Detection and Mitigation of Low-Rate Denial-of-Service Attacks: A Survey
TLDR
This survey summarizes and complements previous studies and surveys related to this specific type of attack and proposes a taxonomy of the LDoS attacks, which were divided into three broad categories based on their modus operandi: QoS attacks, Slow rate attacks, and Service queue attacks.Abstract:
The potential for being the target of Denial of Service (DoS) attacks is one of the most severe security threats on the Internet. Attackers have been modifying their attack format over the years, damaging specific conditions of operating systems and protocols in an attempt to deny or diminish the quality of the service provided to legitimate users. Nowadays, attacks are stealthier and mimic legitimate user traffic in such a way that detection mechanisms against High-rate DoS attacks are no longer sufficient. This evolving type of attack, known as LDoS (Low-rate Denial of Service) attacks, has the potential to produce more damage than its predecessor due to its stealth nature and the lack of suitable detection and defense methods. This survey summarizes and complements previous studies and surveys related to this specific type of attack. First, we propose a taxonomy of the LDoS attacks, which were divided into three broad categories based on their modus operandi: QoS attacks, Slow rate attacks, and Service queue attacks. Next, we detail numerous detection mechanisms and counter-measures available against eight types of LDoS attacks. More specifically, we describe the methods used to throttle the attack traffic. Finally, we provide a feature comparison table for some existing attack tools. This survey aims at providing an extensive review of the literature for helping researchers and network administrators find up-to-date knowledge on LDoS attacks.read more
Citations
More filters
Journal ArticleDOI
Distributed denial of service attack prediction: Challenges, open issues and opportunities
TL;DR: In this article , the authors present the classification of studies from the literature comprising the current state-of-the-art on DDoS attack prediction and highlights the results of this extensive literature review categorizing the works by prediction time, architecture, employed methodology, and the type of data utilized to predict attacks.
Proceedings ArticleDOI
Modeling an Enterprise Environment for Testing Openstack Cloud Platform against Low-Rate DDoS Attacks
R.F. Florea,Mitica Craus +1 more
TL;DR: In this paper , a unified detection framework for low-rate DDoS attacks in SDN is proposed. But, there is a lack of unified framework for the data plane, and control plane.
Proceedings ArticleDOI
Modeling an Enterprise Environment for Testing Openstack Cloud Platform against Low-Rate DDoS Attacks
TL;DR: In this article , a unified detection framework for low-rate DDoS attacks in SDN is proposed. But, there is a lack of unified framework for the data plane, and control plane.
Journal ArticleDOI
Cyber-Security Attacks, Prevention and Malware Detection Application
Darius Moldovan,Simona Riurean +1 more
TL;DR: In this paper , a short overview of current types and incidents of cyber-attacks, as well as the current state of threats, and the grade of awareness worldwide are presented, too.
References
More filters
Journal ArticleDOI
A taxonomy of DDoS attack and DDoS defense mechanisms
Jelena Mirkovic,Peter Reiher +1 more
TL;DR: This paper presents two taxonomies for classifying attacks and defenses in distributed denial-of-service (DDoS) and provides researchers with a better understanding of the problem and the current solution space.
Journal ArticleDOI
A Survey of Defense Mechanisms Against Distributed Denial of Service (DDoS) Flooding Attacks
TL;DR: The primary intention for this work is to stimulate the research community into developing creative, effective, efficient, and comprehensive prevention, detection, and response mechanisms that address the DDoS flooding problem before, during and after an actual attack.
Journal ArticleDOI
DDoS attacks and defense mechanisms: classification and state-of-the-art
TL;DR: The goal of the paper is to place some order into the existing attack and defense mechanisms, so that a better understanding of DDoS attacks can be achieved and subsequently more efficient and effective algorithms, techniques and procedures to combat these attacks may be developed.
Journal ArticleDOI
Defending against flooding-based distributed denial-of-service attacks: a tutorial
TL;DR: Various DDoS attack methods are described, and a longer-term solution that attempts to intercept attack packets in the Internet core, well before reaching the victim is discussed, dubbed the Internet-firewall approach.
Journal ArticleDOI
Botnets: A survey
TL;DR: A comprehensive review that broadly discusses the botnet problem, briefly summarizes the previously published studies and supplements these with a wide ranging discussion of recent works and solution proposals spanning the entire botnet research field is presented.