Distributed Denial of Service (DDoS) Attacks
Classification, Attacks, Challenges, and Countermeasures
by Brij B. Gupta & Amrita Dahiya
Massive technological breakthroughs have pioneered the complexity, scale, and magnitude of DDoS attacks from a very simple Trinoo platform to the Mirai botnet. The days are gone when DDoS attacks were bound to run iterations for vandalism in the small-scale network. Nowadays, DDoS attacks are a major concern for e-companies, as most businesses rely on online access and the Internet for delivering services, since the Internet was developed for applicability and not security. In addition, enormous development in vulnerable and insecure IoT applications, amplification, and reflective techniques has worsened the situation. Progressively, attackers are always driven by large incentives as compared to the legitimate users or defenders. Consequently, the frequency and intensity of the DDoS attacks is rising at an exponential pace resulting in unparalleled levels of damage. There is no denying the fact that researchers have tried to keep the momentum of proposing defensive mechanisms apace with the massive modernisation of attacking techniques. However, we still lack in a comprehensive and robust DDoS defensive mechanism. Thus, it is very important to analyse the recent trends and different DDoS attack mitigation solutions to explore new research directions.
Distributed Denial of Service (DDoS) Attacks: Classification, Attacks, Challenges, and Countermeasures provides an overview of the basic concepts of DDoS attacks, its different types, modes of attack, and examines the various countermeasures that have been proposed so far. In this book, we discuss the importance of incentives, liabilities, and cyber insurance in any technical solution and have provided a detailed taxonomy of technical and economical defensive solutions against DDoS attacks. Further, the book covers various issues and challenges encountered by different platforms like cloud computing and IoT in dealing with the DDoS attacks. In addition, we discuss SDN and blockchain as the new emerging solutions to DDoS attacks due to their unique and unparalleled features. Features like decoupling of data and control plane in SDN and decentralisation of blockchain can provide promising solutions in this particular domain. The book emphasises the idea of moving from only technical solutions to a proper blend of technical and economical solutions against DDoS attacks. It also outlines the existing challenges and provides an insight into future research directions.
This book is designed for the readers with an interest in the cybersecurity domain, including researchers who are exploring different dimensions associated with the DDoS attacks, developers and security professionals who are focusing on developing defensive schemes and applications for detecting or mitigating DDoS attacks, industrialists who are keen of promoting their security measures or their cyber insurance policies and services with new features, and faculty members across different universities.
The book contains six chapters, with each chapter focusing on bringing an understanding and knowledge of DDoS attacks and their taxonomy along with their defensive mechanisms to the readers. The following list provides a detailed overview of the topics covered in each chapter:
Chapter 1: Fundamentals of DDoS attack: Evolution and Challenges –
This chapter introduces the concept of DDoS attacks as a starting point for newcomers to the technology and illuminates some major recent trends and statistics unveiled by well-known organisations across the world showcasing the exponential rise in magnitude, severity, and complexity of DDoS attacks. Further, this chapter discusses the evolution of DDoS attacks and their detailed taxonomy based on various parameters.
Chapter 2: Role of Incentives, Liabilities, and Cyber Insurance – This chapter illuminates the importance of incentives and liabilities in any DDoS defensive mechanism. It highlights cyber insurance and its conceptualisation in the risk assessment process. It discusses the fact that weak defense mechanisms, fragile cryptographic protocols, and loose access control policies are not the only reasons, but the lack of incentives and liabilities also contribute significantly to security breaches.
Chapter 3: Taxonomy of DDoS Defence Mechanisms – This chapter highlights the detailed taxonomy of DDoS defense mechanisms. Apart from this, it also covers open research challenges and issues in any trivial DDoS defense mechanism.
Chapter 4: Taxonomy of Economical Solutions – This chapter discusses the classification of economic defensive mechanisms against DDoS attacks. Various payment schemes, resource allocation schemes, negotiation-based solutions, and Internet pricing schemes are discussed in this chapter. Pros and cons of economic solutions are also discussed.
Chapter 5: DDoS Attacks on Various Platforms – This chapter illustrates DDoS attacks on platforms like cloud computing and IoT. It covers vulnerabilities, issues, and challenges associated with these platforms with regard to DDoS attack. Apart from this, this chapter also highlights taxonomy of DDoS attacks and some significant defensive solutions on cloud computing and IoT.
Chapter 6: Emerging Solutions for DDoS attacks: Based on SDN and Blockchain Technologies – This chapter illustrates some new emerging solutions for handling DDoS attacks, i.e., Software Defined Networking (SDN) and blockchain-based solutions. It also covers advantages of these technologies in mitigating DDoS attacks.