Abstract
Distributed Denial-of-service (DDoS) attack is one of the most dangerous threats that could cause devastating effects on the Internet. DDoS mainly started in 1998 but the influence of it was realized by the people only when the big organizations and corporations were hit by DDoS attacks in July 1999. Since then several DDoS attack tools such as Trinoo, Shaft, Tribe flood network (TFN), Tribe flood network 2000 (TFN2K) and Stacheldraht are identified and analyzed. All these tools could launch DDoS attacks from thousands of compromised host and take down virtually any connection, any network on the Internet by just a few command keystrokes. This survey paper deals with the introduction of DDoS attacks, DDoS attack history and incidents, DDoS attack strategy, DDoS attack tools, and classification of various attack and defense mechanisms. Finally, direction for future research work has been pointed out.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Leiner, B.M., Cerf, V.G.: A Brief History of the Internet, http://www.isoc.org
Gupta, B.B., Joshi, R.C., Misra, M.: Defending against Distributed Denial of Service Attacks: Issues and Challenges. Information Security Journal: A Global Perspective 18(5), 224–247 (2009)
Gupta, B.B., Misra, M., Joshi, R.C.: An ISP level Solution to Combat DDoS attacks using Combined Statistical Based Approach. International Journal of Information Assurance and Security (JIAS) 3(2), 102–110 (2008)
Mills, E.: Radio Free Europe DDOS attack latest by activists (May 2008), http://news.cnet.com/8301-10784_3-9933746-7.html , CNET News
Vamosi, R.: Study: DDoS attacks threaten ISP infrastructure (November 2008), http://news.cnet.com/8301-1009_3-10093699-83.html CNET News
Mirkovic, J., Reiher, P.: A taxonomy of DDoS attack and DDoS defense mechanisms. ACM SIGCOMM Computer Communications Review 34(2), 39–53 (2004)
Prolexic Technologies, DDOS problem, http://www.prolexic.com/index.php/the-DDoS-problem/
Gupta, B.B., Joshi, R.C., Misra, M.: Distributed Denial of Service Prevention Techniques. International Journal of Computer and Electrical Engineering (IJCEE) 2(2), 268–276 (2010) ISSN: 1793-8198
The ISC Internet Domain Survey, https://www.isc.org/solutions/survey
Internet World Stats, Internet User Statistics–The Big Picture: World Internet Users and Population Stats, http://www.internetworldstats.com/stats.htm
CERT Coordination Center, Denial of service attacks (March 2007), http://www.cert.org/techtips/denialofservice.html
Garber, L.: Denial-of-service attacks rip the Internet. IEEE Computer 33(4), 12–17 (2000)
Moore, D., Voelker, G.M., Savage, S.: Inferring Internet denial-of-service activity. In: Proceedings of the 10th USENIX Security Symposium (August 2001)
Sachdeva, M., Singh, G., Kumar, K., Singh, K.: DDoS Incidents and their Impact: A Review. The International Arab Journal of Information Technology 7(1), 14–20 (2010)
Xiang, Y., Zhou, W., Chowdhury, M.: A Survey of Active and Passive Defense Mechanisms against DDoS Attacks. Technical Report, TR C04/02, School of Information Technology, Deakin University, Australia (2004)
Houle, K.J., Weaver, G.M.: Trends in Denial of Service Attack Technology, CERT (October 2001), http://www.cert.org/archive/pdf/DoS_trends.pdf
Douligeris, C., Mitrokotsa, A.: DDoS attacks and defense mechanisms: classification and state of the art. Elsevier Science Direct Computer Networks 44, 643–666 (2004)
Dittrich, D.: The DoS Project’s Trinoo Distributed Denial of Service attack tool, University of Washington (October 21, 1999), http://staff.washington.edu/dittrich/misc/trinoo.analysis.txt
Dittrich, D.: The Tribe Flood Network Distributed Denial of Service attack tool, University of Washington (October 21, 1999), http://staff.washington.edu/dittrich/misc/tfn.analysis.txt
Barlow, J., Thrower, W.: TFN2K- An Analysis,” Axent Security Team (February 10, 2000), http://security.royans.net/info/posts/bugtraq_ddos2.shtml
Dittrich, D.:The Stacheldraht Distributed Denial of Service attack tool, University of Washington (December 1999), http://staff.washington.edu/dittrich/misc/stacheldraht.analysis.txt
Dittrich, D., Weaver, G., Dietrich, S., Long, N.: The Mstream distributed denial of service attack too (May 2000), http://staff.washington.edu/dittrich/misc/mstream.analysis.txt
Bysin: Knight.c sourcecode, PacketStormSecurity.nl (July 11, 2001), http://packetstormsecurity.nl/distributed/knight.c
Hancock, B.: “Trinity v3, a DDoS tool,” hits the streets. Computers Security 19(7), 574 (2000)
Marchesseau, M.: Trinity-Distributed Denial of Service Attack Tool (September 11, 2000), http://www.giac.org/certified_professionals/practicals/gsec/0123.php
Gupta, B.B., Joshi, R.C., Misra, M.: Dynamic and Auto Responsive Solution for Distributed Denial-of-Service Attacks Detection in ISP Network. International Journal of Computer Theory and Engineering (IJCTE) 1(1), 71–80 (2009) ISSN: 1793-821X
Molsa, J.: Mitigating denial of service attacks: A tutorial. Journal of Computer Security 13, 807–837 (2005)
CERT, CERT Advisory CA-1996-21 TCP SYN Flooding and IP Spoofing Attacks (September 1996)
Azrina, R., Othman, R. (n.d.) Understanding the various types of denial of service attack, www.niser.org.my/resources/dos_attack.pdf
Park, K., Lee, H.: On the effectiveness of route-based packet filtering for distributed DoS attack prevention in power-law Internets. In: Proceedings of the ACM SIGCOMM 2001 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications, pp. 15–26. ACM Press, New York (2001)
Peng, T., Leckie, C., Ramamohanarao, K.: Protection from distributed denial of service attack using history-based IP filtering. In: Proceedings of IEEE International Conference on Communications (ICC 2003), Anchorage, AL, vol. 1, pp. 482–486 (2003)
McAfee (n.d.) Personal Firewall, http://www.mcafee.com/myapps/firewall/ov_firewall.asp
Roesch, M.: Snort-Lightweight Intrusion Detection for Networks. In: Proceedings of the USENIX Systems Administration Conference (LISA 1999), pp. 229–238 (November 1999)
Paxson, V.: Bro: A System for Detecting Network Intruders in Real-Time. International Journal of Computer and Telecommunication Networking 31(24), 2435–2463 (1999)
Stone, R.: CenterTrack: An IP Overlay Network for Tracking DoS Floods. In: 9th Usenix Security Symposium, pp. 199–212 (August 2000)
Burch, H., Cheswick, B.: Tracing Anonymous Packets to Their Approximate Source. In: Proceedings of the 14th Systems Administration Conference (LISA 2000), New Orleans, Louisiana, USA (December 2000)
Bellovin, S.M.: ICMP Traceback Messages, Internet Draft, Network Working Group (2000)
Mankin, A., Massey, D., Wu, C.-L., Felix Wu, S., Zhang, L.: On Design and Evaluation of Intention-Driven ICMP Traceback. In: Proceedings of Computer Communications and Networks (2001)
Wang, B., Schulzrinne, H.: A Denial-of-Service-Resistant IP Traceback Approach. In: 3rd New York Metro Area Networking Workshop, NYMAN 2003 (2003)
Kumar, K., Joshi, R.C., Singh, K.: An Integrated Approach for Defending against Distributed Denial-of- Service (DDoS) Attacks. In: Proceedings of IRISS-2006, IIT Madras (2006), www.cs.iitm.ernet.in/~iriss06/iitr_krishan.pdf
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Srivastava, A., Gupta, B.B., Tyagi, A., Sharma, A., Mishra, A. (2011). A Recent Survey on DDoS Attacks and Defense Mechanisms. In: Nagamalai, D., Renault, E., Dhanuskodi, M. (eds) Advances in Parallel Distributed Computing. PDCTA 2011. Communications in Computer and Information Science, vol 203. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-24037-9_57
Download citation
DOI: https://doi.org/10.1007/978-3-642-24037-9_57
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-24036-2
Online ISBN: 978-3-642-24037-9
eBook Packages: Computer ScienceComputer Science (R0)