Distributed denial of service attacks
read more
Citations
A taxonomy of DDoS attack and DDoS defense mechanisms
A Survey of Defense Mechanisms Against Distributed Denial of Service (DDoS) Flooding Attacks
Federated Learning in Mobile Edge Networks: A Comprehensive Survey
Survey of network-based defense mechanisms countering the DoS and DDoS problems
Federated Learning in Mobile Edge Networks: A Comprehensive Survey
References
Random early detection gateways for congestion avoidance
Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing
Link-sharing and resource management models for packet networks
Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection
Security problems in the TCP/IP protocol suite
Related Papers (5)
Frequently Asked Questions (10)
Q2. What was the algorithm for detecting denial of service attacks?
even under persistent denial of service attacks, Class Based Queuing algorithm could guarantee bandwidth for certain classes of input flows, while Random Early Detection was successful in providing limited bandwidth to legitimate users.
Q3. What is the effect of SYN Flood on the server?
Considering that the server only has a limited buffer queue for new connections, SYN Flood results in the server being unable to process other incoming connections as the queue gets overloaded [8].
Q4. What is the way to prevent a denial of service attack?
By monitoring traffic patterns, a network can determine when it is under attack, and can take the required steps to defend itself.
Q5. How many Mbps bandwidth was given to the legitimate user?
For the simulation scenario with topology C, the authors allocated 0.1 Mbps to the legitimate user, 0.5 Mbps bandwidth was given to attackers 1-6, and 1.0 Mbps was given to attackers 7-12.
Q6. Why is the attacker not directly involved in the attack?
Because of the use of attack daemons and control master programs, the real attacker is not directly involved during the attack, which makes it difficult to trace who spawned the attack.
Q7. How many target routers were overloaded during the attack?
simulations based on topology C resulted in several target routers being overloaded during the attack by the twelve attack daemons.
Q8. What are the common security measures that a host can perform to protect against a de?
These measures include:Filtering Routers: Filtering all packets entering and leaving the network protects the network from attacks conducted from neighboring networks, and prevents the network itself from being an unaware attacker [12].
Q9. What is the task of deploying attack daemons?
The attacker must study the target’s network topology and search for bottlenecks and vulnerabilities that can be exploited during the attack.
Q10. What is the way to protect users from distributed denial of service attacks?
In summary, their simulation results indicated that implementing queuing algorithms in network routers may provide the desired solution in protecting users in cases of distributed denial of service attacks.