A taxonomy of DDoS attack and DDoS defense mechanisms
Top Cited Papers
- 1 April 2004
- journal article
- Published by Association for Computing Machinery (ACM) in ACM SIGCOMM Computer Communication Review
- Vol. 34 (2) , 39-53
- https://doi.org/10.1145/997150.997156
Abstract
Distributed denial-of-service (DDoS) is a rapidly growing problem. The multitude and variety of both the attacks and the defense approaches is overwhelming. This paper presents two taxonomies for classifying attacks and defenses, and thus provides researchers with a better understanding of the problem and the current solution space. The attack classification criteria was selected to highlight commonalities and important features of attack strategies, that define challenges and dictate the design of countermeasures. The defense taxonomy classifies the body of existing DDoS defenses based on their design decisions; it then shows how these decisions dictate the advantages and deficiencies of proposed solutions.Keywords
This publication has 14 references indexed in Scilit:
- A framework for classifying denial of service attacksPublished by Association for Computing Machinery (ACM) ,2003
- Internet intrusionsPublished by Association for Computing Machinery (ACM) ,2003
- SOSPublished by Association for Computing Machinery (ACM) ,2002
- Controlling high bandwidth aggregates in the networkACM SIGCOMM Computer Communication Review, 2002
- A signal analysis of network traffic anomaliesPublished by Association for Computing Machinery (ACM) ,2002
- Resilient overlay networksPublished by Association for Computing Machinery (ACM) ,2001
- An analysis of using reflectors for distributed denial-of-service attacksACM SIGCOMM Computer Communication Review, 2001
- Protecting web servers from distributed denial of service attacksPublished by Association for Computing Machinery (ACM) ,2001
- Practical network support for IP tracebackPublished by Association for Computing Machinery (ACM) ,2000
- TCP SYN flooding and IP spoofing attacksNetwork Security, 1996