This article published as an Open Access article distributed under the terms of the Creative Commons Attribution License (CC-BY) (https://creativecommons.org/licenses/by/4.0/) which permits unrestricted use, distribution, and production in any medium, provided the author of the original work and original publication source are properly credited.
The demand for internet security has escalated in the last two decades because the rapid proliferation in the number of internet users has presented attackers with new detrimental opportunities. One of the simple yet powerful attacks lurking around the internet today is the distributed denial-of-service (DDoS) attack. The expeditious surge in the collaborative environments, like IoT, cloud computing, and SDN, have provided attackers with countless new avenues to benefit from the distributed nature of DDoS attacks. The attackers protect their anonymity by infecting distributed devices and utilizing them to create a bot army to constitute a large-scale attack. Thus, the development of an effective as well as efficient DDoS defense mechanism becomes an immediate goal. In this exposition, the authors present a DDoS threat analysis along with a few novel ground-breaking defense mechanisms proposed by various researchers for numerous domains. Further, they talk about popular performance metrics that evaluate the defense schemes. In the end, they list prevalent DDoS attack tools and open challenges.
Keywords: Blockchain, Botnet, Cloud Computing, Deep Learning, Distributed Denial-of-Service Attacks, IoT, Machine Learning, Web-Enabled Computing Platforms
A10. (2020). The state of DDoS weapons. A10 Networks. https://www.a10networks.com/wp-content/uploads/A10-EB-The-State-of-DDoS-Weapons-Report.pdf
Aamir
M.
Zaidi
M. A.
(2013). A survey on DDoS attack and defense strategies: From traditional schemes to current techniques.Interdisciplinary Information Sciences, 19(2), 173–200. 10.4036/iis.2013.173
Aamir, M., & Zaidi, M. A. (2014). Ddos attack and defense: Review of some traditional and current techniques. arXiv preprint arXiv:1401.6317.
Abadeh
M. S.
Habibi
J.
Barzegar
Z.
Sergi
M.
(2007). A parallel genetic local search algorithm for intrusion detection in computer networks.Engineering Applications of Artificial Intelligence, 20(8), 1058–1069. 10.1016/j.engappai.2007.02.007
Abbas
S.
Faisal
M.
Rahman
H. U.
Khan
M. Z.
Merabti
M.
(2018). Masquerading attacks detection in mobile ad hoc networks.IEEE Access: Practical Innovations, Open Solutions, 6, 55013–55025. 10.1109/ACCESS.2018.2872115
Abdulkarem, H. S., & Dawod, A. (2020, October). DDoS Attack Detection and Mitigation at SDN Data Plane Layer. In 2020 2nd Global Power,Energy and Communication Conference (GPECOM) (pp. 322-326). IEEE. 10.1109/GPECOM49333.2020.9247850
Abou El Houda
Z.
Hafid
A. S.
Khoukhi
L.
(2019). Cochain-SC: An intra-and inter-domain DDoS mitigation scheme based on blockchain using SDN and smart contract.IEEE Access: Practical Innovations, Open Solutions, 7, 98893–98907. 10.1109/ACCESS.2019.2930715
Addley, E., & Halliday, J. (2017, November 27). Operation Payback cripples MasterCard site for WikiLeaks ban. The Guardian. https://www.theguardian.com/media/2010/dec/08/operation-payback-mastercard-website-wikileaks
Agrawal, N., & Tapaswi, S. (2017, November). A lightweight approach to detect the low/high rate IP spoofed cloud DDoS attacks. In 2017 IEEE 7th International Symposium on Cloud and Service Computing (SC2) (pp. 118-123). IEEE.
Agrawal
N.
Tapaswi
S.
(2019). Defense mechanisms against DDoS attacks in a cloud computing environment: State-of-the-art and research challenges.IEEE Communications Surveys and Tutorials, 21(4), 3769–3795. 10.1109/COMST.2019.2934468
Aladaileh
M. A.
Anbar
M.
Hasbullah
I. H.
Chong
Y. W.
Sanjalawe
Y. K.
(2020). Detection techniques of distributed denial of service attacks on software-defined networking controller–a review.IEEE Access: Practical Innovations, Open Solutions, 8, 143985–143995. 10.1109/ACCESS.2020.3013998
Al-Nawasrah
A.
Almomani
A. A.
Atawneh
S.
Alauthman
M.
(2020). A survey of fast flux botnet detection with fast flux cloud computing.International Journal of Cloud Applications and Computing, 10(3), 17–53. 10.4018/IJCAC.2020070102
Alsirhani
A.
Sampalli
S.
Bodorik
P.
(2019). DDoS detection system: Using a set of classification algorithms controlled by fuzzy logic system in apache spark.IEEE eTransactions on Network and Service Management, 16(3), 936–949. 10.1109/TNSM.2019.2929425
Ashford, W. (2017, March 3). Businesses blame rivals for DDoS attacks. Computer Weekly. https://www.computerweekly.com/news/450414239/Businesses-blame-rivals-for-DDoS-attacks
Asosheh
A.
Ramezani
N.
(2008). A comprehensive taxonomy of DDOS attacks and defense mechanism applying in a smart classification.WSEAS Transactions on Computers, 7(4), 281–290.
AWS. (2020). Threat landscape report – q1 2020. Amazon Web Services. https://aws-shield-tlr.s3.amazonaws.com/2020-Q1_AWS_Shield_TLR.pdf
Baig
Z. A.
Sait
S. M.
Shaheen
A.
(2013). GMDH-based networks for intelligent intrusion detection.Engineering Applications of Artificial Intelligence, 26(7), 1731–1740. 10.1016/j.engappai.2013.03.008
Bannister, A. (2020, July 14). Remote working during coronavirus pandemic leads to rise in cyber-attacks, say security professionals. The Daily Swig | Cybersecurity News and Views. https://portswigger.net/daily-swig/remote-working-during-coronavirus-pandemic-leads-to-rise-in-cyber-attacks-say-security-professionals
Behal
S.
Kumar
K.
(2017). Characterization and Comparison of DDoS Attack Tools and Traffic Generators: A Review.International Journal of Network Security, 19(3), 383–393.
Bessani, A. N. (2011, June). From byzantine fault tolerance to intrusion tolerance (a position paper). In 2011 IEEE/IFIP 41st International Conference on Dependable Systems and Networks Workshops (DSN-W) (pp. 15-18). IEEE.
Bhardwaj
A.
Subrahmanyam
G. V. B.
Avasthi
V.
Sastry
H.
Goundar
S.
(2016, October). DDoS attacks, new DDoS taxonomy and mitigation solutions—a survey. In 2016 International Conference on Signal Processing, Communication, Power and Embedded System (SCOPES) (pp. 793-798). IEEE.10.1109/SCOPES.2016.7955549
Bhushan, K., & Gupta, B. B. (2018, February). Detecting DDoS attack using software defined network (SDN) in cloud computing environment. In 2018 5th international conference on signal processing and integrated networks (SPIN) (pp. 872-877). IEEE.
Bhushan
K.
Gupta
B. B.
(2019). Distributed denial of service (DDoS) attack mitigation in software defined network (SDN)-based cloud computing environment.Journal of Ambient Intelligence and Humanized Computing, 10(5), 1985–1997. 10.1007/s12652-018-0800-9
Bhuyan
M. H.
Bhattacharyya
D. K.
Kalita
J. K.
(2015). An empirical evaluation of information metrics for low-rate and high-rate DDoS attack detection.Pattern Recognition Letters, 51, 1–7. 10.1016/j.patrec.2014.07.019
Bing, C. (2016, October 27). You can now buy a Mirai-powered botnet on the dark web. CyberScoop. https://www.cyberscoop.com/mirai-botnet-for-sale-ddos-dark-web/
Chae, C. J., Lee, S. H., Lee, J. S., & Lee, J. K. (2007, October). A study of defense ddos attacks using ip traceback. In The 2007 International Conference on Intelligent Pervasive Computing (IPC 2007) (pp. 402-408). IEEE. 10.1109/IPC.2007.89
Chen
L. C.
Longstaff
T. A.
Carley
K. M.
(2004). Characterization of defense mechanisms against distributed denial of service attacks.Computers & Security, 23(8), 665–678. 10.1016/j.cose.2004.06.008
Chen
W.
Xiao
S.
Liu
L.
Jiang
X.
Tang
Z.
(2020). A DDoS attacks traceback scheme for SDN-based smart city.Computers & Electrical Engineering, 81, 106503. 10.1016/j.compeleceng.2019.106503
Chen
Y.
Abraham
A.
Yang
B.
(2007). Hybrid flexible neural‐tree‐based intrusion detection systems.International Journal of Intelligent Systems, 22(4), 337–352. 10.1002/int.20203
Cheng
J.
Xu
R.
Tang
X.
Sheng
V. S.
Cai
C.
(2018). An abnormal network flow feature sequence prediction approach for DDoS attacks detection in big data environment.Comput. Mater. Continua, 55(1), 95–119.
Chhabra
M.
Gupta
B.
Almomani
A.
(2013). A novel solution to handle DDOS attack in MANET.Journal of Information Security, 4(3), 165–179. 10.4236/jis.2013.43019
Chui, M., Löffler, M., & Roberts, R. (2019, February 13). The Internet of Things. McKinsey & Company. https://www.mckinsey.com/industries/technology-media-and-telecommunications/our-insights/the-internet-of-things
Criscuolo
P. J.
(2000). Distributed denial of service: Trin00, tribe flood network, tribe flood network 2000, and stacheldraht ciac-2319. California Univ Livermore Radiation Lab. 10.2172/792253
Cvitić
I.
Peraković
D.
Gupta
B.
Choo
K. K. R.
(2021). Boosting-based DDoS Detection in Internet of Things Systems.IEEE Internet of Things Journal.
Dahiya
A.
Gupta
B. B.
(2019). A PBNM and economic incentive-based defensive mechanism against DDoS attacks.Enterprise Information Systems, 1–21. 10.1080/17517575.2019.1700553
Dahiya
A.
Gupta
B. B.
(2021a). A QoS ensuring two-layered multi-attribute auction mechanism to mitigate DDoS attack.Mobile Networks and Applications, 26(3), 1043–1058. 10.1007/s11036-020-01665-6
Dahiya
A.
Gupta
B. B.
(2021b). A reputation score policy and Bayesian game theory based incentivized mechanism for DDoS attacks mitigation and cyber defense.Future Generation Computer Systems, 117, 193–204. 10.1016/j.future.2020.11.027
Dantas Silva
F. S.
Silva
E.
Neto
E. P.
Lemos
M.
Venancio Neto
A. J.
Esposito
F.
(2020). A taxonomy of DDoS attack mitigation approaches featured by SDN technologies in IoT scenarios.Sensors (Basel), 20(11), 3078. 10.3390/s2011307832485943
Dharma, N. G., Muthohar, M. F., Prayuda, J. A., Priagung, K., & Choi, D. (2015, August). Time-based DDoS detection and mitigation for SDN controller. In 2015 17th Asia-Pacific Network Operations and Management Symposium (APNOMS) (pp. 550-553). IEEE. 10.1109/APNOMS.2015.7275389
Dong
S.
Sarem
M.
(2019). DDoS attack detection method based on improved KNN with the degree of DDoS attack in software-defined networks.IEEE Access: Practical Innovations, Open Solutions, 8, 5039–5048. 10.1109/ACCESS.2019.2963077
Dong
S.
Abbas
K.
Jain
R.
(2019). A survey on distributed denial of service (DDoS) attacks in SDN and cloud computing environments.IEEE Access: Practical Innovations, Open Solutions, 7, 80813–80828. 10.1109/ACCESS.2019.2922196
Doriguzzi-Corin
R.
Millar
S.
Scott-Hayward
S.
Martinez-del-Rincon
J.
Siracusa
D.
(2020). LUCID: A practical, lightweight deep learning solution for DDoS attack detection.IEEE eTransactions on Network and Service Management, 17(2), 876–889. 10.1109/TNSM.2020.2971776
Douligeris
C.
Mitrokotsa
A.
(2004). DDoS attacks and defense mechanisms: Classification and state-of-the-art.Computer Networks, 44(5), 643–666. 10.1016/j.comnet.2003.10.003
Džaferović
E.
Sokol
A.
Abd Almisreb
A.
Norzeli
S. M.
(2019). DoS and DDoS vulnerability of IoT: A review.Sustainable Engineering and Innovation, 1(1), 43–48. 10.37868/sei.v1i1.36
Eesa
A. S.
Orman
Z.
Brifcani
A. M. A.
(2015). A novel feature-selection approach based on the cuttlefish optimization algorithm for intrusion detection systems.Expert Systems with Applications, 42(5), 2670–2679. 10.1016/j.eswa.2014.11.009
Eliyan
L. F.
Di Pietro
R.
(2021). DoS and DDoS attacks in Software Defined Networks: A survey of existing solutions and research challenges.Future Generation Computer Systems, 122, 149–171. 10.1016/j.future.2021.03.011
Eslahi
M.
Salleh
R.
Anuar
N. B.
(2012, November). Bots and botnets: An overview of characteristics, detection and challenges. In 2012 IEEE International Conference on Control System, Computing and Engineering (pp. 349-354). IEEE.10.1109/ICCSCE.2012.6487169
Evans, D. (2011, April). The Internet of Things: How the Next Evolution of the Internet Is Changing Everything?https://www.cisco.com/c/dam/en_us/about/ac79/docs/innov/IoT_IBSG_0411FINAL.pdf
Farahmandian, S., Zamani, M., Akbarabadi, A., Moghimi, Y., Mirhosseini Zadeh, S. M., & Farahmandian, S. (2013). A survey on methods to defend against DDoS attack in cloud computing. System, 6(22), 26.
Feng
W.
Zhang
Q.
Hu
G.
Huang
J. X.
(2014). Mining network data for intrusion detection through combining SVMs with ant colony networks.Future Generation Computer Systems, 37, 127–140. 10.1016/j.future.2013.06.027
Fernández-Caramés
T. M.
Fraga-Lamas
P.
(2018). A Review on the Use of Blockchain for the Internet of Things.IEEE Access: Practical Innovations, Open Solutions, 6, 32979–33001. 10.1109/ACCESS.2018.2842685
Firch, J. (2021, August 6). 2021 Cyber Security Statistics: The Ultimate List of Stats, Data & Trends. https://purplesec.us/resources/cyber-security-statistics
Fouladi, R. F., Kayatas, C. E., & Anarim, E. (2016, June). Frequency based DDoS attack detection approach using naive Bayes classification. In 2016 39th International Conference on Telecommunications and Signal Processing (TSP) (pp. 104-107). IEEE. 10.1109/TSP.2016.7760838
Garcia, M., Bessani, A., Gashi, I., Neves, N., & Obelheiro, R. (2011, June). OS diversity for intrusion tolerance: Myth or reality? In 2011 IEEE/IFIP 41st International Conference on Dependable Systems & Networks (DSN) (pp. 383-394). IEEE.
Giacomoni, J. (2013). Extending SDN architectures with F5's L4-7 application and gateway services. F5 Networks, Inc.
Gu, G., Perdisci, R., Zhang, J., & Lee, W. (2008a). Botminer: Clustering analysis of network traffic for protocol-and structure-independent botnet detection. Academic Press.
Gu, G., Zhang, J., & Lee, W. (2008b). BotSniffer: Detecting botnet command and control channels in network traffic. Academic Press.
Gupta
A.
Verma
T.
Bali
S.
Kaul
S.
(2013, January). Detecting MS initiated signaling DDoS attacks in 3G/4G wireless networks. In 2013 Fifth International Conference on Communication Systems and Networks (COMSNETS) (pp. 1-60). IEEE.10.1109/COMSNETS.2013.6465568
Hameed, S., & Ali, U. (2016, April). Efficacy of live DDoS detection with Hadoop. In NOMS 2016-2016 IEEE/IFIP Network Operations and Management Symposium (pp. 488-494). IEEE. 10.1109/NOMS.2016.7502848
Hanna, A. (2021, July 29). The Invisible U.S.-Iran Cyber War. The Iran Primer. https://iranprimer.usip.org/blog/2019/oct/25/invisible-us-iran-cyber-war
Hansen
J. V.
Lowry
P. B.
Meservy
R. D.
McDonald
D. M.
(2007). Genetic programming for prevention of cyberterrorism through dynamic and evolving intrusion detection.Decision Support Systems, 43(4), 1362–1374. 10.1016/j.dss.2006.04.004
Haworth, J. (2020, August 26). New Zealand stock exchange hit by series of DDoS attacks. The Daily Swig | Cybersecurity News and Views. https://portswigger.net/daily-swig/new-zealand-stock-exchange-hit-by-series-of-DDoS-attacks
Haworth, J. (2021a, February 16). UK cryptocurrency exchange EXMO knocked offline by ‘massive’ DDoS attack. The Daily Swig | Cybersecurity News and Views. https://portswigger.net/daily-swig/uk-cryptocurrency-exchange-exmo-knocked-offline-by-massive-ddos-attack
Haworth, J. (2021b, April 21). Telecoms industry facing increased DDoS attacks, report warns. The Daily Swig | Cybersecurity News and Views. https://portswigger.net/daily-swig/telecoms-industry-facing-increased-DDoS-attacks-report-warns
He
L.
Yan
Z.
Atiquzzaman
M.
(2018). LTE/LTE-A network security data collection and analysis for security measurement: A survey.IEEE Access: Practical Innovations, Open Solutions, 6, 4220–4242. 10.1109/ACCESS.2018.2792534
He
Q.
Wang
C.
Cui
G.
Li
B.
Zhou
R.
Zhou
Q.
Xiang
Y.
Jin
H.
Yang
Y.
(2021). A game-theoretical approach for mitigatingedge ddos attack.IEEE Transactions on Dependable and Secure Computing, 1. 10.1109/TDSC.2021.3055559
Hinton
G. E.
(2009). Deep belief networks.Scholarpedia, 4(5), 5947. 10.4249/scholarpedia.5947
Hong
K.
Kim
Y.
Choi
H.
Park
J.
(2017). SDN-assisted slow HTTP DDoS attack defense method.IEEE Communications Letters, 22(4), 688–691. 10.1109/LCOMM.2017.2766636
Hoque
N.
Bhattacharyya
D. K.
Kalita
J. K.
(2015). Botnet in DDoS attacks: Trends and challenges.IEEE Communications Surveys and Tutorials, 17(4), 2242–2270. 10.1109/COMST.2015.2457491
Hoque
N.
Bhuyan
M. H.
Baishya
R. C.
Bhattacharyya
D. K.
Kalita
J. K.
(2014). Network attacks: Taxonomy, tools and systems.Journal of Network and Computer Applications, 40, 307–324. 10.1016/j.jnca.2013.08.001
Hoque
N.
Kashyap
H.
Bhattacharyya
D. K.
(2017). Real-time DDoS attack detection using FPGA.Computer Communications, 110, 48–58. 10.1016/j.comcom.2017.05.015
Hsu
F. H.
Ou
C. W.
Hwang
Y. L.
Chang
Y. C.
Lin
P. C.
(2017). Detecting web-based botnets using bot communication traffic features.Security and Communication Networks, 2017, 2017. 10.1155/2017/5960307
Hu
W.
Hu
W.
Maybank
S.
(2008). Adaboost-based algorithm for network intrusion detection.IEEE Transactions on Systems, Man, and Cybernetics. Part B, Cybernetics, 38(2), 577–583. 10.1109/TSMCB.2007.91469518348941
Humayed
A.
Lin
J.
Li
F.
Luo
B.
(2017). Cyber-physical systems security—A survey.IEEE Internet of Things Journal, 4(6), 1802–1831. 10.1109/JIOT.2017.2703172
Huntley, S. (2020, October 16). How we’re tackling evolving online threats. Google. https://blog.google/threat-analysis-group/how-were-tackling-evolving-online-threats/
Hussain
B.
Du
Q.
Sun
B.
Han
Z.
(2020). Deep learning-based DDoS-attack detection for cyber–physical system over 5G network.IEEE Transactions on Industrial Informatics, 17(2), 860–870. 10.1109/TII.2020.2974520
IC3. (2020). Internet crime report 2020. Internet Crime Complaint Center. https://www.ic3.gov/Media/PDF/AnnualReport/2020_IC3Report.pdf
IDG. (2020, July 20). 2020 Cloud computing study. International Data Group. https://www.idg.com/tools-for-marketers/2020-cloud-computing-study/
ITIC. (2019, May 16). Hourly Downtime Costs Rise: 86% of Firms Say One Hour of Downtime Costs $300,000+; 34% of Companies Say One Hour of Downtime Tops $1Million. Information Technology Intelligence Consulting. https://itic-corp.com/blog/2019/05/hourly-downtime-costs-rise-86-of-firms-say-one-hour-of-downtime-costs-300000-34-of-companies-say-one-hour-of-downtime-tops-1million/
Jia
B.
Huang
X.
Liu
R.
Ma
Y.
(2017). A DDoS attack detection method based on hybrid heterogeneous multiclassifier ensemble learning.Journal of Electrical and Computer Engineering, 2017, 2017. 10.1155/2017/4975343
Joshi
B.
Vijayan
A. S.
Joshi
B. K.
(2012, January). Securing cloud computing environment against DDoS attacks. In 2012 International Conference on Computer Communication and Informatics (pp. 1-5). IEEE.10.1109/ICCCI.2012.6158817
Juniper. (2020, March 31). IoT connections to reach 83 billion by 2024, driven by maturing industrial use cases. Juniper Research. https://www.juniperresearch.com/press/iot-connections-to-reach-83-bn-by-2024
Kamboj, P., Trivedi, M. C., Yadav, V. K., & Singh, V. K. (2017, October). Detection techniques of DDoS attacks: A survey. In 2017 4th IEEE Uttar Pradesh Section International Conference on Electrical, Computer and Electronics (UPCON) (pp. 675-679). IEEE. 10.1109/UPCON.2017.8251130
Karame
G.
(2016, October). On the security and scalability of bitcoin’s blockchain. In Proceedings of the 2016 ACM SIGSAC conference on computer and communications security (pp. 1861-1862). 10.1145/2976749.2976756
Kaspersky. (2021, May 26). IT threats during the 2016 Olympic Games in Brazil. https://www.kaspersky.com/about/press-releases/2016_it-threats-during-the-2016-olympic-games-in-brazil
Khan
L.
Awad
M.
Thuraisingham
B.
(2007). A new intrusion detection system using support vector machines and hierarchical clustering.The VLDB Journal, 16(4), 507–521. 10.1007/s00778-006-0002-5
Khattak
S.
Ramay
N. R.
Khan
K. R.
Syed
A. A.
Khayam
S. A.
(2013). A taxonomy of botnet behavior, detection, and defense.IEEE Communications Surveys and Tutorials, 16(2), 898–924. 10.1109/SURV.2013.091213.00134
Kolias
C.
Kambourakis
G.
Stavrou
A.
Voas
J.
(2017). DDoS in the IoT: Mirai and other botnets.Computer, 50(7), 80–84. 10.1109/MC.2017.201
Koo, T. M., Chang, H. C., & Wei, G. Q. (2011, June). Construction P2P firewall HTTP-Botnet defense mechanism. In 2011 IEEE International Conference on Computer Science and Automation Engineering (Vol. 1, pp. 33-39). IEEE.
Kumar
R.
Arun
P.
Selvakumar
S.
(2009, March). Distributed denial-of-service (ddos) threat in collaborative environment-a survey on ddos attack tools and traceback mechanisms. In 2009 IEEE International Advance Computing Conference (pp. 1275-1280). IEEE.
Lan, L., & Jun, L. (2013, December). Some special issues of network security monitoring on big data environments. In 2013 IEEE 11th International Conference on Dependable, Autonomic and Secure Computing (pp. 10-15). IEEE. 10.1109/DASC.2013.30
Lee, J., Uddin, M., Tourrilhes, J., Sen, S., Banerjee, S., Arndt, M., . . . Nadeem, T. (2014, June). mesdn: Mobile extension of sdn. In Proceedings of the fifth international workshop on Mobile cloud computing & services (pp. 7-14). Academic Press.
Lee
K.
James
J. I.
Ejeta
T. G.
Kim
H. J.
(2016). Electronic voting service using block-chain. Journal of Digital Forensics. Security and Law, 11(2), 8.
Leyden, J. (2020, June 18). DDoS attacks continue to surge during coronavirus pandemic. The Daily Swig | Cybersecurity News and Views. https://portswigger.net/daily-swig/ddos-attacks-continue-to-surge-during-coronavirus-pandemic
Li
C.
Jiang
W.
Zou
X.
(2009, December). Botnet: Survey and case study. In 2009 Fourth International Conference on Innovative Computing, Information and Control (ICICIC) (pp. 1184-1187). IEEE.10.1109/ICICIC.2009.127
Li
C.
Wu
Y.
Yuan
X.
Sun
Z.
Wang
W.
Li
X.
Gong
L.
(2018). Detection and defense of DDoS attack–based on deep learning in OpenFlow‐based SDN.International Journal of Communication Systems, 31(5), e3497. 10.1002/dac.3497
Li
Y.
Guo
L.
(2007). An active learning based TCM-KNN algorithm for supervised network intrusion detection.Computers & Security, 26(7-8), 459–467. 10.1016/j.cose.2007.10.002
Lin
W. C.
Ke
S. W.
Tsai
C. F.
(2015). CANN: An intrusion detection system based on combining cluster centers and nearest neighbors.Knowledge-Based Systems, 78, 13–21. 10.1016/j.knosys.2015.01.009
Liu
G.
Yi
Z.
Yang
S.
(2007). A hierarchical intrusion detection model based on the PCA neural networks.Neurocomputing, 70(7-9), 1561–1568. 10.1016/j.neucom.2006.10.146
Mahmood, T., & Afzal, U. (2013, December). Security analytics: Big data analytics for cybersecurity: A review of trends, techniques and tools. In 2013 2nd national conference on Information assurance (ncia) (pp. 129-134). IEEE.
Mamolar
A. S.
Pervez
Z.
Wang
Q.
Alcaraz-Calero
J. M.
(2019, June). Towards the detection of mobile ddos attacks in 5g multi-tenant networks. In 2019 European Conference on Networks and Communications (EuCNC) (pp. 273-277). IEEE.10.1109/EuCNC.2019.8801975
Mani
N.
Moh
M.
Moh
T. S.
(2021). Defending deep learning models against adversarial attacks.International Journal of Software Science and Computational Intelligence, 13(1), 72–89. 10.4018/IJSSCI.2021010105
Marr, B. (2021, July 13). What Is The Internet of Things (IoT) And How Will It Change Our World? Bernard Marr. https://bernardmarr.com/what-is-the-internet-of-things-iot-and-how-will-it-change-our-world/
Masdari
M.
Jalali
M.
(2016). A survey and taxonomy of DoS attacks in cloud computing.Security and Communication Networks, 9(16), 3724–3751. 10.1002/sec.1539
Mavoungou
S.
Kaddoum
G.
Taha
M.
Matar
G.
(2016). Survey on threats and attacks on mobile networks.IEEE Access: Practical Innovations, Open Solutions, 4, 4543–4572. 10.1109/ACCESS.2016.2601009
Michalas, A., Komninos, N., & Prasad, N. R. (2011, February). Multiplayer game for ddos attacks resilience in ad hoc networks. In 2011 2nd International Conference on Wireless Communication, Vehicular Technology, Information Theory and Aerospace & Electronic Systems Technology (Wireless VITAE) (pp. 1-5). IEEE. 10.1109/WIRELESSVITAE.2011.5940931
Mirkin
M.
Ji
Y.
Pang
J.
Klages-Mundt
A.
Eyal
I.
Juels
A.
(2020, October). BDoS: Blockchain denial-of-service. In Proceedings of the 2020 ACM SIGSAC conference on Computer and Communications Security (pp. 601-619). 10.1145/3372297.3417247
Mirkovic
J.
Reiher
P.
(2004). A taxonomy of DDoS attack and DDoS defense mechanisms.Computer Communication Review, 34(2), 39–53. 10.1145/997150.997156
Mirkovic
J.
Arikan
E.
Wei
S.
Thomas
R.
Fahmy
S.
Reiher
P.
(2006, October). Benchmarks for DDoS defense evaluation. In MILCOM 2006-2006 IEEE Military Communications conference (pp. 1–10). IEEE.
Mishra
A.
Gupta
N.
Gupta
B. B.
(2021). Defense mechanisms against DDoS attack based on entropy in SDN-cloud using POX controller.Telecommunication Systems, 77(1), 47–62. 10.1007/s11235-020-00747-w
Mizukoshi
M.
Munetomo
M.
(2015, May). Distributed denial of services attack protection system with genetic algorithms on Hadoop cluster computing framework. In 2015 IEEE Congress on Evolutionary Computation (CEC) (pp. 1575-1580). IEEE.10.1109/CEC.2015.7257075
Mladenov, B. (2019, May). Studying the DDoS attack effect over SDN controller southbound channel. In 2019 X National Conference with International Participation (ELECTRONICA) (pp. 1-4). IEEE. 10.1109/ELECTRONICA.2019.8825601
Mölsä
J.
(2005). Mitigating denial of service attacks: A tutorial.Journal of Computer Security, 13(6), 807–837. 10.3233/JCS-2005-13601
Munshi, A., Alqarni, N. A., & Almalki, N. A. (2020, March). Ddos attack on IoT devices. In 2020 3rd International Conference on Computer Applications & Information Security (ICCAIS) (pp. 1-5). IEEE. 10.1109/ICCAIS48893.2020.9096818
Murynets
I.
Jover
R. P.
(2013, June). Anomaly detection in cellular machine-to-machine communications. In 2013 IEEE International Conference on Communications (ICC) (pp. 2138-2143). IEEE.10.1109/ICC.2013.6654843
Nagpal, B., Sharma, P., Chauhan, N., & Panesar, A. (2015, March). DDoS tools: Classification, analysis and comparison. In 2015 2nd International Conference on Computing for Sustainable Global Development (INDIACom) (pp. 342-346). IEEE.
Naoumov, N., & Ross, K. (2006, May). Exploiting p2p systems for ddos attacks. In Proceedings of the 1st international conference on Scalable information systems (pp. 47-es). Academic Press.
Nexusguard. (2020). Annual DDoS threat report 2020.https://blog.nexusguard.com/threat-report/annual-threat-report-2020
Noizat
P.
(2015). Blockchain electronic vote. In Handbook of digital currency (pp. 453–461). Academic Press. 10.1016/B978-0-12-802117-0.00022-9
Osborne, C. (2020, June 20). DDoS surge driven by attacks on education, government, and coronavirus information sites. The Daily Swig | Cybersecurity News and Views. https://portswigger.net/daily-swig/ddos-surge-driven-by-attacks-on-education-government-and-coronavirus-information-sites
Parashar, M., Poonia, A., & Satish, K. (2019, July). A survey of attacks and their mitigations in software defined networks. In 2019 10th International Conference on Computing, Communication and Networking Technologies (ICCCNT) (pp. 1-8). IEEE. 10.1109/ICCCNT45670.2019.8944621
Patel
C. M.
Borisagar
A. P. V. H.
(2012). Survey on taxonomy of ddos attacks with impact and mitigation techniques.International Journal of Engineering Research & Technology (Ahmedabad), 1(9).
PCMag. (2010, October 29). “Anonymous” DDoS Takes Down RIAA Site.https://www.pcmag.com/archive/anonymous-ddos-attack-takes-down-riaa-site-256328
Peng
T.
Leckie
C.
Ramamohanarao
K.
(2007). Survey of network-based defense mechanisms countering the DoS and DDoS problems.ACM Computing Surveys, 39(1), 3. 10.1145/1216370.1216373
Perboli
G.
Musso
S.
Rosano
M.
(2018). Blockchain in logistics and supply chain: A lean approach for designing real-world use cases.IEEE Access: Practical Innovations, Open Solutions, 6, 62018–62028. 10.1109/ACCESS.2018.2875782
Pérez-Díaz
J. A.
Valdovinos
I. A.
Choo
K. K. R.
Zhu
D.
(2020). A flexible SDN-based architecture for identifying and mitigating low-rate DDoS attacks using machine learning.IEEE Access: Practical Innovations, Open Solutions, 8, 155859–155872. 10.1109/ACCESS.2020.3019330
Poisel, R., Rybnicek, M., & Tjoa, S. (2013, March). Game-based simulation of Distributed Denial of Service (DDoS) attack and defense mechanisms of Critical Infrastructures. In 2013 IEEE 27th International Conference on Advanced Information Networking and Applications (AINA) (pp. 114-120). IEEE.
Praseed
A.
Thilagam
P. S.
(2018). DDoS attacks at the application layer: Challenges and research perspectives for safeguarding web applications.IEEE Communications Surveys and Tutorials, 21(1), 661–685. 10.1109/COMST.2018.2870658
Qi, M. (2009, August). P2P network-targeted DDoS attacks. In 2009 Second International Conference on the Applications of Digital Information and Web Technologies (pp. 843-845). IEEE.
Qi
M.
Yang
Y.
(2009, August). P2PDDoS: challenges and countermeasures. In 2009 Sixth International Conference on Fuzzy Systems and Knowledge Discovery (Vol. 7, pp. 265-268). IEEE.
Qwasmi, N., Ahmed, F., & Liscano, R. (2011, September). simulation of ddos attacks on p2p networks. In 2011 IEEE International Conference on High Performance Computing and Communications (pp. 610-614). IEEE.
Raj
P.
(Ed.). (2014). Handbook of research on cloud infrastructures for big data analytics. IGI Global. 10.4018/978-1-4666-5864-6
Riorey. (2012). Taxonomy of DDoS attacks. RioRey: The DDoS Specialist. https://www.riorey.com/types-of-ddos-attacks/
Rochlis
J. A.
Eichin
M. W.
(1989). With microscope and tweezers: The worm from MIT’s perspective.Communications of the ACM, 32(6), 689–698. 10.1145/63526.63528
Ron
T. I.
Attias
S.
(2017). Case analysis for the effect of blockchain technology in the gaming regulatory environment.Gaming Law Review, 21(6), 459–460. 10.1089/glr2.2017.21613
Roopak, M., Tian, G. Y., & Chambers, J. (2019, January). Deep learning models for cyber security in IoT networks. In 2019 IEEE 9th annual computing and communication workshop and conference (CCWC) (pp. 452-457). IEEE. 10.1109/CCWC.2019.8666588
Saad
M.
Njilla
L.
Kamhoua
C.
Kim
J.
Nyang
D.
Mohaisen
A.
(2019, May). Mempool optimization for defending against ddos attacks in pow-based blockchain systems. In 2019 IEEE International Conference on Blockchain and Cryptocurrency (ICBC) (pp. 285-292). IEEE.10.1109/BLOC.2019.8751476
Saad
M.
Spaulding
J.
Njilla
L.
Kamhoua
C.
Shetty
S.
Nyang
D.
Mohaisen
D.
(2020). Exploring the attack surface of blockchain: A comprehensive survey.IEEE Communications Surveys and Tutorials, 22(3), 1977–2008. 10.1109/COMST.2020.2975999
Saad
M.
Thai
M. T.
Mohaisen
A.
(2018, May). POSTER: deterring ddos attacks on blockchain-based cryptocurrencies through mempool optimization. In Proceedings of the 2018 on Asia Conference on Computer and Communications Security (pp. 809-811). 10.1145/3196494.3201584
Sambandam
N.
Hussein
M.
Siddiqi
N.
Lung
C. H.
(2018, December). Network security for iot using sdn: Timely ddos detection. In 2018 IEEE Conference on Dependable and Secure Computing (DSC) (pp. 1-2). IEEE.10.1109/DESEC.2018.8625119
Sangkatsanee
P.
Wattanapongsakorn
N.
Charnsripinyo
C.
(2011). Practical real-time intrusion detection using machine learning approaches.Computer Communications, 34(18), 2227–2235. 10.1016/j.comcom.2011.07.001
Sarasamma
S. T.
Zhu
Q. A.
Huff
J.
(2005). Hierarchical Kohonenen net for anomaly detection in network security.IEEE Transactions on Systems, Man, and Cybernetics. Part B, Cybernetics, 35(2), 302–312. 10.1109/TSMCB.2005.84327415828658
Schonfeld, E. (2010, November 28). WikiLeaks Reports It Is Under a Denial of Service Attack. TechCrunch. https://techcrunch.com/2010/11/28/wikileaks-ddos-attack/
Selvi
V.
Shebin
R.
(2016, March). Game theory based mitigation of Interest flooding in Named Data Network. In 2016 International Conference on Wireless Communications, Signal Processing and Networking (WiSPNET) (pp. 685-689). IEEE.10.1109/WiSPNET.2016.7566220
Sharafaldin
I.
Lashkari
A. H.
Hakak
S.
Ghorbani
A. A.
(2019, October). Developing realistic distributed denial of service (DDoS) attack dataset and taxonomy. In 2019 International Carnahan Conference on Security Technology (ICCST) (pp. 1-8). IEEE.10.1109/CCST.2019.8888419
Shawahna
A.
Abu-Amara
M.
Mahmoud
A. S.
Osais
Y.
(2018). EDoS-ADS: An enhanced mitigation technique against economic denial of sustainability (EDoS) attacks.IEEE Transactions on Cloud Computing, 8(3), 790–804. 10.1109/TCC.2018.2805907
Shi
P.
Lian
Y.
(2008, April). Game-theoretical effectiveness evaluation of DDoS defense. In Seventh International Conference on Networking (icn 2008) (pp. 427-433). IEEE.10.1109/ICN.2008.121
Shidaganti
G. I.
Inamdar
A. S.
Rai
S. V.
Rajeev
A. M.
(2020). Scef: A model for prevention of ddos attacks from the cloud.International Journal of Cloud Applications and Computing, 10(3), 67–80. 10.4018/IJCAC.2020070104
Shon
T.
Moon
J.
(2007). A hybrid machine learning approach to network anomaly detection.Information Sciences, 177(18), 3799–3821. 10.1016/j.ins.2007.03.025
Singel, R. (2008, January 23). War Breaks Out Between Hackers and Scientology – There Can Be Only One. Wired. https://www.wired.com/2008/01/anonymous-attac/
Singh
K.
Guntuku
S. C.
Thakur
A.
Hota
C.
(2014). Big data analytics framework for peer-to-peer botnet detection using random forests.Information Sciences, 278, 488–497. 10.1016/j.ins.2014.03.066
Somani
G.
Gaur
M. S.
Sanghi
D.
Conti
M.
Rajarajan
M.
(2017a). DDoS victim service containment to minimize the internal collateral damages in cloud computing.Computers & Electrical Engineering, 59, 165–179. 10.1016/j.compeleceng.2016.12.004
Somani
G.
Gaur
M. S.
Sanghi
D.
Conti
M.
Rajarajan
M.
(2017b). Scale inside-out: Rapid mitigation of cloud DDoS attacks.IEEE Transactions on Dependable and Secure Computing, 15(6), 959–973. 10.1109/TDSC.2017.2763160
Specht
S.
Lee
R.
(2003). Taxonomies of distributed denial of service networks, attacks, tools and countermeasures. CEL2003-03. Princeton University.
Stehman
S. V.
(1997). Selecting and interpreting measures of thematic classification accuracy.Remote Sensing of Environment, 62(1), 77–89. 10.1016/S0034-4257(97)00083-7
Su
S. C.
Chen
Y. R.
Tsai
S. C.
Lin
Y. B.
(2018). Detecting p2p botnet in software defined networks.Security and Communication Networks, 2018, 2018. 10.1155/2018/4723862
Sudar
K. M.
Beulah
M.
Deepalakshmi
P.
Nagaraj
P.
Chinnasamy
P.
(2021, January). Detection of Distributed Denial of Service Attacks in SDN using Machine learning techniques. In 2021 International Conference on Computer Communication and Informatics (ICCCI) (pp. 1-5). IEEE.10.1109/ICCCI50826.2021.9402517
Sun, W., Li, Y., & Guan, S. (2019, August). An improved method of DDoS attack detection for controller of SDN. In 2019 IEEE 2nd International Conference on Computer and Communication Engineering Technology (CCET) (pp. 249-253). IEEE. 10.1109/CCET48361.2019.8989356
Sung
K. Y.
Hsiao
S. W.
(2019, December). Mitigating DDoS with PoW and Game Theory. In 2019 IEEE International Conference on Big Data (Big Data) (pp. 6223-6225). IEEE.10.1109/BigData47090.2019.9006081
Taj
A.
Khalil
I.
(2018, November). DDoS defence mechanisms and challenges.International Journal of Basic & Applied Sciences, 6(11).
Tariq
U.
Hong
M.
Lhee
K. S.
(2006, August). A comprehensive categorization of DDoS attack and DDoS defense techniques. In International Conference on Advanced Data Mining and Applications (pp. 1025-1036). Springer. 10.1007/11811305_112
Tewari
A.
Gupta
B. B.
(2020). Secure Timestamp-Based Mutual Authentication Protocol for IoT Devices Using RFID Tags.International Journal on Semantic Web and Information Systems, 16(3), 20–34. 10.4018/IJSWIS.2020070102
Thomas
R. M.
James
D.
(2017, August). DDOS detection and denial using third party application in SDN. In 2017 International Conference on Energy, Communication, Data Analytics and Soft Computing (ICECDS) (pp. 3892-3897). IEEE.10.1109/ICECDS.2017.8390193
Tong
X.
Wang
Z.
Yu
H.
(2009). A research using hybrid RBF/Elman neural networks for intrusion detection system secure model.Computer Physics Communications, 180(10), 1795–1801. 10.1016/j.cpc.2009.05.004
Tschorsch
F.
Scheuermann
B.
(2016). Bitcoin and beyond: A technical survey on decentralized digital currencies.IEEE Communications Surveys and Tutorials, 18(3), 2084–2123. 10.1109/COMST.2016.2535718
Tu
G. H.
Li
C. Y.
Peng
C.
Lu
S.
(2015, September). How voice call technology poses security threats in 4g lte networks. In 2015 IEEE Conference on Communications and Network Security (CNS) (pp. 442-450). IEEE.10.1109/CNS.2015.7346856
Vishnoi
A.
Mishra
P.
Negi
C.
Peddoju
S. K.
(2021). Android Malware Detection Techniques in Traditional and Cloud Computing Platforms: A State-of-the-Art Survey.International Journal of Cloud Applications and Computing, 11(4), 113–135. 10.4018/IJCAC.2021100107
Vishwakarma, R., & Jain, A. K. (2019, April). A honeypot with machine learning based detection framework for defending IoT based Botnet DDoS attacks. In 2019 3rd International Conference on Trends in Electronics and Informatics (ICOEI) (pp. 1019-1024). IEEE. 10.1109/ICOEI.2019.8862720
Wang
G.
Hao
J.
Ma
J.
Huang
L.
(2010). A new approach to intrusion detection using Artificial Neural Networks and fuzzy clustering.Expert Systems with Applications, 37(9), 6225–6232. 10.1016/j.eswa.2010.02.102
Wang
H.
Jin
C.
Shin
K. G.
(2007). Defense against spoofed IP traffic using hop-count filtering.IEEE/ACM Transactions on Networking, 15(1), 40–53. 10.1109/TNET.2006.890133
Wang, Y., & Li, G. (2019, July). Detect Triangle Attack on Blockchain by Trace Analysis. In 2019 IEEE 19th International Conference on Software Quality, Reliability and Security Companion (QRS-C) (pp. 316-321). IEEE. 10.1109/QRS-C.2019.00066
Wei
W.
Dong
Y.
Lu
D.
(2008, September). Optimal control of DDoS defense with multi-resource max-min fairness. In 2008 IEEE Conference on Cybernetics and Intelligent Systems (pp. 1285-1293). IEEE.10.1109/ICCIS.2008.4670732
Wei
Z.
Tang
H.
Yu
F. R.
Wang
M.
Mason
P.
(2014). Security enhancements for mobile ad hoc networks with trust management using uncertain reasoning.IEEE Transactions on Vehicular Technology, 63(9), 4647–4658. 10.1109/TVT.2014.2313865
Wen
Y.
Lu
F.
Liu
Y.
Huang
X.
(2021). Attacks and countermeasures on blockchains: A survey from layering perspective.Computer Networks, 191, 107978. 10.1016/j.comnet.2021.107978
Wu
S.
Chen
Y.
Li
M.
Luo
X.
Liu
Z.
Liu
L.
(2020). Survive and thrive: A stochastic game for DDoS attacks in bitcoin mining pools.IEEE/ACM Transactions on Networking, 28(2), 874–887. 10.1109/TNET.2020.2973410
Wu
Z.
Pan
Q.
Yue
M.
Liu
L.
(2019). Sequence alignment detection of TCP-targeted synchronous low-rate DoS attacks.Computer Networks, 152, 64–77. 10.1016/j.comnet.2019.01.031
Xiang
C.
Yong
P. C.
Meng
L. S.
(2008). Design of multiple-level hybrid classifier for intrusion detection system using Bayesian clustering and decision trees.Pattern Recognition Letters, 29(7), 918–924. 10.1016/j.patrec.2008.01.008
Xiang
Y.
Zhou
W.
(2005, July). A defense system against DDOS attacks by large-scale IP traceback. In Third International Conference on Information Technology and Applications (ICITA’05) (Vol. 2, pp. 431-436). IEEE.10.1109/ICITA.2005.10
Xiao
Z.
Xiao
Y.
(2012). Security and privacy in cloud computing.IEEE Communications Surveys and Tutorials, 15(2), 843–859. 10.1109/SURV.2012.060912.00182
Xu
R.
Cheng
J.
Wang
F.
Tang
X.
Xu
J.
(2019). A DRDoS detection and defense method based on deep forest in the big data environment.Symmetry, 11(1), 78. 10.3390/sym11010078
Yan
Q.
Yu
F. R.
(2015). Distributed denial of service attacks in software-defined networking with cloud computing.IEEE Communications Magazine, 53(4), 52–59. 10.1109/MCOM.2015.7081075
Yan
Q.
Yu
F. R.
Gong
Q.
Li
J.
(2015). Software-defined networking (SDN) and distributed denial of service (DDoS) attacks in cloud computing environments: A survey, some research issues, and challenges.IEEE Communications Surveys and Tutorials, 18(1), 602–622. 10.1109/COMST.2015.2487361
Yu
F. R.
Tang
H.
Mason
P. C.
Wang
F.
(2010). A hierarchical identity based key management scheme in tactical mobile ad hoc networks.IEEE eTransactions on Network and Service Management, 7(4), 258–267. 10.1109/TNSM.2010.1012.0362
Yu
J.
Li
Z.
Chen
H.
Chen
X.
(2007, June). A detection and offense mechanism to defend against application layer DDoS attacks. In International Conference on Networking and Services (ICNS’07) (pp. 54-54). IEEE.10.1109/ICNS.2007.5
Yuan
X.
Li
C.
Li
X.
(2017, May). DeepDefense: identifying DDoS attack via deep learning. In 2017 IEEE International Conference on Smart Computing (SMARTCOMP) (pp. 1-8). IEEE.10.1109/SMARTCOMP.2017.7946998
Yue, X., Qiu, X., Ji, Y., & Zhang, C. (2009, February). P2P attack taxonomy and relationship analysis. In 2009 11th International Conference on Advanced Communication Technology (Vol. 2, pp. 1207-1210). IEEE.
Zargar
S. T.
Joshi
J.
Tipper
D.
(2013). A survey of defense mechanisms against distributed denial of service (DDoS) flooding attacks.IEEE Communications Surveys and Tutorials, 15(4), 2046–2069. 10.1109/SURV.2013.031413.00127
Zargar
S. T.
Takabi
H.
Joshi
J. B.
(2011, October). DCDIDP: A distributed, collaborative, and data-driven intrusion detection and prevention framework for cloud computing environments. In 7th International Conference on Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom) (pp. 332-341). IEEE.
Zhang
C.
Jiang
J.
Kamel
M.
(2005). Intrusion detection using hierarchical neural networks.Pattern Recognition Letters, 26(6), 779–791. 10.1016/j.patrec.2004.09.045
Zhao, S., Chen, K., & Zheng, W. (2009, August). Defend against denial of service attack with VMM. In 2009 eighth international conference on grid and cooperative computing (pp. 91-96). IEEE. 10.1109/GCC.2009.14
Zhijun
W.
Wenjing
L.
Liang
L.
Meng
Y.
(2020). Low-rate DoS attacks, detection, defense, and challenges: A survey.IEEE Access: Practical Innovations, Open Solutions, 8, 43920–43943. 10.1109/ACCESS.2020.2976609