Distributed Denial-of-Service (DDoS) Attacks and Defense Mechanisms in Various Web-Enabled Computing Platforms: Issues, Challenges, and Future Research Directions

Distributed Denial-of-Service (DDoS) Attacks and Defense Mechanisms in Various Web-Enabled Computing Platforms: Issues, Challenges, and Future Research Directions

Anshuman Singh, Brij B. Gupta
Copyright: © 2022 |Pages: 43
DOI: 10.4018/IJSWIS.297143
Article PDF Download
Open access articles are freely available for download


The demand for Internet security has escalated in the last two decades because the rapid proliferation in the number of Internet users has presented attackers with new detrimental opportunities. One of the simple yet powerful attack, lurking around the Internet today, is the Distributed Denial-of-Service (DDoS) attack. The expeditious surge in the collaborative environments, like IoT, cloud computing and SDN, have provided attackers with countless new avenues to benefit from the distributed nature of DDoS attacks. The attackers protect their anonymity by infecting distributed devices and utilizing them to create a bot army to constitute a large-scale attack. Thus, the development of an effective as well as efficient DDoS defense mechanism becomes an immediate goal. In this exposition, we present a DDoS threat analysis along with a few novel ground-breaking defense mechanisms proposed by various researchers for numerous domains. Further, we talk about popular performance metrics that evaluate the defense schemes. In the end, we list prevalent DDoS attack tools and open challenges.
Article Preview

1. Introduction

One of the most notorious attacks, raging around the Internet for more than 30 years, are the Denial-of-Service (DoS) attacks. The DoS attacks intend to paralyze the target by disrupting the connectivity between the target and its intended users and preventing users from network access. It exhausts sever resources like bandwidth, memory capacity, CPU processing power, etc. and brings down the entire network at last. This activity forces the target to shut down and reboot. The emergence of Distributed DoS attack was witnessed in summer 1999 (Criscuolo, 2000). Afterwards, the majority of DoS attacks occurring on the Internet are distributed in nature. The foremost purpose of these attacks is to crash the victim server and make it unavailable. It results in the revenue losses as well as economic overhead due to high cost of alleviating the attack and restoring the services.

The advent of new technologies has bestowed significantly greater number of resources, which has imparted attackers with novel ways to carry out cyber-attacks that cause more damage with less effort. A number of DDoS attacks are now carried out using well-organized and remotely controlled botnets. These botnets consist of thousands of malware-infected zombie machines that simultaneously send huge volumes of data to the target continuously, slowing down and eventually crashing the target system. Employing a bot army to execute an attack protects the anonymity of attacker by eliminating the chances of source IP address trace back. It also magnifies the severity of DDoS attack drastically.

In the recent years, a new landscape for DDoS attacks has emerged strikingly, called “DDoS as a Service”. These are easily affordable and accessible DDoS-for-hire websites that have altogether remodeled the extent and impact of DDoS attacks around the Internet. Nowadays, the hackers carry out DDoS attacks for others for as little as $5 per hour. Since the release of Mirai botnet source code, powering 100,000 bots, for executing DDoS attacks on dark web in October 2016 (Bing, 2016), the demand as well as the supply of these attack services have rocketed radically. According to Corero COO Dave Larson, “as many as 40% of all network layer attacks are believed to be caused by such DDoS-for-hire botnets.” These attack services are advertised as “Stresser” or “Booster” services that provide troubleshooting and testing services in order to identify the vulnerabilities in the user's network.

The recent studies have revealed that nowadays, not just numbers, the harshness of DDoS attacks has also aggravated. Cisco has predicted that the DDoS attacks are going to be even more frequent in the coming years, rising from 7.9 million in 2018 to a colossal figure of over 15 million in 2023. According to the Annual DDoS Threat Report for the year 2020 released by Nexusguard (2020), the frequency of DDoS attacks took an enormous jump from Q1 2019 to Q1 2020 with a year-over-year increase of 341.21\%. One of the largest ever recorded DDoS attack was carried out against the Amazon Web Services (AWS) in February 2020 with an attack volume that culminated to a breath-taking 2.3 Tbps (AWS, 2020). According to the Information Technology Intelligence Consulting (ITIC), an hour of IT services downtime can cost the companies anywhere between $300,000 to $1,000,000 (ITIC, 2019). Given this figure, the amount of financial damage incurred is unimaginable when a DDoS attack was brought down on thousands of Google’s IP addresses in October 2020. The attack was perpetrated by three Chinese ISPs and lasted for six months, peaking at an astounding rate of 2.5 Tbps (Huntley, 2020).

Table 1.
Comparison of related works in terms of domains incorporated
ContributionsMotivationBotnetAttack TaxonomyPlatform-specific AttacksTraditional DefenseIntegrated DefensePerformance MetricsAttack Tools
Bhardwaj et al. (2016)
Kamboj et al. (2017)
Aamir et al. (2013)
Kumar et al. (2009)
Nagpal et al. (2015)
Zargar et al. (2013)
Peng et al. (2007)
Our work

Complete Article List

Search this Journal:
Volume 20: 1 Issue (2024)
Volume 19: 1 Issue (2023)
Volume 18: 4 Issues (2022): 2 Released, 2 Forthcoming
Volume 17: 4 Issues (2021)
Volume 16: 4 Issues (2020)
Volume 15: 4 Issues (2019)
Volume 14: 4 Issues (2018)
Volume 13: 4 Issues (2017)
Volume 12: 4 Issues (2016)
Volume 11: 4 Issues (2015)
Volume 10: 4 Issues (2014)
Volume 9: 4 Issues (2013)
Volume 8: 4 Issues (2012)
Volume 7: 4 Issues (2011)
Volume 6: 4 Issues (2010)
Volume 5: 4 Issues (2009)
Volume 4: 4 Issues (2008)
Volume 3: 4 Issues (2007)
Volume 2: 4 Issues (2006)
Volume 1: 4 Issues (2005)
View Complete Journal Contents Listing