr.A.Rama Mohan Reddy
Dr.A.Rama Mohan Reddy
4
Dr K.Venugopal Rao
Dr K.Venugopal Rao
1 Rayalaseema University,Kurnool

Send Message

To: Author

GJCST Volume 14 Issue E7

Article Fingerprint

ReserarchID

CSTNWSI3C7M

DoS and DDoS Attacks: Defense, Detection and Traceback Mechanisms – A Survey Banner
  • English
  • Afrikaans
  • Albanian
  • Amharic
  • Arabic
  • Armenian
  • Azerbaijani
  • Basque
  • Belarusian
  • Bengali
  • Bosnian
  • Bulgarian
  • Catalan
  • Cebuano
  • Chichewa
  • Chinese (Simplified)
  • Chinese (Traditional)
  • Corsican
  • Croatian
  • Czech
  • Danish
  • Dutch
  • Esperanto
  • Estonian
  • Filipino
  • Finnish
  • French
  • Frisian
  • Galician
  • Georgian
  • German
  • Greek
  • Gujarati
  • Haitian Creole
  • Hausa
  • Hawaiian
  • Hebrew
  • Hindi
  • Hmong
  • Hungarian
  • Icelandic
  • Igbo
  • Indonesian
  • Irish
  • Italian
  • Japanese
  • Javanese
  • Kannada
  • Kazakh
  • Khmer
  • Korean
  • Kurdish (Kurmanji)
  • Kyrgyz
  • Lao
  • Latin
  • Latvian
  • Lithuanian
  • Luxembourgish
  • Macedonian
  • Malagasy
  • Malay
  • Malayalam
  • Maltese
  • Maori
  • Marathi
  • Mongolian
  • Myanmar (Burmese)
  • Nepali
  • Norwegian
  • Pashto
  • Persian
  • Polish
  • Portuguese
  • Punjabi
  • Romanian
  • Russian
  • Samoan
  • Scots Gaelic
  • Serbian
  • Sesotho
  • Shona
  • Sindhi
  • Sinhala
  • Slovak
  • Slovenian
  • Somali
  • Spanish
  • Sundanese
  • Swahili
  • Swedish
  • Tajik
  • Tamil
  • Telugu
  • Thai
  • Turkish
  • Ukrainian
  • Urdu
  • Uzbek
  • Vietnamese
  • Welsh
  • Xhosa
  • Yiddish
  • Yoruba
  • Zulu

Denial of Service (DoS) or Distributed Denial of Service (DDoS) attacks are typically explicit attempts to exhaust victim’s bandwidth or disrupt legitimate users’ access to services. Traditional architecture of internet is vulnerable to DDoS attacks and it provides an opportunity to an attacker to gain access to a large number of compromised computers by exploiting their vulnerabilities to set up attack networks or Botnets. Once attack network or Botnet has been set up, an attacker invokes a large-scale, coordinated attack against one or more targets. Asa result of the continuous evolution of new attacks and ever-increasing range of vulnerable hosts on the internet, many DDoS attack Detection, Prevention and Traceback mechanisms have been proposed, In this paper, we tend to surveyed different types of attacks and techniques of DDoS attacks and their countermeasures. The significance of this paper is that the coverage of many aspects of countering DDoS attacks including detection, defence and mitigation, traceback approaches, open issues and research challenges.

79 Cites in Articles

References

  1. T Peng,C Leckie,K Rmrao (2007). Survey of network-based defense mechanisms countering the DoS and DDoS problems.
  2. V Chandola,A Banerjee,V Kumar (2009). Anomaly detection: A survey.
  3. G Loukas,¨g Oke (2010). Protection against denial of service attacks: A survey.
  4. M Bhuyan,D Bhattacharyya,J Kalita (2011). Surveying Port Scans and Their Detection Methodologies.
  5. H Kashyap,D Bhattacharyya (2012). A DDoS attack detection mechanism based on protocol specific traffic features.
  6. A Hansen,A Sloutski,R Wong,Y Fang,L Stotchel,C Sadasivan,M Rafailovich (2006). Development of polymer systems capable of counteracting surface-induced fibrillogenesis.
  7. P Criscuolo (2000). Distributed Denial of Service Tools, Trin00, Tribe Flood Network, Tribe Flood Network 2000 and Stacheldraht..
  8. J Mirkovic,P Reiher (2004). A taxonomy of DDoS attack and DDoS defense mechanisms.
  9. S Ranjan,Uysal Swaminathan,Knightly (2006). DDoS-Resilient Scheduling to Counter Application Layer Attacks under Imperfect Detection.
  10. R Chang (2002). Defending against flooding-based distributed denial-of-service attacks: a tutorial.
  11. R Puri (2003). Bots and Botnet -an overview.
  12. B Todd (2000). Distributed Denial of Service Attacks.
  13. Cert (2001). Denial of Service Attacks.
  14. Jing Liu,Yang Xiao,Kaveh Ghaboosi,Hongmei Deng,Jingyuan Zhang (2009). Botnet: Classification, Attacks, Detection, Tracing, and Preventive Measures.
  15. Prasad Munivara,Dr Rama,Mohan Reddy,Dr K Venugopal Rao (2013). Discrimination of Flash crowd attacks from DDoS attacks on internet threat monitoring (ITM) using Entropy variations.
  16. Prasad Munivara,Dr Rama,Mohan Reddy (2012). IP Traceback for Flooding attacks on Internet Threat Monitors (ITM ) Using Honeypots.
  17. Y Xiang,K Li,Zhou (2011). Low-rate DDoS attacks detection and traceback by using new information metrics.
  18. Yi Wu,Huei Tseng,Wuu Yang,Rong Jan (2011). DDoS detection and traceback with decision tree and grey relational analysis.
  19. , Chen,W K. Hwang,Ku (2006). Distributed change-point detection of DDoS attacks over multiple network domains.
  20. J Mirkovic,G Prier,P Reiher (2002). Attacking DDoS at the source.
  21. A Saifullah (2009). Defending against distributed denial-of-service attacks with weight-fair router throttling.
  22. T Peng,C Leckie,K Rao (2004). Detecting distributed denial of service attacks using source IP address" monitoring.
  23. J Cheng,J Yin,C Wu,Zhang,Y Li (2009). DDoS attack detection method based on linear prediction model.
  24. J Udhayan,T Hamsapriya (2011). Statistical segregation method to minimize the false detections during DDoS attacks.
  25. G Oke,G Loukas (2007). A Denial of Service Detector based on Maximum Likelihood Detection and the Random Neural Network.
  26. Yossi Gilad,Amir Herzberg (2012). LOT.
  27. S Shiaeles,V Katos,A Karakos,B Papadopoulos (2012). Real time DDoS detection using fuzzy estimators.
  28. T Spyridopoulos,G Karanikas,T Tryfonas,G Oikonomou (2013). A game theoretic defence framework against DoS/DDoS cyber attacks.
  29. C Chen (2009). A new detection method for distributed denial-of-service attack traffic based on statistical test.
  30. Guoxing Zhang,Shengming Jiang,Gang Wei,Quansheng Guan (2009). A prediction-based detection algorithm against distributed denial-of-service attacks.
  31. A Akella,M Bharambe,M Reiter,S Seshan (2003). Detecting DDoS attacks on ISP networks.
  32. Y Liu,B Cukic,S Gururajan (2007). Validating neural network-based online adaptive systems: A case study.
  33. Jin Li,Yong Liu,Lin Gu (2010). DDoS attack detection based on neural network.
  34. P Agrawal,B Gupta,Satbir Jain,M Pattanshetti (2011). Estimating Strength of a DDoS Attack in Real Time Using ANN Based Scheme.
  35. T Chang-Lung,A Chang,Ming Szu,H (2010). Early Warning System for DDoS Attacking Based on Multilayer Deployment of Time Delay Neural Network.
  36. Rasool Jalili,Fatemeh Imani-Mehr,Morteza Amini,Hamid Shahriari (2005). Detection of Distributed Denial of Service Attacks Using Statistical Pre-processor and Unsupervised Neural Networks.
  37. R Karimazad,A Faraahi (2011). A "An anomalybased method for DDoS attacks detection using rbf neural networks.
  38. Dimitris Gavrilis,Evangelos Dermatas (2005). Real-time detection of distributed denial-of-service attacks using RBF networks and statistical features.
  39. Y Wu,H Tseng,W Yang,Jan,R (2011). DoS detection and traceback with decision tree and grey relational analysis.
  40. H Nguyen,Y Choi (2010). Proactive detection of DDoS attacks utilizing k-NN classifier in an Anti-DDoS framework.
  41. Prasad Munivara,Dr Rama,Mohan Reddy (2011). Modelling and Counter measures of Flooding attacks to ITM using Botnet and Group Testing.
  42. P Kumar,S Selvakumar (2011). Distributed denial of service attack detection using an ensemble of neural classifier.
  43. C Scott,R Nowak (2005). A neyman-pearson approach to statistical learning.
  44. T Gil,M Poletto (2001). MULTOPS: a datastructure for bandwidth attack detection.
  45. R Thomas,B Mark,T Johnson,J Croall (2003). NetBouncer: client-legitimacy-based high-performance DDoS filtering.
  46. J Wang,R Phan,J Whitley,D Parish (2010). Augmented attack tree modelling of distributed denial of services and tree based attack detection method.
  47. L Limwiwatkul,A Rungsawang (2004). Distributed denial of service detection using TCP/IP header and traffic measurement analysis.
  48. G Zhang,M Parashar (2006). Cooperative defence against DDoS attacks.
  49. D Wu,K Lu,J Fan,S Todorovic,A Nucci (2007). Robust and efficient detection of DDoS attacks for large-scale internet.
  50. K Hwang,P Dave,S Tanachaiwiwat (2003). Net Shield: Protocol anomaly detection with datamining against DDoS attacks.
  51. Z Chen,Z Chen,A Delis (2007). An inline detection and prevention framework for distributed denial of service attacks.
  52. Keunsoo Lee,Juhyun Kim,Ki Kwon,Younggoo Han,Sehun Kim (2008). DDoS attack detection method using cluster analysis.
  53. V Sekar,N Dueld,O Spatscheck,J Van Der Merwe,H Zhang (2006). LADS: large-scale automated DDoS detection system.
  54. Hamza Rahmani,Nabil Sahli,Farouk Kammoun (2009). Joint Entropy Analysis Model for DDoS Attack Detection.
  55. Yang Xiang,Ke Li,Wanlei Zhou (2011). Low-Rate DDoS Attacks Detection and Traceback by Using New Information Metrics.
  56. C Shannon (1948). A Mathematical Theory of Communication.
  57. Jérôme Francois,Issam Aib,Raouf Boutaba (2012). FireCol: A Collaborative Protection Network for the Detection of Flooding DDoS Attacks.
  58. N Jeyanthi,R Thandeeswaran,J Vinithra (2012). Rqa based approach to detect and prevent ddos attacks in voip networks.
  59. M Li,M Li (2009). A new approach for detecting DDoS attacks based on wavelet analysis.
  60. R Zhong,G Yue (2010). DDoS detection system based on data mining.
  61. R Agrawal,R Srikant (12-1). Fast algorithms for mining association rules in large databases.
  62. Morgan Kaufmann (1994). The Morgan Kaufmann Series in Data Management Systems.
  63. J Dunn (1973). A Fuzzy Relative of the ISODATA Process and Its Use in Detecting Compact Well-Separated Clusters.
  64. Alberto Dainotti,Antonio Pescapé,Giorgio Ventre (2009). A cascade architecture for DoS attacks detection based on the wavelet transform.
  65. Alfred Haar,A (1910). Zur Theorie der orthogonalen Funktionensysteme.
  66. L Li,G Lee (2003). DDoS attack detection and wavelets.
  67. B Gupta,R Joshi,M Misra (2012). ANN based scheme to predict number of zombies in DDoS attack.
  68. R Yan,Q Zheng,G Niu,S Gao (2008). A new way to detect DDoS attacks within single router.
  69. Jieren Cheng,Jianping Yin,Yun Liu,Zhiping Cai,Chengkun Wu (2009). DDoS Attack Detection Using IP Address Feature Interaction.
  70. Z Xia,S Lu,J Li,J Tang (2010). Enhancing DDoS flood attack detection via intelligent fuzzy logic.
  71. Changwang Zhang,Zhiping Cai,Weifeng Chen,Xiapu Luo,Jianping Yin (2012). Flow level detection and filtering of low-rate DDoS.
  72. D Zhao,I Traore,B Sayed,W Lu,S Saad,A Ghorbani,D Garant (2013). Botnet detection based on traffic behaviour analysis and flow intervals.
  73. P Senthilmahesh,S Hemalatha,P Rodrigues,A Shanthakumari (2012). DDoS Attacks Defense System Using Information Metrics.
  74. Erol Gelenbe,George Loukas (2007). A self-aware approach to denial of service defence.
  75. Krishan Kumar,A Sangal,Abhinav Bhandari (2011). Traceback techniques against DDOS attacks: A comprehensive review.
  76. Shui Yu,Wanlei Zhou,Robin Doss,Weijia Jia (2011). Traceback of DDoS Attacks Using Entropy Variations.
  77. Yang Xiang,Ke Li,Wanlei Zhou (2011). Low-Rate DDoS Attacks Detection and Traceback by Using New Information Metrics.
  78. H Lipson (2002). Tracking and Tracing Cyber-Attacks: Technical Challenges and Global Policy Issues.
  79. K Subhashini,G Subbalakshmi (2012). Efficient Machine Learning Approaches for Intrusion Identification of DDoS Attacks in Cloud Networks.

Funding

No external funding was declared for this work.

Conflict of Interest

The authors declare no conflict of interest.

Ethical Approval

No ethics committee approval was required for this article type.

Data Availability

Not applicable for this article.

K Munivara Prasad. 2014. \u201cDoS and DDoS Attacks: Defense, Detection and Traceback Mechanisms – A Survey\u201d. Global Journal of Computer Science and Technology - E: Network, Web & Security GJCST-E Volume 14 (GJCST Volume 14 Issue E7): .

Download Citation

Issue Cover
GJCST Volume 14 Issue E7
Pg. 15- 32
Journal Specifications

Crossref Journal DOI 10.17406/gjcst

Print ISSN 0975-4350

e-ISSN 0975-4172

Classification
Not Found
Version of record

v1.2

Issue date

November 12, 2014

Language

English

Experiance in AR

The methods for personal identification and authentication are no exception.

Read in 3D

The methods for personal identification and authentication are no exception.

Article Matrices
Total Views: 8618
Total Downloads: 2270
2026 Trends
Research Identity (RIN)
Related Research

Published Article

Denial of Service (DoS) or Distributed Denial of Service (DDoS) attacks are typically explicit attempts to exhaust victim’s bandwidth or disrupt legitimate users’ access to services. Traditional architecture of internet is vulnerable to DDoS attacks and it provides an opportunity to an attacker to gain access to a large number of compromised computers by exploiting their vulnerabilities to set up attack networks or Botnets. Once attack network or Botnet has been set up, an attacker invokes a large-scale, coordinated attack against one or more targets. Asa result of the continuous evolution of new attacks and ever-increasing range of vulnerable hosts on the internet, many DDoS attack Detection, Prevention and Traceback mechanisms have been proposed, In this paper, we tend to surveyed different types of attacks and techniques of DDoS attacks and their countermeasures. The significance of this paper is that the coverage of many aspects of countering DDoS attacks including detection, defence and mitigation, traceback approaches, open issues and research challenges.

Our website is actively being updated, and changes may occur frequently. Please clear your browser cache if needed. For feedback or error reporting, please email [email protected]
×

This Page is Under Development

We are currently updating this article page for a better experience.

Request Access

Please fill out the form below to request access to this research paper. Your request will be reviewed by the editorial or author team.
X

Quote and Order Details

Contact Person

Invoice Address

Notes or Comments

This is the heading

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo.

High-quality academic research articles on global topics and journals.

DoS and DDoS Attacks: Defense, Detection and Traceback Mechanisms – A Survey

K.Munivara Prasad
K.Munivara Prasad
Dr.A.Rama Mohan Reddy
Dr.A.Rama Mohan Reddy
Dr K.Venugopal Rao
Dr K.Venugopal Rao

Research Journals