Skip to main content
Fachgebiete
Automobil + Motoren Bauwesen + Immobilien Business IT + Informatik Elektrotechnik + Elektronik Energie + Nachhaltigkeit Finance + Banking Management + Führung Marketing + Vertrieb Maschinenbau + Werkstoffe Versicherung + Risiko
DE
EN
Themenseiten
Organisationspsychologie Projektmanagement Marketing Smart Manufacturing
Bücher
Zeitschriften
Weitere Formate
Podcasts Webinare Technik Webinare Wirtschaft Kongresse Veranstaltungskalender Awards
Jetzt Einzelzugang starten
Zugang für Unternehmen
Referenzkunden
MTZ-Fachkongress

Antriebe und Energiesysteme von morgen


Austausch von Automobil- und Energiewirtschaft

Am 14./15. Mai geht es in Chemnitz um die Mobilitätswende durch Elektro- und Wasserstofffahrzeuge.
Erweiterte Suche
Anmelden
nach oben
Erschienen in:
Intrusion Detection Using a Hybrid Sequential Model Kapitel lesen Erstes Kapitel lesen

2021 | OriginalPaper | Buchkapitel

DDoS Prevention: Review and Issues

verfasst von : Shail Saharan, Vishal Gupta

Erschienen in: Advances in Machine Learning and Computational Intelligence

Verlag: Springer Singapore

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

Networks connected to the Internet are always susceptible to distributed denial-of-service (DDoS) attacks. In spite of a lot of different DDoS defense mechanisms in place, DDoS attacks still happen. These mechanisms fall under the category of DDoS detection, DDoS mitigation, and DDoS prevention. Although DDoS detection and mitigation are well defined and understood terms, DDoS prevention is used with different meanings in the literature. Concerning reflection-based DDoS amplification attacks, in this paper, we define ideal prevention and true prevention. Former is an ideal situation in which primarily the security of all the Internet hosts is well up to the mark and does not allow them to become participating members of DDoS attacks, whereas later is a practically feasible situation in which the network itself can prevent and mitigate DDoS attack within some fixed time interval. We also provide the literature review of DDoS prevention techniques and argue that the ones which conform to the definition of ideal prevention or true prevention are either not dynamic, are computationally expensive, or not scalable; thus, practically not feasible.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Jetzt informieren
Vorheriges Kapitel Fire Detection and Controlling Robot Using IoT
Nächstes Kapitel Early Detection of Foot Pressure Monitoring for Sports Person Using IoT
Literatur
1.
B. Alex, B. Christiaan, P. Eric, M. Niamh, S. Raj, S. Craig, S. ReseAnne, S. Dan, S. Bing, McAfee labs threats report, 2018 March, Last accessed 2018 June 19
2.
K. Oleg, B. Ekaterina, G. Alexamder, DDoS Attacks in Q3 2018, 2018 Oct, Last accessed 2018 Dec 22
3.
S. Bhatia, S. Behal, I. Ahmed, Distributed denial of service attacks and defense mechanisms: current landscape and future directions, in Versatile Cybersecurity (Springer, Cham, 2018)
4.
K. Kalkan, G. Gür, F. Alagöz, Filtering-based defense mechanisms against DDos attacks: a survey. IEEE Syst. J. 11(4), 2761–2773 (2016)CrossRef
5.
H.V. Nguyen, Y. Choi, Proactive detection of DDoS attacks utilizing k-NN classifier in an anti-DDoS framework. Int. J. Electr. Comput. Syst. Eng. 4(4), 247–252 (2010)
6.
K. Kaushal, V. Sahni, Early detection of ddos attack in WSN. Int. J. Comput. Appl. 134(13), 0975–8887 (2016)
7.
P. Van Trung, T.T. Huong, D. Van Tuyen, D.M. Duc, N.H. Thanh, A. Marshall, A multi-criteria-based DDoS-attack prevention solution using software defined networking, in 2015 International Conference on Advanced Technologies for Communications (ATC) (IEEE, Oct 2015), pp. 308–313
8.
N. Yadav, V. Parashar, Trust or reputation base encryption decryption technique for preventing network from DOS attack in MANET, in 2016 International Conference on Inventive Computation Technologies (ICICT), vol. 1 (IEEE, Aug 2016), pp. 1–6
9.
K.K. Oo, K.Z. Ye, H. Tun, K.Z. Lin, E.M. Portnov, Enhancement of preventing application layer based on DDoS attacks by using hidden semi-Markov model, in Genetic and Evolutionary Computing (Springer, Cham, 2016), pp. 125–135
10.
A.S. Navaz, V. Sangeetha, C. Prabhadevi, Entropy based anomaly detection system to prevent DDoS attacks in cloud. arXiv preprint arXiv:​1308.​6745 (2013)
11.
J.D. Ndibwile, A. Govardhan, K. Okada, Y. Kadobayashi, Web Server protection against application layer DDoS attacks using machine learning and traffic authentication, in 2015 IEEE 39th Annual Computer Software and Applications Conference, vol. 3 (IEEE, July 2015), pp. 261–267)
12.
Y. Zhang, Q. Liu, G. Zhao, A real-time DDoS attack detection and prevention system based on per-IP traffic behavioral analysis, in 2010 3rd International Conference on Computer Science and Information Technology, vol. 2 (IEEE, July 2010), pp. 163–167
13.
S. Kim, S. Lee, G. Cho, M.E. Ahmed, J.P. Jeong, H. Kim, Preventing DNS amplification attacks using the history of DNS queries with SDN, in European Symposium on Research in Computer Security (Springer, Cham, Sept 2017), pp. 135–152
14.
C. Jin, H. Wang, K.G. Shin, Hop-count filtering: an effective defense against spoofed DDoS traffic, in Proceedings of the 10th ACM conference on Computer and Communications Security (ACM, Oct 2003), pp. 30–41
15.
O.A. Osanaiye, Short paper: IP spoofing detection for preventing DDoS attack in cloud computing, in 2015 18th International Conference on Intelligence in Next Generation Networks (IEEE, Feb 2015), pp. 139–141
16.
H. Luo, Y. Lin, H. Zhang, M. Zukerman, Preventing DDoS attacks by identifier/locator separation. IEEE Netw. 27(6), 60–65 (2013)CrossRef
17.
P. Ferguson, RFC-2267: Network ingress filtering: defeating denial of service attacks which employ IP source address spoofing, Jan 1998
18.
K. Park, H. Lee, On the effectiveness of route-based packet filtering for distributed DoS attack prevention in power-law internets, in Proceedings of the 2001 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications (SIGCOMM’01). ACM, New York, NY, USA, 15–26 2001. http://​dx.​doi.​org/​10.​1145/​383059.​38306
19.
J. Li, J. Mirkovic, M. Wang, P. Reiher, L. Zhang, SAVE: Source address validity enforcement protocol, in Proceedings. Twenty-First Annual Joint Conference of the IEEE Computer and Communications Societies, vol. 3 (IEEE, June 2002), pp. 1557–1566
20.
A.D. Keromytis, V. Misra, D. Rubenstein, SOS: an architecture for mitigating DDoS attacks. IEEE J. Sel. Areas Commun. 22(1), 176–188 (2004)CrossRef
21.
Y. Kim, W.C. Lau, M.C. Chuah, H.J. Chao, PacketScore: a statistics-based packet filtering scheme against distributed denial-of-service attacks. IEEE Trans. Dependable Secur. Comput. 3(2), 141–155 (2006)CrossRef
22.
F.C. Freiling, T. Holz, G. Wicherski, Botnet tracking: exploring a root-cause methodology to prevent distributed denial-of-service attacks, in European Symposium on Research in Computer Security (Springer, Berlin, Heidelberg, Sept 2005), pp. 319–335
23.
Q. Duan, E. Al-Shaer, S. Chatterjee, M. Halappanavar, C. Oehmen, Proactive routing mutation against stealthy Distributed Denial of Service attacks: metrics, modeling, and analysis. J. Defense Modell. Simul. 15(2), 219–230 (2018)CrossRef
24.
H. Luo, Z. Chen, J. Li, A.V. Vasilakos, Preventing distributed denial-of-service flooding attacks with dynamic path identifiers. IEEE Trans. Inf. Forensics Secur. 12(8), 1801–1815 (2017)CrossRef
25.
26.
L. Krämer, J. Krupp, D. Makita, T. Nishizoe, T. Koide, K. Yoshioka, C. Rossow, Amppot: monitoring and defending against amplification DDos attacks, in International Symposium on Recent Advances in Intrusion Detection (Springer, Cham, Nov 2015), pp. 615–636
Metadaten
Titel
DDoS Prevention: Review and Issues
verfasst von
Shail Saharan
Vishal Gupta
Copyright-Jahr
2021
Verlag
Springer Singapore
Buch
Advances in Machine Learning and Computational Intelligence

Print ISBN: 978-981-15-5242-7

Electronic ISBN: 978-981-15-5243-4

Copyright-Jahr: 2021

DOI
https://doi.org/10.1007/978-981-15-5243-4_53

Premium Partner

    Marktübersichten

    Die im Laufe eines Jahres in der „adhäsion“ veröffentlichten Marktübersichten helfen Anwendern verschiedenster Branchen, sich einen gezielten Überblick über Lieferantenangebote zu verschaffen. 

    Zur Marktübersicht
    Bildnachweise