Skip to main content
SpringerLink
Log in

Techniques for Detecting and Preventing Denial of Service Attacks (a Systematic Review Approach)

  • Conference paper
  • First Online:
Book cover Information Technology - New Generations

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 558))

Abstract

This paper analyzes denial of service (DoS) attacks and countermeasures based on a systematic review analysis conducted of papers between 2000 and 2016. The paper is based on three searches. The first was conducted using suitable keywords, the second using references used by selected papers, and, the third considered the most cited English-language articles. We discuss 802.11 along with one of the well-known DoS attacks at physical-level access points. Experts suggest using 802.11w, a “cryptographic client puzzle,” and “delaying the effect of request” to provide better protection in this layer. The paper discusses four main network defense systems against network-based attacks—source-end, core-end, victim-end, and distributed techniques—with a focus on two innovative methods, the D-WARD and gossip models. This study also discusses chi-squares and intrusion detection systems (IDSs), two effective models to detect DoS and DDoS attacks.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 219.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Goodrich, M., & Tamassia, R. (2010). Introduction to computer security. Boston: Addison-Wesley Publishing Company.

    Google Scholar 

  2. Ioannidis, J., & Bellovin, S. M. (2002). Implementing pushback: Router-based defense against DDoS attacks. In Proceedings of Network and Distributed System Security Symposium. Retrieved April 7, 2017 from http://www.internetsociety.org/doc/implementing-pushback-router-based-defense-against-ddos-attacks

  3. Elsevier. SCOPUS Database, www.scopus.com

  4. Mell, P., Marks, D., & McLarnon, M. (2000). A denial-of-service resistant intrusion detection architecture. Computer Networks, 34, 641–658.

    Article  Google Scholar 

  5. Mamun, M. S. I., & Kabir, A. S. (2010). Hierarchical design based intrusion detection system for wireless ad hoc sensor network. International Journal of Network Security & Its Applications (IJNSA), 2, 102–117.

    Article  Google Scholar 

  6. Beitollahi, H., & Deconinck, G. (2012). Analyzing well-known countermeasures against distributed denial of service attacks. Computer Communications, 35, 1312–1332.

    Article  Google Scholar 

  7. Mirkovic, J., & Reiher, P. (2005). D-WARD: A source-end defense against flooding denial-of-service attacks. IEEE Tansactions on Dependable and Secure Computing, 2, 216–232.

    Article  Google Scholar 

  8. Zhang, G., & Parashar, M. (2006). Cooperative defence against ddos attacks. Journal of Research and Practice in Information Technology, 38, 69–84.

    Google Scholar 

  9. Oikonomou, G. C., Mirkovic, J., Reiher P. L., & Robinson, M. (2006). A framework for a collaborative DDoS defense. In ACSAC (pp. 33–42).

    Google Scholar 

  10. Anderson, T., Roscoe, T., & Wetherall, D. (2004). Preventing Internet denial-of-service with capabilities. ACM SIGCOMM Computer Communication Review, 34, 39–44.

    Article  Google Scholar 

  11. Toledo, A. L., & Wang, X. (2008). Robust detection of MAC layer denial-of-service attacks in CSMA/CA wireless networks. IEEE Transactions on Information Forensics and Security, 3, 347–358.

    Article  Google Scholar 

  12. Feinstein, L., Schnackenberg, D., Balupari, R., & Kindred, D. (2003). Statistical approaches to DDoS attack detection and response. In DARPA Information Survivability Conference and Exposition, 2003 Proceedings (pp. 303–314). IEEE. Retrieved April 7, 2017 from http://ieeexplore.ieee.org/abstract/document/1194894/?part=1

  13. Bicakci, K., & Tavli, B. (2009). Denial-of-Service attacks and countermeasures in IEEE 802.11 wireless networks. Computer Standards & Interfaces, 31, 931–941.

    Article  Google Scholar 

  14. IEEE working group. (2010). IEEE standard for information technology–Telecommunications and information exchange between systems–Local and metropolitan area networks–Specific requirements–Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) specifications Amendment 6: Wireless Access in Vehicular Environments. IEEE standards, 802, 11p.

    Google Scholar 

  15. Bellardo. J, & Savage, S. (2003, August). Denial of service attacks: Real vulnerabilities and practical solutions. In Proceedings of the 12TH USENIX Security Symposium (pp. 4–8). Washington, DC.

    Google Scholar 

  16. Bernaschi, M., Ferreri, F., & Valcamonici, L. (2008). Access points vulnerabilities to DoS attacks in 802.11 networks. Wireless Networks, 14, 159–169.

    Article  Google Scholar 

  17. Linda, O., Vollmer, T., & Manic, M. (2009). Neural network based intrusion detection system for critical infrastructures. In 2009 international joint conference on neural networks (pp. 1827–1834). IEEE. Retrieved April 7, 2017 from http://ieeexplore.ieee.org/abstract/document/5178592/

Download references

Acknowledgements

This research received no specific grant from any funding agency in the public, commercial, or not-for-profit sectors. The authors would like to thank Professor Ping Wang for his valuable comments.

Conflict of Interest

None declared.

Author information

Authors and Affiliations

  1. Department of Health Services Management, University of Maryland University College (UMUC), Adelphi, MD, 20783, USA

    Hossein Zare MS, PhD

  2. Johns Hopkins School of Nursing, Baltimore, MD, USA

    Mojgan Azadi RNC, Informatics MSN, PhD

  3. Department of Computer Science and Electrical Engineering, University of Maryland Baltimore County, Catonsville, MD, 21250, USA

    Peter Olsen MSOR, Ae.E

Authors
  1. Hossein Zare MS, PhD
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mojgan Azadi RNC, Informatics MSN, PhD
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Peter Olsen MSOR, Ae.E
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Hossein Zare MS, PhD .

Editor information

Editors and Affiliations

  1. Department of Electrical and Computer Engineering, University of Nevada, Las Vegas, Nevada, USA

    Shahram Latifi

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer International Publishing AG

About this paper

Cite this paper

Zare, H., Azadi, M., Olsen, P. (2018). Techniques for Detecting and Preventing Denial of Service Attacks (a Systematic Review Approach). In: Latifi, S. (eds) Information Technology - New Generations. Advances in Intelligent Systems and Computing, vol 558. Springer, Cham. https://doi.org/10.1007/978-3-319-54978-1_21

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-54978-1_21

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-54977-4

  • Online ISBN: 978-3-319-54978-1

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation