Skip to main content
SpringerLink
Log in

A Comprehensive Categorization of DDoS Attack and DDoS Defense Techniques

  • Conference paper
Advanced Data Mining and Applications (ADMA 2006)

Part of the book series: Lecture Notes in Computer Science ((LNAI,volume 4093))

Included in the following conference series:

Abstract

Distributed Denial of Service (DDoS) attack is the greatest security fear for IT managers. With in no time, thousands of vulnerable computers can flood victim website by choking legitimate traffic. Several specific security measurements are deployed to encounter DDoS problem. Instead of specific solution, a comprehensive DDoS cure is needed which can combat against the previously and upcoming DDoS attack vulnerabilities. Development of such solution requires understanding of all those aspects which can help hacker to activate zombies and launch DDoS attack.

In this paper, we comprehensively analyzed the DDoS problem and we proposed a simplified taxonomy to categorize the attack scope and available defense solutions. This taxonomy can help the software developers and security practitioners to understand the common vulnerabilities that encourage the attackers to launch DDoS attack.

This research is supported by the Ubiquitous Computing and Network (UCN) Project, the Ministry of Information and Communication (MIC) 21st Century Frontier R&D Program in Korea.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Moore, D., Voelker, G., Savage, S.: Inferring Internet Denial of Service activity. In: Proceedings of the USENIX Security Symposium, Washington, DC, USA, pp. 9–22 (2001)

    Google Scholar 

  2. Karig, D., Lee, R.: Remote Denial of Service Attacks and Countermeasures. Princeton University

    Google Scholar 

  3. Davidowicz, D.: Domain Name System (DNS) Security (1999), http://compsec101.antibozo.net/papers/dnssec/dnssec.html

  4. Lee, H.H., Chang, E.C., Chan, M.C.: Pervasive Random Beacon in the Internet for Covert Coordination, http://www.comp.nus.edu.sg

  5. Distributed Denial of Service attacks and their defenses, http://www.lancs.ac.uk/postgrad/pissias/netsec/ddos/

  6. Lee, H.C.J., Thing, V.L.L., Xu, Y., Ma, M.: ICMP Traceback with Cumulative Path, an Efficient Solution for IP Traceback. In: Proceedings of the international conference on Information and Communication Security (October 2003)

    Google Scholar 

  7. Smurf Attack and Fraggle Attack, http://www.networkdictionary.com/security/SmurfAttack.php

  8. Korn, A., Feher, G.: RESPIRE – a Novel Approach to automatically Blocking SYN Flooding Attacks

    Google Scholar 

  9. Carl, G., Kesidis, G., Brooks, R.R., Rai, S.: Denial-of-Service Attack-Detection Techniques. In: Proceedings of the IEEE Computer Society (January/February 2006)

    Google Scholar 

  10. Luo, X., Chang, R.K.C.: On a New Class of Pulsing Denial-of-Service Attacks and the Defense

    Google Scholar 

  11. Intel, ReadySys, IP Fabrics: Modular, Flexible Internet Traffic-Monitoring Solution for Networks of Today and Tomorrow An Advanced TCA®-Based Security Solution from RadiSys and IP Fabrics, ICSA Labs (March 2005)

    Google Scholar 

  12. Chappell, L.: Advanced Packet Filtering, http://www.packet-level.com

  13. Wang, D., Ramakrishnan, K.K., Kalmanek, C.: Congestion Control in Resilient Packet Rings. In: Proceedings of the 12th IEEE International Conference on Network Protocols (ICNP 2004) (2004)

    Google Scholar 

  14. Dilli, R.K.: Passive Monitoring and Detection of Spoofed IP attacks

    Google Scholar 

  15. Baentsch, M., et al.: Enhancing the Web’s Infrastructure: From Caching to Reproduction. Proceedings of the IEEE Internet Computing 1(2) (1997)

    Google Scholar 

  16. Mirkovic, J., Prier, G., Reiher, P.L.: Attacking DDoS at the Source. In: Proceedings of the 10th IEEE International Conference on Network Protocols, November 12-15, 2002, pp. 312–321 (2002)

    Google Scholar 

  17. Kai, C., Xiaoxin, H., Ruibing, H.: DDOS SCOUTER: A SIMPLE IP TRACEBACK SCHEME: Bell-labs Research China, Lucent Technologies, Beijing, China

    Google Scholar 

  18. Song, D.X., Perrig, A.: Advanced and Authenticated Marking Schemes for IP Traceback. In: Proccedings, IEEE INFOCOM 2001 (2001)

    Google Scholar 

  19. Kamara, S., Davis, D., Ballard, L., Caudy, R., Monrose, F.: An Extensible Platform for Evaluating Security Protocols. In: Proceedings of the 38th Annual Simulation Symposium (ANSS 2005) (2005)

    Google Scholar 

  20. Cisco PIX 500 Series Security Appliances, http://www.cisco.com/warp/public/cc/pd/fw/sqfw500/prodlit/pix22_ds.pdf

  21. Internet Security System: Distributed Denial of Service Attack Tools, http://documents.iss.net/whitepapers/ddos.pdf

  22. Yaar, A., Perrig, A., Song, D.: Pi: A Path Identification Mechanism to Defend against DDoS Attacks. In: Proceedings of the IEEE Security and Privacy Symposium, IEEE Computer Society Press, Los Alamitos

    Google Scholar 

  23. Gil, M., Poleto, M.: MULTOPS: a data-structure for bandwidth attack detection. In: Proceedings of 10th Usenix Security Symposium, Washington, DC, August 13-17, 2001, pp. 23–38 (2001)

    Google Scholar 

  24. Mirkovic, J., Prier, G., Reihe, P.L.: Source-End DDoS Defense*. In: Proceedings of 2nd IEEE International Symposium on Network Computing and Applications (April 2003)

    Google Scholar 

  25. Ferguson, P., Senie, D.: Network Ingress Filtering: Defeating Denial of Service Attacks which Employ IP Source Address Spoofing. RFC 2827 (May 2000)

    Google Scholar 

  26. Bradley, K.A., Cheung, S., Puketza, N., Mukherjee, B., Olsson, R.A.: Detecting Disorderly routers: a distributed network monitoring approach. In: Proceedings of the 1998 IEEE Symposium on Security and Privacy, Oakland, CA, pp. 115–124. IEEE Press, New York (1998)

    Google Scholar 

  27. Floyd, S., Bellovin, S., Ioannidis, J., Kompella, K., Mahajan, R., Paxson, V.: Pushback messages for controlling aggregates in the network. Internet Draft, Work in progress (2001)

    Google Scholar 

  28. Yau, D.K., Lui, J.C.S., Liang, F.: Defending against Distributed Denial of Service attacks with max-min fair server-centric router throttles. In: Proceedings of the Tenth IEEE International Workshop on Quality of Service (IWQoS), Miami Beach, FL, pp. 35–44 (2002)

    Google Scholar 

  29. Garg, A., Reddy, A.L.N.: Mitigating Denial of service Attacks using QoS regulation. In: Proceedings of the Tenth IEEE International Workshop on Quality of Service, pp. 45–53 (2002)

    Google Scholar 

  30. Mirkovic, J., Martin, J., Reiher, P.: A taxonomy of DDoS attacks and DDoS defense mechanisms, UCLA CSD Technical Report no. 020018

    Google Scholar 

  31. Specht, S.M., Lee, R.B.: Distributed Denial of Service: Taxonomies of Attacks, Tools and Countermeasures. In: Proc. PDCS, San Francisco, CA (2004)

    Google Scholar 

  32. Chen, L.C., Longstaff, T.A., Carley, K.M.: A Taxonomy of DDoS Attack and DDoS Defense Mechanisms. Computers and Security (2004)

    Google Scholar 

  33. Zaroo, P.: A survey of DDoS attacks and some DDoS defense mechanisms, Advanced Information Assurance (CS 626)

    Google Scholar 

  34. Douligeris, C., Mitrokotsa, A.: DDoS attacks and defense mechanisms: classification and state-of-the-art: Proceeding of Computer Networks. The International Journal of Computer and Telecommunications Networking

    Google Scholar 

  35. Xiang, Y., Zhou, W., Chowdhury, M.: A Survey of Active and Passive Defense Mechanisms against DDoS Attacks

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Digital Vaccine and Internet Immune System Laboratory, Graduate School of Information and Communication, Ajou University, Korea

    Usman Tariq, ManPyo Hong & Kyung-suk Lhee

Authors
  1. Usman Tariq
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. ManPyo Hong
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Kyung-suk Lhee
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. School of Information Technology and Electronic Engineering, The University of Queensland, Queensland, Australia

    Xue Li

  2. University of Alberta, Canada

    Osmar R. Zaïane

  3. Northwest Polytechnical University, China

    Zhanhuai Li

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Tariq, U., Hong, M., Lhee, Ks. (2006). A Comprehensive Categorization of DDoS Attack and DDoS Defense Techniques. In: Li, X., Zaïane, O.R., Li, Z. (eds) Advanced Data Mining and Applications. ADMA 2006. Lecture Notes in Computer Science(), vol 4093. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11811305_112

Download citation

  • DOI: https://doi.org/10.1007/11811305_112

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-37025-3

  • Online ISBN: 978-3-540-37026-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation