A Taxonomy of DDoS Attacks and DDoS Defense Mechanisms Jelena - - PowerPoint PPT Presentation

a taxonomy of ddos attacks and ddos defense mechanisms
SMART_READER_LITE
LIVE PREVIEW

A Taxonomy of DDoS Attacks and DDoS Defense Mechanisms Jelena - - PowerPoint PPT Presentation

Sep 25, 2022 196 likes •383 views

A Taxonomy of DDoS Attacks and DDoS Defense Mechanisms Jelena Mirkovic, Janice Martin & Peter Reiher Manu Shantharam & David Hadka What is DoS? DoS A type of attack wherein access to computer resource / service is denied or

slide-1
SLIDE 1

A Taxonomy of DDoS Attacks and DDoS Defense Mechanisms

Jelena Mirkovic, Janice Martin & Peter Reiher

Manu Shantharam & David Hadka

slide-2
SLIDE 2

What is DoS?

  • DoS – A type of attack wherein access to computer resource / service is denied or

restricted. An example

slide-3
SLIDE 3

What is DDoS?

  • DDoS – Concurrent, Coordinated DoS.

An example

slide-4
SLIDE 4

What facilitates DDoS?

  • Internet security is highly interdependent

– Each host depends on the state of security in the entities it is communicating with.

  • Internet resources are limited

– Resources are enough for only certain number of users.

  • Power of many is greater than power of few

– Resources of attackers are more than that of the victims

  • No accountability

– Source address spoofing

slide-5
SLIDE 5

DDoS Attack Strategy

Recruiting, exploiting, infecting, attacking

slide-6
SLIDE 6

Contribution

  • First of its kind
  • Taxonomy of DDoS attacks

– Based on means, characteristics and effects

  • Taxonomy of DDoS defense mechanisms

– Based on activity level, cooperation degree and location

slide-7
SLIDE 7

Related Work

slide-8
SLIDE 8

Taxonomy of DDoS Attacks

slide-9
SLIDE 9

Taxonomy of DDoS Attacks

  • TCP SYN
  • CGI Request
  • Authentication Server
slide-10
SLIDE 10

Taxonomy of DDoS Attacks

Pulsing attack: periodic disruptions or coordinated for continual degradation

slide-11
SLIDE 11

Taxonomy of DDoS Defenses

Preventive: eliminate or reduce impact of DDoS attacks on legitimate clients Firewalls, virus scanners, access lists, capabilities, intrusion detection, etc. Server farms

slide-12
SLIDE 12

Taxonomy of DDoS Defenses

Reactive: detect and respond to an attack. Pattern: broken by slight variations in attack signature Anomaly: how to define thresholds? change

  • ver time?
slide-13
SLIDE 13

Taxonomy of DDoS Defenses

Reduce the impact of the attack while minimizing impact to legitimate clients

slide-14
SLIDE 14

Taxonomy of DDoS Defenses

Cooperate with other entities to identify and respond to attacks e.g., firewalls

slide-15
SLIDE 15

Taxonomy of DDoS Defenses

e.g., resource accounting, protocol security mechanisms

slide-16
SLIDE 16

Results

  • Provides classification for simple DDoS attack and

defense mechanisms

  • Better coordination among researchers
  • Clarify how different mechanisms work in concert
slide-17
SLIDE 17

Take Away

  • This taxonomy only identifies simple methods. More

complex techniques exist.

  • Can the defense mechanism itself cause DoS (e.g.,

anomaly attack detection)?

  • What about unintentional DoS? Digg effect?
slide-18
SLIDE 18

References

  • Wikipedia
  • A Taxonomy of DDoS Attacks and DDoS Defense Mechanisms - Jelena Mirkovic, Janice Martin & Peter

Reiher

  • An Integrated Approach for Defending Against Distributed Denial-of-Service (DDoS) Attacks -

Krishan Kumar, R.C. Joshi, and Kuldip Singh