Vulnerability Analysis of Existing Distributed Denial of Service (DDoS) Defense FrameworksAuthor : Shaveta Gupta, Dinesh Grover and Abhinav Bhandari
Volume 7 No.3 October-December 2018 pp 62-67
The world is quickly moving towards an era of digitization. Scope and volume of the network are becoming vast that makes these machines more prone to cyber-attack due to vulnerabilities of the network. There are various types of cyber-attacks but most common and equally impactful is DDOS attack. A foolproof defense mechanism is need of the hour. Analysis of various existing defense mechanism frameworks has been done and their shortcomings have been reported by us. This analysis will help to define a framework which can provide better accuracy, lesser detection time and reduced false negative and positive rates. It will further ensure better response and mitigation against the attack.
DDOS Attack, Flash Events, Vulnerability Analysis, Mitigation
 Ram Charan Baishya, “Ddos attack detection using unique source ip deviaion”, International Journal of Network Security, Vol. 19, pp. 929–939, 2017.
 Narmeen Zakaria Bawany, “Ddos attack detection and mitigation using sdn: Methods, practices and solutions”, Springer Arabian Journal of Science and Engineering, Vol. 42, pp. 425–441, 2017.
 Sunny Behl, “Characterization and comparison of ddos attack tools and traffic generator – a review”, International Journal of Network Security, Vol. 19, pp. 383–393, 2017.
 Sunny Behl, “Detection of ddos attacks and flash events using novel information theory metrics”, Else vier computer networks, Vol. 116, pp. 96–110, 2017.
 Sunny Behl, “Discriminating flash events from ddos attacks: A comprehensive review”, International Journal of Network Security, Vol. 19, pp. 734–741, 2017.
 Sunny Behl, “D-fac: A novel -divergence based dis- tributed ddos defense system”, Journal of King Saud university – Compter and information sciences, 2018.
 Abhinav Bhandari, “performance metrics for defence framework against distributed denial of service at- tacks”, International Journal of Network Security, 2014.
 Abhinav Bhandari, “Destination address entropy based detection and traceback approach against dis- tributed denial of service attacks”, Computer Net-work and Information Security, Vol. 8, No. 1, pp. 9– 20, 2015.
 Abhinav Bhandari, “Characterizing flash events and distributed denial of service attacks: An empirical invesigation”, Security and communication networks, Vol. 9, pp. 2222–2239, 2016.
 Chaintanaya Buragohain, “Flowtrapp: An sdn based architecture for ddos attack detection and mitigation in data centers”, IEEE 3rd International Conference on Signal Processing and Integrated Networks, 2016.
 Alberato Compango, “Poseidon: Mitigating interest flooding ddos attacks in named data networking”, in 38th IEEE Conference on Local Computer Networks, 2013.
 Christos Douligeris, “Ddos attacks and defense mech- anism: Classification and state of the art”, Elsevier Computer networks, Vol. 44, pp. 643–666, 2004.
 K. Giotis, “Combining openflow and sflow for effec- tive and scalable anomaly detection and mitigation mechanism on sdn environments”, Elsevier Computer Networks, Vol. 62, pp. 122–136, 2014.
 Vincenzo Gulisano, “A streaming ddos defense framework”, Expert Systems with Applications, Vol. 42, No. 24, pp. 9620–9633, 2015.
 B.B. Gupta, “Defending against distributed denial of service attacks:issues and challenges”, Information Security Journal, Vol. 18, pp. 224–247, 2014.
 Manju Khari, “Comprehensive study of web application attacks and classification”, 3rd International Conference on computing for sustainable global development, 2016.
 Ashwini Kharke, “Review on mitigation of distributed denial of service (ddos) attacks in cloud computing”, 10th International Conference on intelligent system and control, 2016.
 Ahmed Redha Mahlous, “A defense framework against ddos in a multipath network environment”, Communication and Network, Vol. 7, No. 2, pp. 106– 116, 2015.
 Seung Yeob Nam, “Defending http web servers against ddos attacks through busy period-based attack flow detection”, KSII Transactions on Internet and Information Systems, Vol. 8, No. 7, 2014.
 Arpita Narayan, “A defense mechanism: Dns based ddos attack”, International Journal of Computer trends and Technology, Vol. 33, No. 1, 2016.
 Dhruv A Patel, “Detection and mitigation of ddos attack against web server”, International Journal of Engineering Development and Research, Vol. 2, 2014.
 Mohammed A. Saleh, “A novel protective framework for defeating http- based denial of service (dos) and distributed denial of service attacks”, The Scientific World Journal, Vol. 2015, No. 238230, 2014.
 Yang Xiang, “Low-rate ddos attacks detection and traceback by using new information metrics, IEEE transactions on information forensics and security”, IEEE Transactions on Information Forensics and Security, Vol. 6, 2011.
 Gang Xiongi, “Survey of network attacks based on protocol vulnerabilities”, Springer international pub lishing, pp. 246–257, 2014.