Denial-of-Service and Botnet Analysis, Detection, and Mitigation

Denial-of-Service and Botnet Analysis, Detection, and Mitigation

Sobana Sikkanan, Kasthuri M.
DOI: 10.4018/978-1-5225-9554-0.ch005
(Individual Chapters)
No Current Special Offers


The internet is designed for processing and forwarding of any packet in a best effort manner. The packets carried by the internet may be malicious or not. Most of the time, internet architecture provides an unregulated path to victims. Denial-of-service (DoS) attack is the most common critical threat that causes devastating effects on the internet. The Botnet-based DoS attack aims to exhaust both the target resources and network bandwidth, thereby making the network resources unavailable for its valid users. The resources are utilized by either injecting a computer virus or flooding the network with useless traffic. This chapter provides a systematic analysis of the causes of DoS attacks, including motivations and history, analysis of different attacks, detection and protection techniques, various mitigation techniques, the limitations and challenges of DoS research areas. Finally, this chapter discusses some important research directions which will need more attention in the near future to guarantee the successful defense against DoS attacks.
Chapter Preview


In the modern era, our daily life depends on Internet applications for all our necessary activities. Some humans are using this internet in a destructive manner and some others use this in a constructive manner. Cloud computing has an impact on the growth of internet word even though the process of designing and computing of a cloud environment is complicated (Kumar, 2018). The complexity of the cloud-computing process leads to insecure digital data processing (Feng, Chen, & Liu, 2010). A collection of hijacked devices connected through the internet represents a Botnet which creates some safety and security issues. Bailey, Cooke, Xu, and Karir (2009) stated that the detection and mitigation of these botnet threads is a complicated process. Botnet cyber-attacks such as Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) attacks are introduced to steal a victim’s personal information (Aamir & Zaidi, 2013).

Initially, the DoS attacks were introduced against web applications. The first DoS attack was initiated by the hijackers in the late 1990s and it becomes a significant danger to all the web applications (Bencsáth & Vajda, 2004). As said by (Gresty, Shi, & Merabti, 2001), DoS controls the web pages for a predefined amount of time to collect all the personal information and introduces some revenue lost even in the offline condition. In business environments, companies try to knock off their competing companies from the business market with the help of these DoS attacks. Pappalardo (2005) revealed that online extortion via DoS attacks is increasing during the past decades. Attackers controlled the victim’s online businesses using DoS attacks and threatened them to give payments for their protection.

In recent network scenarios, most of the companies, organizations, and government sectors are looking forward to transferring all or parts of their information to the cloud (Gonzales D, Kaplan J.M, Saltzman E, Winkelman Z, & D., 2017; Wong, 1998). The introduction of cloud technology allows the organization to transfer a lot of information with the least capital cost. DoS aims to attack widely used public sectors such as Banking services and e-commerce sites. DoS attack introduces some massive security threats to some government organizations such as India in 2012 (Register., 2012), the USA in 2015 (Incapsula., 2015), Brazil in 2016 (Corero., 2016) and Ireland in 2017 (Silicon., 2017). DoS attackers used some malware techniques to hack the details of customers of U.S based banks in 2012 (Networks, 2012). HSBC bank in the U.K was in the hit list of DoS attack during 2016 (Guardian., 2016). E-commerce sectors such as Bitcoin websites were also affected by DoS attacks in 2017 (Coindesk., 2017). Recent years DoS causes a significant impact on social websites like eBay, Amazon,, Capital one bank, SunTrust bank, and Microsoft. The above discussions reveal that protecting the network from the DoS attack becomes an important issue (Arunadevi, 2018). The inability of the network security mechanism in detecting the DoS attack indicates the lack of security services in the government structure.

Key Terms in this Chapter

Internet of Things (IoT): The internet of things, or IoT, is a system of interrelated computing devices, mechanical and digital machines, objects, animals or people that are provided with unique identifiers (UIDs) and the ability to transfer data over a network without requiring human-to-human or human-to-computer interaction.

Denial of Service: An interruption in an authorized user's access to a computer network, typically one caused with malicious intent.

Botnet: A network of private computers infected with malicious software and controlled as a group without the owners' knowledge (e.g., to send spam).

Smart Grids: An electricity supply network that uses digital communications technology to detect and react to local changes in usage.

Botmaster: A person who controls a bot or botnet.

Software-Defined Networking (SDN): The physical separation of the network control plane from the forwarding plane, and where a control plane controls several devices.

Cross-Layer Design: A protocol design that leverages on the interactions and dependencies between different layers of the networking protocol stacks to achieve better performance. MANET (mobile ad hoc network)—self-configuring and self-maintaining network in which nodes are autonomous and distributed in nature.

Complete Chapter List

Search this Book: