Abstract
In this chapter, we firstly review the short history of denial of service (DoS) and distributed denial of service (DDoS) attacks. We further explore the reasons why the current cyberspace is a heaven for cyber criminals, such as DDoS attackers. We present the challenges of the DDoS related research fields from various aspects, and discuss the possible research methods and strategies to serve the challenges.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
V. D. Gligor, “A note on denial-of-service in operating systems,” IEEE Transactions on Software Engineering, vol. 10, no. 3, pp. 320–324, 1984.
T. Peng, C. Leckie, and K. Ramamohanarao, “Survey of network-based defense mechanisms countering the dos and ddos problems,” ACM Computing Survey, vol. 39, no. 1, 2007.
V. L. L. Thing, M. Sloman, and N. Dulay, “A survey of bots used for distributed denial of service attacks,” in Proceedings of the SEC, 2007, pp. 229–240.
K. Tsui, “Tutorial - virus (malicious agent),” University of Calgary, Tech. Rep. SENG 609.22, 2001.
B. Stone-Gross, M. Cova, L. Cavallaro, B. Gilbert, M. Szydlowski, R. Kemmerer, C. Kruegel, and G. Vigna, “Your botnet is my botnet: Analysis of a botnet takeover,” in Proceedings of the ACM conference on computer communication security, 2009, pp. 635–647.
C. Y. Cho, J. Caballero, C. Grier, V. Paxson, and D. Song, “Insights from the inside: A view of botnet management from infiltration,” in Proceedings of USENIX LEET, 2010.
M. H. Sqalli, F. Al-Haidari, and K. Salah, “Edos-shield - a two-steps mitigation technique against edos attacks in cloud computing,” in Proceedings of the UCC, 2011, pp. 49–56.
J. Idziorek, M. Tannian, and D. Jacobson, “The insecurity of cloud utility models,” IT Professional, vol. 15, no. 2, pp. 22–27, 2013.
R. Lua and K. C. Yow, “Mitigating ddos attacks with transparent and intelligent fast-flux swarm network,” IEEE Network, no. July/August, pp. 28–33, 2011.
P. Erdos and A. Renyi, “On random graphs. i,” Publicationes Mathematicae, vol. 6, pp. 290–297, 1959.
D. J. Watts and S. H. Strogatz, “Collective dynamics of ‘small-world’ networks,” Nature, vol. 393, no. 6668, pp. 440–442, 1998.
A. L. Barabasi and R. Albert, “Emergence of scaling in random networks,” Science, vol. 286, no. 5439, pp. 509–512, 1999.
R. Albert and A.-L. Barabasi, “Statistical mechanics of complex networks,” Reviews of Modern Physics, vol. 74, pp. 47–97, 2002.
L. Breslau, P. Cao, L. Fan, G. Phillips, and S. Shenker, “Web caching and zipf-like distributions: Evidence and implications,” in Proceedings of the INFOCOM, 1999, pp. 126–134.
M. E. Crovella and A. Bestavros, “Self-similarity in world wide web traffic: evidence and possible causes,” IEEE/ACM Transactions on Networking, vol. 5, no. 6, pp. 835–846, 1997.
M. Bailey, E. Cooke, F. Jahanian, Y. Xu, and M. Karir, “A survey of botnet technology and defenses,” in Proceedings of the cybersecurity applications and technology conference for Homeland security, 2009.
M. A. Rajab, J. Zarfoss, F. Monrose, and A. Terzis, “My botnet is bigger than yours (maybe, better than yours): why size estimates remain challenging,” in Proceedings of the first conference on First Workshop on Hot Topics in Understanding Botnets. USENIX Association, 2007.
N. Ianelli and A. Hackworth, “Botnets as vehicle for online crime,” in Proceedings of the 18th Annual FIRST Conference, 2006.
R. Perdisci, I. Corona, D. Dagon, and W. Lee, “Detecting malicious flux service networks through passive analysis of recursive dns traces,” in Proceedings of the Computer Security Applications Conference, 2009, pp. 311–320.
N. Jiang, J. Cao, Y. Jin, L. Li, and Z.-L. Zhang, “Identifying suspicious activities through dns failure graph analysis,” in Proceedings of Network Protocols (ICNP), oct. 2010, pp. 144–153.
D. K. McGrath and M. Gupta, “Behind phishing: An examination of phisher modi operandi,” in Proceedings of the LEET, 2008.
J. Ma, L. K. Saul, S. Savage, and G. M. Voelker, “Beyond blacklists: learning to detect malicious web sites from suspicious urls,” in Proceedings of the ACM SIGKDD. ACM, 2009, pp. 1245–1254.
Y. Xie, F. Yu, K. Achan, R. Panigrahy, G. Hulten, and I. Osipkov, “Spamming botnets: signatures and characteristics,” in Proceedings of the SIGCOMM, 2008, pp. 171–182.
G. Gu, P. Porras, V. Yegneswaran, M. Fong, and W. Lee, “BotHunter: Detecting malware infection through ids-driven dialog correlation,” in Proceedings of the 16th USENIX Security Symposium, August 2007.
G. Gu, R. Perdisci, J. Zhang, and W. Lee, “BotMiner: Clustering analysis of network traffic for protocol- and structure-independent botnet detection,” in Proceedings of the 17th USENIX Security Symposium, 2008.
D. Moore, C. Shannon, D. J. Brown, G. M. Voelker, and S. Savage, “Inferring internet denial-of-service activity,” ACM Transactions on Computer Systems, vol. 24, no. 2, pp. 115–139, 2006.
W. Yu, X. Wang, X. Fu, D. Xuan, and W. Zhao, “An invisible localization attack to internet threat monitors,” IEEE Transactions on Parallel and Distributed Systems, vol. 20, no. 11, pp. 1611–1625, 2009.
L. Huang, X. Nguyen, M. N. Garofalakis, J. M. Hellerstein, M. I. Jordan, A. D. Joseph, and N. Taft, “Communication-efficient online detection of network-wide anomalies,” in Proceedings of the INFOCOM, 2007, pp. 134–142.
Y. Tsaig and D. L. Donoho, “Compressed sensing,” IEEE Transactions on Information Theory, vol. 52, pp. 1289–1306, 2006.
S. Yu, W. Zhou, and R. Doss, “Information theory based detection against network behavior mimicking ddos attack,” IEEE Communications Letters, vol. 12, no. 4, pp. 319–321, 2008.
S. Yu, W. Zhou, W. Jia, S. Guo, Y. Xiang, and F. Tang, “Discriminating ddos attacks from flash crowds using flow correlation coefficient,” IEEE Transactions on Parallel Distributed Systems, vol. 23, no. 6, pp. 1073–1080, 2012.
R. Duda, P. Hart, and D. Stork, Unsupervised learning and clustering. Wiley, 2001.
P. Van Mieghem, Graph Spectra for Complex Networks. Cambridge press, 2011.
H. Yu, M. Kaminsky, P. B. Gibbons, and A. D. Flaxman, “Sybilguard: defending against sybil attacks via social networks,” IEEE/ACM Transactions on Networking, vol. 16, no. 3, pp. 576–589, 2008.
H. Yu, C. Shi, M. Kaminsky, P. B. Gibbons, and F. Xiao, “Dsybil: Optimal sybil-resistance for recommendation systems,” in IEEE Symposium on Security and Privacy, 2009, pp. 283–298.
Z. Yang, C. Wilson, X. Wang, B. Y. Zhao, and Y. Dai, “Uncovering social nework sybils in the wild,” in Internet Measurement Conference, 2011.
K. Claffy, T. Monk, and D. McRobb, “Internet tomography,” Nature, Jan 1999.
M. Coates, A. Hero, R. Nowak, and B. Yu, “Internet tomography,” IEEE Signal Processing Magazine, vol. 19, pp. 47–65, 2002.
D. Dagon, C. Zou, and W. Lee, “Modeling botnet propagation using time zones,” in Proceedings of the 13th Network and Distributed System Security Symposium NDSS, 2006.
P. De, Y. Liu, and S. K. Das, “An epidemic theoretic framework for vulnerability analysis of broadcast protocols in wireless sensor networks,” IEEE Transactions on Mobile Computing, vol. 8, no. 3, pp. 413–425, 2009.
C. C. Zou, W. Gong, D. F. Towsley, and L. Gao, “The monitoring and early detection of internet worms,” IEEE/ACM Transactions on Networking, vol. 13, no. 5, pp. 961–974, 2005.
Z. Chen and C. Ji, “An information-theoretic view of network-aware malware attacks,” IEEE Transactions on Information Forensics and Security, vol. 4, no. 3, pp. 530–541, 2009.
P. V. Mieghem, J. Omic, and R. E. Kooij, “Virus spread in networks,” IEEE/ACM Transactions on Networking, vol. 17, no. 1, pp. 1–14, 2009.
W. Yu and K. J. R. Liu, “Secure cooperation in autonomous mobile ad-hoc networks under noise and imperfect monitoring: A game-theoretic approach,” IEEE Transactions on Information Forensics and Security, vol. 3, no. 2, pp. 317–330, 2008.
C. C. Yang, “Information sharing and privacy protection of terrorist or criminal social networks,” IEEE International Conference on Intelligence and Security Informatics, pp. 40–45, 2008.
A. Belenky and N. Ansari, “Ip traceback with deterministic packet marking,” IEEE Communications Letters, vol. 7, pp. 162–164, 2003.
D. Dean, M. Franklin, and A. Stubblefield, “An algebraic approach to ip traceback,” in ACM Transactions on Information and System Security, 2001, pp. 3–12.
Y. Xiang, W. Zhou, and M. Guo, “Flexible deterministic packet marking: An ip traceback system to find the real source of attacks,” IEEE Transactions on Parallel and Distributed Systems, vol. 20, no. 4, pp. 567–580, 2009.
B. Al-Duwairi and G. Manimaran, “Novel hybrid schemes employing packet marking and logging for ip traceback,” IEEE Transactions on Parallel and Distributed Systems, vol. 17, no. 5, pp. 403–418, 2006.
M. T. Goodrich, “Probabilistic packet marking for large-scale ip traceback,” IEEE/ACM Transactions on Networking, vol. 16, no. 1, pp. 15–24, 2008.
S. Yu, W. Zhou, R. Doss, and W. Jia, “Traceback of ddos attacks using entropy variations,” IEEE Transactions on Parallel and Distributed Systems, vol. 22, no. 3, pp. 412–425, 2011.
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2014 The Author(s)
About this chapter
Cite this chapter
Yu, S. (2014). An Overview of DDoS Attacks. In: Distributed Denial of Service Attack and Defense. SpringerBriefs in Computer Science. Springer, New York, NY. https://doi.org/10.1007/978-1-4614-9491-1_1
Download citation
DOI: https://doi.org/10.1007/978-1-4614-9491-1_1
Published:
Publisher Name: Springer, New York, NY
Print ISBN: 978-1-4614-9490-4
Online ISBN: 978-1-4614-9491-1
eBook Packages: Computer ScienceComputer Science (R0)