DDOS attack detection and prevention methods
| Authors: Kadyrov R.R. |  |
| Published in issue: #7(36)/2019 | |
| DOI: 10.18698/2541-8009-2019-7-507 | |
Category: Informatics, Computer Engineering and Control | Chapter: Methods and Systems of Information Protection, Information Security |
|
Keywords: information security, denial of service attack, DoS, DDoS, detection and prevention mechanisms, architecture of mitigating the attacks consequences, false positives, access to resources |
|
| Published: 06.08.2019 | |
With the proliferation of denial of service (DoS) attacks on the Internet, there is a great need to develop solutions to detect and prevent these attacks. This article is about introducing Intrusion Detection Systems (IDS) and analyzing various DoS/DDoS detection methods. The critical tasks of the sphere are listed, their description is given. A review of various intrusion detection systems has been performed. A classification of various methods for detecting and preventing DDoS attacks is given, as well as a classification of attack prevention architectures in accordance with their deployment location, and various architectures are compared.
References
[1] Tripathi S., Gupta B., Almomani A., et al. Hadoop based defense solution to handle distributed denial of service DDoS attacks. J. Inf. Secur., 2013, vol. 4, no. 3, pp. 150–164. DOI: 10.4236/jis.2013.43018 URL: http://www.scirp.org/journal/paperinformation.aspx?paperid=34629
[2] Hachem N., Ben Mustapha Y., Granadillo G.G., et al. Botnets: lifecycle and taxonomy. Conf. on Network and Information Systems Security, 2011. DOI: 10.1109/SAR-SSI.2011.5931395 URL: https://ieeexplore.ieee.org/document/5931395
[3] Mahajan D., Sachdeva M. DDoS attack prevention and mitigation techniques - a review. Int. J. Comput. Appl., 2013, vol. 67, no. 19, pp. 21–24. DOI: 10.5120/11504-7221 URL: https://research.ijcaonline.org/volume67/number19/pxc3887221.pdf
[4] Arora K., Kumar K., Sachdeva M. Impact Analysis of Recent DDoS Attacks. IJCSE, 2011, vol. 3, no. 2, pp. 877–883.
[5] Ahamad T., Aljumah A. Detection and defense mechanism against DDoS in MANET. Indian J. Sci. Technol., 2015, vol. 8, no. 33. DOI: 10.17485/ijst/2015/v8i33/80152 URL: http://www.indjst.org/index.php/indjst/article/view/80152
[6] Parwani D., Dutta A., Kumar Shukla P., et al. Various techniques of DDoS attacks detection and prevention at cloud: a survey. Orient. J. Comp. Sci. and Technol., 2015, vol. 8, no. 2. URL: http://www.computerscijournal.org/?p=1983
[7] Shaikh F., Bou-Harb E., Crichigno J., et al. A machine learning model for classifying unsolicited IoT devices by observing network telescopes. IEEE IWCMC, 2018. DOI: 10.1109/IWCMC.2018.8450404 URL: https://ieeexplore.ieee.org/document/8450404
[8] Munivara Prasad K., Rama Mohan Reddy A., Venugopal Rao K. DoS and DDoS attacks: defense, detection and traceback mechanisms – a survey. GJCST, 2014, no. 7-E. URL: https://globaljournals.org/GJCST_Volume14/3-DoS-and-DDoS-Attacks-Defense-Detection.pdf
[9] Uddin M., Alsaqour R., Abdelhaq M. Intrusion detection system to detect DDoS attack in gnutella hybrid P2P network. Indian J. Sci. Technol., 2013, vol. 6, no. 2, pp. 71–83.
[10] Douligeris C., Mitrokotsa A. DDoS attacks and defense mechanisms: a classification. Proc. 3rd IEEE Int. Symp. on Signal Processing and Information Technology, 2003. DOI: 10.1109/ISSPIT.2003.1341092 URL: https://ieeexplore.ieee.org/document/1341092