Zhiyi Zhang;Guorui Xiao;Sichen Song;R. Can Aygun;Angelos Stavrou;Lixia Zhang;Eric Osterweil
{"title":"Revealing Protocol Architecture’s Design Patterns in the Volumetric DDoS Defense Design Space","authors":"Zhiyi Zhang;Guorui Xiao;Sichen Song;R. Can Aygun;Angelos Stavrou;Lixia Zhang;Eric Osterweil","doi":"10.1109/COMST.2024.3392253","DOIUrl":null,"url":null,"abstract":"Distributed Denial of Service (DDoS) attacks have plagued the Internet for decades. Despite the ever-increasing investments into mitigation solution development, DDoS attacks continue to grow with ever-increasing frequency and magnitude. To identify the root cause of the above-observed trend, in this paper, we conduct a systematic and architectural evaluation of volumetric DDoS detection and mitigation efforts over 24,000 papers, articles, and RFCs over 30+ years. To that end, we introduce a novel approach for systematizing comparisons of DDoS research, resulting in a comprehensive examination of the DDoS literature. Our analysis illustrates a small set of common design patterns across seemingly disparate solutions, and reveals insights into deployment traction and success of DDoS solutions. Furthermore, we discuss economic incentives and the lack of harmony between synergistic but independent approaches for detection and mitigation. As expected, defenses with a clear cost/benefit rationale are more prevalent than those that require extensive infrastructure changes. Finally, we discuss the lessons learned which we hope can shed light on future directions that can potentially turn the tide of the war against DDoS.","PeriodicalId":55029,"journal":{"name":"IEEE Communications Surveys and Tutorials","volume":"27 1","pages":"353-371"},"PeriodicalIF":34.4000,"publicationDate":"2024-04-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Communications Surveys and Tutorials","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10506756/","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0
Abstract
Distributed Denial of Service (DDoS) attacks have plagued the Internet for decades. Despite the ever-increasing investments into mitigation solution development, DDoS attacks continue to grow with ever-increasing frequency and magnitude. To identify the root cause of the above-observed trend, in this paper, we conduct a systematic and architectural evaluation of volumetric DDoS detection and mitigation efforts over 24,000 papers, articles, and RFCs over 30+ years. To that end, we introduce a novel approach for systematizing comparisons of DDoS research, resulting in a comprehensive examination of the DDoS literature. Our analysis illustrates a small set of common design patterns across seemingly disparate solutions, and reveals insights into deployment traction and success of DDoS solutions. Furthermore, we discuss economic incentives and the lack of harmony between synergistic but independent approaches for detection and mitigation. As expected, defenses with a clear cost/benefit rationale are more prevalent than those that require extensive infrastructure changes. Finally, we discuss the lessons learned which we hope can shed light on future directions that can potentially turn the tide of the war against DDoS.
期刊介绍:
IEEE Communications Surveys & Tutorials is an online journal published by the IEEE Communications Society for tutorials and surveys covering all aspects of the communications field. Telecommunications technology is progressing at a rapid pace, and the IEEE Communications Society is committed to providing researchers and other professionals the information and tools to stay abreast. IEEE Communications Surveys and Tutorials focuses on integrating and adding understanding to the existing literature on communications, putting results in context. Whether searching for in-depth information about a familiar area or an introduction into a new area, IEEE Communications Surveys & Tutorials aims to be the premier source of peer-reviewed, comprehensive tutorials and surveys, and pointers to further sources. IEEE Communications Surveys & Tutorials publishes only articles exclusively written for IEEE Communications Surveys & Tutorials and go through a rigorous review process before their publication in the quarterly issues.
A tutorial article in the IEEE Communications Surveys & Tutorials should be designed to help the reader to become familiar with and learn something specific about a chosen topic. In contrast, the term survey, as applied here, is defined to mean a survey of the literature. A survey article in IEEE Communications Surveys & Tutorials should provide a comprehensive review of developments in a selected area, covering its development from its inception to its current state and beyond, and illustrating its development through liberal citations from the literature. Both tutorials and surveys should be tutorial in nature and should be written in a style comprehensible to readers outside the specialty of the article.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
