Study and Performance Evaluation on Recent DDoS Trends of Attack & Defense

Full Text (PDF, 629KB), PP.54-65

Views: 0 Downloads: 0

Author(s)

Muhammad Aamir 1,* Muhammad Arif 2

1. SZABIST, Karachi, Pakistan

2. SSUET, Karachi, Pakistan

* Corresponding author.

DOI: https://doi.org/10.5815/ijitcs.2013.08.06

Received: 10 Sep. 2012 / Revised: 16 Jan. 2013 / Accepted: 23 Mar. 2013 / Published: 8 Jul. 2013

Index Terms

DDoS, Attack, Defense, Network

Abstract

Different types and techniques of DDoS attacks & defense are studied in this paper with some recent information on attacks dominated in year 2012 (1st Quarter). We further provide simulation based analysis of an FTP server’s performance in a typical enterprise network under distributed denial of service attack. Simulations in OPNET show noticeable variations in connection capacity, task processing and delay parameters of the attacked server as compared to the performance without attack. DDoS detection and mitigation mechanisms discussed in this paper mainly focus on some recently investigated techniques. Finally, conclusions are drawn on the basis of survey based study as well as simulation results.

Cite This Paper

Muhammad Aamir, Muhammad Arif, "Study and Performance Evaluation on Recent DDoS Trends of Attack & Defense", International Journal of Information Technology and Computer Science(IJITCS), vol.5, no.8, pp.54-65, 2013. DOI:10.5815/ijitcs.2013.08.06

Reference

[1]Mitrokotsa A, Douligeris C. Denial-of-Service Attacks. Network Security: Current Status and Future Directions (Chapter 8), Wiley Online Library, 2006:117-134.

[2]Zhang L, Yu S, Wu D, Watters P. A Survey on Latest Botnet Attack and Defense [C]. In: Proceedings of 10th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), IEEE, November 2011, 53-60.

[3]Beitollahi H, Deconinck G. Denial of Service Attacks: A Tutorial [R]. Electrical Engineering Department (ESAT), University of Leuven, Technical Report: 08-2011-0115, 2011.

[4]Raymond DR, Midkiff SF. Denial-of-Service in Wireless Sensor Networks: Attacks and Defenses [M]. IEEE Pervasive Computing, 2008, 7(1):74-81.

[5]Pelechrinis K, Iliofotou M, Krishnamurthy SV. Denial of Service Attacks in Wireless Networks: The Case of Jammers [J]. IEEE Communications Surveys & Tutorials, 2011, 13(2):245-257.

[6]Kaur G, Chaba Y, Jain VK. Distributed Denial of Service Attacks in Mobile Adhoc Networks [J]. World Academy of Science, Engineering and Technology, 2011, 73:725-727.

[7]Tupakula U, Varadharajan V, Vuppala SK. Countering DDoS Attacks in WLAN [C]. In: Proceedings of 4th International Conference on Security of Information and Networks (SIN ’11), ACM, November 2011, 119-126.

[8]Prolexic Technologies. Prolexic Attack Report Q1 2012. <http://www.prolexic.com>, April 2012.

[9]Agarwal PK, Gupta BB, Jain S, Pattanshetti MK. Estimating Strength of a DDoS Attack in Real Time Using ANN Based Scheme. Communications in Computer and Information Science, Springer, 2011, 157(part 6):301-310.

[10]Gupta BB, Joshi RC, Misra M, Jain A, Juyal S, Prabhakar R, Singh AK. Predicting Number of Zombies in a DDoS Attack Using ANN Based Scheme. Communications in Computer and Information Science, Springer, 2011, 147(part 1): 117-122.

[11]Li J, Liu Y, Gu L. DDoS Attack Detection Based On Neural Network [C]. In: Proceedings of 2nd International Symposium on Aware Computing (ISAC), IEEE, November 2010, 196-199.

[12]Chao-yang Z. DoS Attack Analysis and Study of New Measures to Prevent [C]. In: Proceedings of International Conference on Intelligence Science and Information Engineering (ISIE), IEEE, August 2011, 426-429.

[13]Yuan J, Mills K. Monitoring the Macroscopic Effect of DDoS Flooding Attacks [J]. IEEE Transactions on Dependable and Secure Computing, 2005, 2(4):324-335.

[14]Thatte G, Mitra U, Heidemann J. Parametric Methods for Anomaly Detection in Aggregate Traffic [J]. IEEE/ACM Transactions on Networking, 2011, 19(2):512-525.

[15]Li K, Zhou W, Li P, Hai J, Liu J. Distinguishing DDoS Attacks from Flash Crowds Using Probability Metrics [C]. In: Proceedings of 3rd Intl’ Conference on Network and System Security (NSS ‘09), IEEE, October 2009, 9-17.

[16]Xie Y, Yu SZ. Monitoring the Application-Layer DDoS Attacks for Popular Websites [J]. IEEE/ACM Transactions on Networking, 2009, 17(1):15-25.

[17]Ahn LV, Blum M, Langford J. Telling humans and computers apart automatically [J]. Communications of the ACM, 2004, 47(2):56-60.

[18]Tian H, Bi J, Jiang X. An adaptive probabilistic marking scheme for fast and secure traceback [J]. Networking Science, Springer (Online First), 2012, DOI: 10.1007/s13119-012-0007-x.

[19]Khanna S, Venkatesh SS, Fatemieh O, Khan F, Gunter CA. Adaptive Selective Verification: An Efficient Adaptive Countermeasure to Thwart DoS Attacks [J]. IEEE/ACM Transactions on Networking, 2012, 20(3):715-728. 

[20]Thapngam T, Yu S, Zhou W, Makki SK. Distributed Denial of Service (DDoS) detection by traffic pattern analysis [J]. Peer-to-Peer Networking and Applications, Springer (Online First), 2012, DOI: 10.1007/s12083-012-0173-3.

[21]Gilad Y, Herzberg A. LOT: A Defense Against IP Spoofing and Flooding Attacks [J]. ACM Transactions on Information and System Security, 2012, 15(2) (article 6).

[22]Aamir M, Zaidi M, Mansoor H. Performance Analysis of DiffServ based Quality of Service in a Multimedia Wired Network and VPN effect using OPNET [J]. International Journal of Computer Science Issues, 2012, 9(3):368-376.