Topic
DDoS mitigation
About: DDoS mitigation is a research topic. Over the lifetime, 237 publications have been published within this topic receiving 8082 citations.
Papers published on a yearly basis
Papers
More filters
••
TL;DR: A novel DDoS mitigation scheme for critical Internet sites, where the source addresses in the list are given higher priority when the CIS is under attack, and the experimental results show that the proposed scheme effectively mitigates DDoS attacks.
Abstract: As DDoS attackers pursue monetary profit, critical Internet sites (CISs) become a good target. These attacks will be more difficult to defend because the botnet size continuously increases, and the attackers spare no pains in preparing the attacks. Under this new paradigm, current anti-DDoS systems may be fooled; we need a new survival strategy. We propose a novel DDoS mitigation scheme for CISs. We observe that CISs can continue their main businesses if most important clients can access the services. This motivates us to build a whitelist, called a VIP list in this article, and the source addresses in the list are given higher priority when the CIS is under attack. The VIP list is built from the previous login logs of authentication processes at the application layer. The experimental results show that the proposed scheme effectively mitigates DDoS attacks.
24 citations
••
01 Mar 2017TL;DR: Based on the experimental results, it is shown that the SDN based collaborative scheme is capable of efficiently mitigating DDoS attacks in real time with very small computational footprints.
Abstract: In this paper we propose a collaborative distributed denial of service (DDoS) attack mitigation scheme using SDN. We design a secure controller-to-controller (C-to-C) protocol that allows SDN-controllers lying in different autonomous systems (AS) to securely communicate and transfer attack information with each other. This enables efficient notification along the path of an ongoing attack and effective filtering of traffic near the source of attack, thus saving valuable time and network resources. We developed and deployed a prototype of the proposed scheme in our lab to evaluate the performance and efficiency. Based on the experimental results we showed that our SDN based collaborative scheme is capable of efficiently mitigating DDoS attacks in real time with very small computational footprints.
23 citations
•
26 Aug 2013
TL;DR: In this paper, a collapse of a virtual data circuit associated with network data traffic is attributed to the DDoS event and redirecting the network traffic to one or more DDoS mitigation services.
Abstract: Provided are methods and systems for mitigating a DDoS event. The method may comprise receiving an indication of a collapse of a collapsible virtual data circuit associated with network data traffic. In response to the received indication of the collapse, the collapse may be attributed to the DDoS event. Furthermore, the method may comprise redirecting the network data traffic to one or more DDoS mitigation services. The method may further comprise mitigating the DDoS event by the one or more DDoS mitigation services.
23 citations
••
TL;DR: This work advances the state-of-the-art in RL-based DDoS mitigation by introducing two agent classes designed to act on a per-flow basis, in a protocol-agnostic manner for any network topology, supported by an in-depth investigation of feature suitability and empirical evaluation.
Abstract: DDoS attacks plague the availability of online services today, yet like many cybersecurity problems are evolving and non-stationary. Normal and attack patterns shift as new protocols and applications are introduced, further compounded by burstiness and seasonal variation. Accordingly, it is difficult to apply machine learning-based techniques and defences in practice. Reinforcement learning (RL) may overcome this detection problem for DDoS attacks by managing and monitoring consequences ; an agent’s role is to learn to optimise performance criteria (which are always available) in an online manner. We advance the state-of-the-art in RL-based DDoS mitigation by introducing two agent classes designed to act on a per-flow basis, in a protocol-agnostic manner for any network topology. This is supported by an in-depth investigation of feature suitability and empirical evaluation. Our results show the existence of flow features with high predictive power for different traffic classes, when used as a basis for feedback-loop-like control. We show that the new RL agent models can offer a significant increase in goodput of legitimate TCP traffic for many choices of host density.
23 citations
••
TL;DR: An innovative overlay-based DDoS mitigation architecture by introducing a credit-based accounting mechanism, named OverCourt, where a well-behaving client may dynamically migrate to a protected channel when her credit points exceed a threshold while an ill-behaved client will be blocked after herCredit points have been exhausted.
22 citations