Link to the University of Pittsburgh Homepage
Link to the University Library System Homepage Link to the Contact Us Form

A survey of defense mechanisms against distributed denial of service (DDOS) flooding attacks

Zargar, ST and Joshi, J and Tipper, D (2013) A survey of defense mechanisms against distributed denial of service (DDOS) flooding attacks. IEEE Communications Surveys and Tutorials, 15 (4). 2046 - 2069.

Available under License : See the attached license file.

Download (4MB) | Preview
[img] Plain Text (licence)
Available under License : See the attached license file.

Download (1kB)


Distributed Denial of Service (DDoS) flooding attacks are one of the biggest concerns for security professionals. DDoS flooding attacks are typically explicit attempts to disrupt legitimate users' access to services. Attackers usually gain access to a large number of computers by exploiting their vulnerabilities to set up attack armies (i.e., Botnets). Once an attack army has been set up, an attacker can invoke a coordinated, large-scale attack against one or more targets. Developing a comprehensive defense mechanism against identified and anticipated DDoS flooding attacks is a desired goal of the intrusion detection and prevention research community. However, the development of such a mechanism requires a comprehensive understanding of the problem and the techniques that have been used thus far in preventing, detecting, and responding to various DDoS flooding attacks. In this paper, we explore the scope of the DDoS flooding attack problem and attempts to combat it. We categorize the DDoS flooding attacks and classify existing countermeasures based on where and when they prevent, detect, and respond to the DDoS flooding attacks. Moreover, we highlight the need for a comprehensive distributed and collaborative defense approach. Our primary intention for this work is to stimulate the research community into developing creative, effective, efficient, and comprehensive prevention, detection, and response mechanisms that address the DDoS flooding problem before, during and after an actual attack. © 1998-2012 IEEE.


Social Networking:
Share |


Item Type: Article
Status: Published
CreatorsEmailPitt UsernameORCID
Zargar, ST
Joshi, Jjjoshi@pitt.eduJJOSHI0000-0003-4519-9802
Tipper, Ddtipper@pitt.eduDTIPPER0000-0002-9429-6425
Date: 1 April 2013
Date Type: Publication
Access Restriction: No restriction; Release the ETD for access worldwide immediately.
Journal or Publication Title: IEEE Communications Surveys and Tutorials
Volume: 15
Number: 4
Page Range: 2046 - 2069
DOI or Unique Handle: 10.1109/surv.2013.031413.00127
Institution: University of Pittsburgh
Schools and Programs: School of Information Sciences > Telecommunications
Refereed: Yes
Date Deposited: 03 Jul 2013 15:08
Last Modified: 11 Apr 2020 05:55


Monthly Views for the past 3 years

Plum Analytics

Actions (login required)

View Item View Item