Vulnerability Analysis of Existing Distributed Denial of Service (DDoS) Defense Frameworks

Authors

  • Shaveta Gupta Assistant Professor, Department of Information Technology, PGGC, Sector 11, Chandigarh
  • Dinesh Grover Ex-Professor & Head, Department of CSE, PAU, Ludhiana
  • Abhinav Bhandari Assistant Professor, Department of Computer Science and Engineering, Punjabi University, Patiala

DOI:

https://doi.org/10.51983/ajcst-2018.7.3.1895

Keywords:

DDOS Attack, Flash Events, Vulnerability Analysis, Mitigation

Abstract

The world is quickly moving towards an era of digitization. Scope and volume of the network are becoming vast that makes these machines more prone to cyber-attack due to vulnerabilities of the network. There are various types of cyber-attacks but most common and equally impactful is DDOS attack. A foolproof defense mechanism is need of the hour. Analysis of various existing defense mechanism frameworks has been done and their shortcomings have been reported by us. This analysis will help to define a framework which can provide better accuracy, lesser detection time and reduced false negative and positive rates. It will further ensure better response and mitigation against the attack.

References

R. C. Baishya, "Ddos attack detection using unique source IP deviation," International Journal of Network Security, vol. 19, pp. 929–939, 2017.

N. Z. Bawany, "Ddos attack detection and mitigation using SDN: Methods, practices and solutions," Springer Arabian Journal of Science and Engineering, vol. 42, pp. 425–441, 2017.

S. Behl, "Characterization and comparison of DDoS attack tools and traffic generator – a review," International Journal of Network Security, vol. 19, pp. 383–393, 2017.

S. Behl, "Detection of DDoS attacks and flash events using novel information theory metrics," Elsevier Computer Networks, vol. 116, pp. 96–110, 2017.

S. Behl, "Discriminating flash events from DDoS attacks: A comprehensive review," International Journal of Network Security, vol. 19, pp. 734–741, 2017.

S. Behl, "D-FaC: A novel -divergence based distributed DDoS defense system," Journal of King Saud University – Computer and Information Sciences, 2018.

A. Bhandari, "Performance metrics for defense framework against distributed denial of service attacks," International Journal of Network Security, 2014.

A. Bhandari, "Destination address entropy based detection and traceback approach against distributed denial of service attacks," Computer Network and Information Security, vol. 8, no. 1, pp. 9–20, 2015.

A. Bhandari, "Characterizing flash events and distributed denial of service attacks: An empirical investigation," Security and Communication Networks, vol. 9, pp. 2222–2239, 2016.

C. Buragohain, "Flowtrapp: An SDN based architecture for DDoS attack detection and mitigation in data centers," IEEE 3rd International Conference on Signal Processing and Integrated Networks, 2016.

A. Compango, "Poseidon: Mitigating interest flooding DDoS attacks in named data networking," in 38th IEEE Conference on Local Computer Networks, 2013.

C. Douligeris, "DDoS attacks and defense mechanism: Classification and state of the art," Elsevier Computer Networks, vol. 44, pp. 643–666, 2004.

K. Giotis, "Combining OpenFlow and sFlow for effective and scalable anomaly detection and mitigation mechanism on SDN environments," Elsevier Computer Networks, vol. 62, pp. 122–136, 2014.

V. Gulisano, "A streaming DDoS defense framework," Expert Systems with Applications, vol. 42, no. 24, pp. 9620–9633, 2015.

B. B. Gupta, "Defending against distributed denial of service attacks: Issues and challenges," Information Security Journal, vol. 18, pp. 224–247, 2014.

M. Khari, "Comprehensive study of web application attacks and classification," 3rd International Conference on Computing for Sustainable Global Development, 2016.

A. Kharke, "Review on mitigation of distributed denial of service (DDoS) attacks in cloud computing," 10th International Conference on Intelligent System and Control, 2016.

A. R. Mahlous, "A defense framework against DDoS in a multipath network environment," Communication and Network, vol. 7, no. 2, pp. 106–116, 2015.

S. Y. Nam, "Defending HTTP web servers against DDoS attacks through busy period-based attack flow detection," KSII Transactions on Internet and Information Systems, vol. 8, no. 7, 2014.

A. Narayan, "A defense mechanism: DNS based DDoS attack," International Journal of Computer Trends and Technology, vol. 33, no. 1, 2016.

D. A. Patel, "Detection and mitigation of DDoS attack against web server," International Journal of Engineering Development and Research, vol. 2, 2014.

M. A. Saleh, "A novel protective framework for defeating HTTP-based denial of service (DoS) and distributed denial of service attacks," The Scientific World Journal, vol. 2015, no. 238230, 2014.

Y. Xiang, "Low-rate DDoS attacks detection and traceback by using new information metrics," IEEE Transactions on Information Forensics and Security, vol. 6, 2011.

G. Xiong, "Survey of network attacks based on protocol vulnerabilities," Springer International Publishing, pp. 246–257, 2014.

Downloads

Published

20-10-2018

How to Cite

Gupta, S., Grover, . D., & Bhandari, A. (2018). Vulnerability Analysis of Existing Distributed Denial of Service (DDoS) Defense Frameworks. Asian Journal of Computer Science and Technology, 7(3), 62–67. https://doi.org/10.51983/ajcst-2018.7.3.1895