Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Abstract
The major threat to availability of resources in
distributed networks is Distributed denial-of-service
(DDoS) .The variety and number of both attacks and
defense approaches are overwhelming. Overview of
the DDoS problem, Attack: Modus Operandi,
Classification of DDoS attacks, Defense mechanism
and Challenges are presented. For a better
understanding of the problem latest solution and
future scope is provided. Prevention, Detection,
Tracing, and Tolerance and Mitigation to tackle
DDoS problem are revisited and an integrated
comprehensive solution is proposed.
KeywordsDistributed Denial-of-service, Internet
Security, Attack Taxonomy, Integrated Approach.
1. Introduction
The traditional intent and impact of DDoS attacks is
to prevent or impair the legitimate use of computer or
network resources. Regardless of the diligence,
effort, and resources spent securing against intrusion,
Internet connected systems face a consistent and real
threat from DDoS attacks. Recently, these attacks
have been used to deny service to commercial web
sites that rely on a constant Internet presence for their
business. The attacks differ from traditional DDoS
attacks in the targeted nature and sheer number of
attacking hosts. Even hardened Internet companies
such as the SCO group and Microsoft are not immune
to attack, and historically high-profile e-tailors such
as eBay have had their services disrupted. A Denial
of Service (DoS) attack can be characterized as an
attack with the purpose of preventing legitimate users
from using a victim computing system or network
resource (Engineering, October 2001)[1]. A
DDoS
Attack
Network
Attacker
Attacker
Client
Handler
Agent
Handler
Client -Handler
Communication
TCP
UDP
ICMP
Agent-Handler
Communication
IRC
Based
Secret/ Public
Private Channel
Channel
A
Agent
s
Attack
er
Attack
er
Client
IRC
Network
Agent
s
Victim
Detect and
Neutralize
Handlers
Detect/Prevent
Secondary
Victims
Individual
Users
Install
Software
Patches
Built - in
Defenses
Network
Service
Providers
DDoS
Countermeasures
Detect /Prevent
Potential Attacks
Egr ess
Filtering
Mitigate /Stop
Attacks
Deflect
Attacks
MIB
Statistics
Dynamic
Pricing
Honeypots
Shadow Real
Network
Resources
Load
Throttling
Balancing
Post- Attack
Forensics
Traffic
Pattern
Analysis
Packet
Traceback
Event
Logs
Study Attack
Drop
Requests
example through
vulnerabilities [10].
4.
exploiting
buffer
overflow
If (resources<60%)
(
Initiate IPSec
Initiate Aggressive aging
}
Server
Conclusion:
An overview of DDoS problem, classification of
DDoS attacks, defense principles and challenges are
presented in this paper. Potential research issues are
also highlighted. We propose a level 1 integrated
approach to combat DDoS menace.
References:
[1] David Karig and Ruby Lee, Remote Denial of
Service Attacks and Countermeasures, Princeton
University Department of Electrical Engineering
Technical Report CE-L2001-002, October 2001
[2] C. Douligeris, and A. Mitrokotsa, DDoS attacks
and defense mechanisms: classification and state-ofthe-art, Computer Networks, 2004, pp.643666,
[3] Li-Chiou Chen, Thomas A. Longstaff, and
Kathieen M. Carley, Characterization of defense
mechanisms against distributed denial of service
attacks, Computer & Security 23, 2004, pp.665678.
[4] J. Mirkovic, and P. Reiher, A Taxonomy of
DDoS Attack and DDoS defense Mechanisms,
ACM SIGCOMM Computer Communications
Review, Volume 34, Number 2, April 2004.
[5] Joseph Lo and Others. An IRC Tutorial,
irchelp.com. 1997
www.irchelp.org/irchelp/irctutorial.html#part1. (8
April 2003).
[6] Nicolas Pioch. A Short IRC Primer. Edition
1.2, January 1997.
http://www.irchelp.org/irchelp/ircprimer.html#DDC.
(21 April 2003).
[7] Kleinpaste, Karl, Mauri Haikola, and Carlo Kid.
The Original IRC Manual. March 18, 1997.
http://www.user-com.undernet.org/documents/ircmanual.html#seen (21 April 2003).
[8] Kevin J. Houle. Trends in Denial of Service
Attack Technology. CERT Coordination Center,
Carnegie Mellon Software Engineering Institute.
October 2001. www.nanog.org/mtg0110/ppt/houle.ppt. (14 March 2003).