DDoS mitigation

About: DDoS mitigation is a research topic. Over the lifetime, 237 publications have been published within this topic receiving 8082 citations.

Defense approach against application level DDoS attacks based on authentication mechanism

Abstract: The principle and characteristics of application level distributed denial of service attacks are analyzed and a light-weighted authentication mechanism is proposed.An authentication code is embedded in the process of communication between the client and the server.Through client computing,legitimate requests can be correctly distinguished and malicious attacks are filtered.The authentication mechanism is operated between different layers in the network stack.Server-side filtering in the IP layer and client-side computing in the application layer enable low resource consuming and communication transparency to the both sides.The defense approach is implemented on the DDoS mitigation gateway platform.Tests in a realistic environment demonstrate that the approach can defend against attacks effectively and incurs low performance overhead.

Unfair rate limiting on traffic aggregates for DDoS attacks mitigation

Abstract: Distributed Denial of Service (DDoS) attacks pose a threat to network applications. Many countermeasures have been proposed to tackle such attacks. This paper focuses on DDoS mitigation techniques, the practical way to filter attack traffic and keep victims alive. To rate limit attack traffic with as little normal traffic affected as possible, not just the amount of increased volume, but also how increased traffic is propagated in the network, denoted by traffic increasing patterns, is considered. In this paper, we propose unfair rate limiting (URL), in which traffic aggregates are given different priority by extracting increasing patterns and analyzing their relationship with DDoS attacks. Aggregates more likely to include attacks traffic are punished harder during mitigation. Basic and fine-grained unfair rate limiting mechanisms (BURL and FURL) are presented upon port-flows and bitwise-flows, respectively. Simulation results show that both two mechanisms can effectively mitigate DDoS attacks. But FURL outperforms BURL in filtering attack traffic without dropping normal packets.

DDoS Mitigation: A review of Content Delivery Network and its DDoS Defence techniques

Abstract: Distributed Denial-of-Service (DDoS) attacks continue to pose major threats overwhelming entire networks. They slacken the availability of Internet service by sending huge malicious requests and spreading volumetrically. This survey recognizes fundamental theories across various disciplines to advance and improve the research of DDoS mitigation. These studies focus on DDoS mitigations with Content Delivery Network (CDN) from two views: (1) CDN’s layout model and (2) its DDoS defense classifications. Content Delivery Network (CDN) refers to the Internet and delivers contents to the end-users. CDN is used for the basis of reverse proxying, web serving, and load balancing, etc. This literature finds that CDN serves clients from a scalable set of proxies that automatically deploys multiple websites. It protects the websites against DDoS and categorizes each view with various suitable defense methods. By reviewing DDoS mitigation characteristics among the DDoS attacks, this study features some possible methods to mitigate DDoS attacks with Content Delivery Network (CDN).

MIND: Message Classification Based Controller Scheduling Method for Resisting DDoS Attack in Software-Defined Networking

Abstract: Distributed Denial of Service (DDoS) is quite a serious security issue existing in Software-Defined Networking (SDN) In order to mitigate DDoS attack, we present MIND, a message classification based controller scheduling method, where how to store and process messages is designed based on analyzing and classifying the OpenFlow messages received by SDN controller The experiment results validate that the proposed controller scheduling method can significantly improve the availability of SDN controller under DDoS attack