A review of amplification-based distributed denial of service attacks and their mitigation

Ismail, Salih; Hassen, Hani Ragab; Just, Mike; Zantout, Hind

doi:10.1016/j.cose.2021.102380

Cited by 19 publications

(3 citation statements)

References 19 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Protocol attacks involve sending a flood of traffic with false data to the server, causing data overflow, server crashes, and rendering the resources of the server unavailable. For instance, Border Gateway Protocol (BGP) and ping of death [ 108 ].…”

Section: Issues and Challengesmentioning

confidence: 99%

High-Speed Network DDoS Attack Detection: A Survey

Haseeb-ur-rehman,

Aman,

Hasan

et al. 2023

Sensors

View full text Add to dashboard Cite

Having a large number of device connections provides attackers with multiple ways to attack a network. This situation can lead to distributed denial-of-service (DDoS) attacks, which can cause fiscal harm and corrupt data. Thus, irregularity detection in traffic data is crucial in detecting malicious behavior in a network, which is essential for network security and the integrity of modern Cyber–Physical Systems (CPS). Nevertheless, studies have shown that current techniques are ineffective at detecting DDoS attacks on networks, especially in the case of high-speed networks (HSN), as detecting attacks on the latter is very complex due to their fast packet processing. This review aims to study and compare different approaches to detecting DDoS attacks, using machine learning (ML) techniques such as k-means, K-Nearest Neighbors (KNN), and Naive Bayes (NB) used in intrusion detection systems (IDSs) and flow-based IDSs, and expresses data paths for packet filtering for HSN performance. This review highlights the high-speed network accuracy evaluation factors, provides a detailed DDoS attack taxonomy, and classifies detection techniques. Moreover, the existing literature is inspected through a qualitative analysis, with respect to the factors extracted from the presented taxonomy of irregular traffic pattern detection. Different research directions are suggested to support researchers in identifying and designing the optimal solution by highlighting the issues and challenges of DDoS attacks on high-speed networks.

show abstract

Section: Issues and Challengesmentioning

confidence: 99%

High-Speed Network DDoS Attack Detection: A Survey

Haseeb-ur-rehman,

Aman,

Hasan

et al. 2023

Sensors

View full text Add to dashboard Cite

show abstract

“…3 The distributed Reflection Denial of Service set up indirect attacks. [4][5][6][7] Attackers involve the intermediate persons to the affected victims instantly.…”

Section: Introductionmentioning

confidence: 99%

“…The weak direct attack occurs mainly in the Network Layer, Transport Layer, and Application Layer 3 . The distributed Reflection Denial of Service set up indirect attacks 4–7 . Attackers involve the intermediate persons to the affected victims instantly.…”

Section: Introductionmentioning

confidence: 99%

A novel sensitive DDoS attacks against statistical test in network traffic fusion

Kulandaivel,

Kumar,

Sathiyamoorthi

et al. 2023

Trans Emerging Tel Tech

View full text Add to dashboard Cite

Distributed denial of service (DDoS) attacks are common attacks that limit casual users from cracking critical network resources. A method to find the DDoS attack comes to light as an essential and hot research issue. Therefore, the increment in network usage scale demands more challenges to see the DDoS attack. Non‐real‐time collection of network traffic will make sincere complications inaccuracy; DDoS attack detection, and efficiency. Lately, sketch data structures play an excellent role in high‐speed networks to suppress and combine network traffic issues. However, the sketch data structure has issues rebuilding the reverse keys that behave abnormally due to the reversible hash function. To rectify the above difficulties, we include the Chinese Remainder Theorem‐based Reverse Sketching (CRTRS). However, Reverse Sketching is not good at suppressing and combining heavy network traffic, but it can easily detect abnormal keys. According to the network traffic records setup by CRTRS, we add the Modified Cumulative Sum Quality Control Scheme (MCSQCS) that encourages DDoS attack detection. The enforcement of the proposed work with DDoS attack detection has two kind of different data sets. The result of the experiments shows that it gives more accuracy and efficiency in detecting DDoS attacks. Therefore, comparing other DDoS detecting methods with the sketch data structure has fewer computational complications. Improving the anomalous keys is the most critical challenge in this proposed work. To illustrate the accuracy rate, we experiment with a new technique called CIC‐Friday Heavy network traffic fragment. We also explain the experimental results of the MAWI heavy network fragment with the various parameter setups. To compare our proposed method with other similar existing methods, we use a sketch data structure to manage the network traffic data. It also uses the MSPCA method to detect the DDoS attack. The information‐based analysis helps to see the DDoS attack. The result analysis of True Positive Value (TPV) and False Positive Value (FPV) with MSPCA techniques has 79% and .1% accuracy. Similarly, information‐based detection has an accuracy of about 90% and 5%. Hence, the proposed method gives more accuracy for the detection of DDoS attacks.

show abstract

Fast-Flux Service Networks: Architecture, Characteristics, and Detection Mechanisms

Al-Duwairi,

Shatnawi

2023

Security Informatics and Law Enforcement

View full text Add to dashboard Cite

A review of amplification-based distributed denial of service attacks and their mitigation

Cited by 19 publications

References 19 publications

High-Speed Network DDoS Attack Detection: A Survey

High-Speed Network DDoS Attack Detection: A Survey

A novel sensitive DDoS attacks against statistical test in network traffic fusion

Fast-Flux Service Networks: Architecture, Characteristics, and Detection Mechanisms

Contact Info

Product

Resources

About