Abstract
Socially and economically, the distributed denial-of-service (DDoS) attacks have been serious threats in the cyber world. Despite of many researches, current defense methods can be vulnerable to the DDoS attacks of unknown traffic pattern to avoid the methods. That is because most of the defense policies configured for the methods are fixed thresholds that were mainly determined by the learning of traffic volume. To overcome the problem caused by the fixed thresholds, we introduce the endpoint mitigation method based on the dynamic thresholding of DDoS defense policies according to the usage changes of system resources. We focused on the fact that the usage changes of system resources show the abnormal statuses of server if the failure/delay of service is occurred by the DDoS attacks that have not been blocked by current defense thresholds. The proposed method detects the server overload as measuring the usage changes of system resources and automatically adjusts current defense thresholds in conjunction with the strength of usage change. As the result, the service problem caused by the DDoS attacks can be gradually mitigated by the automatic threshold controlling of our method.
Chapter PDF
References
Internet World Stats. Internet Growth Statistics, http://www.internetworldstats.com/emarketing.html
The Internet Economist. The Internet Economy 25 years After.com, http://www.itif.org/files/2010-25-years.pdf
Symantec. Internet Security Threat Report-Volume XV, http://eval.symantec.com/mktginfo/enterprise/white_papers/b-whitepaper_internet_security_threat_report_xv_04-2010.en-us.pdf
Cisco. Cisco 2010 Annual Security Report, http://www.cisco.com/en/US/prod/collateral/vpndevc/security_annual_report_2010.pdf
Symantec. Symantec’s monthly state of spam report (October 2008), http://eval.symantec.com/mktginfo/enterprise/other_resources/b-state_of_spam_report_10-2008.en-us.pdf
Lee, J.-H., Sohn, S.-G., Chang, B.-H., Chung, T.-M.: PKG-VUL: Security Vulnerability Evaluation and Patch Framework for Package-Based Systems. ETRI Journal (2009)
Hauri. 7.7 DDos Virus Report, http://www.maxoverpro.org/77DDoS.pdf
Liu, X., Yang, X., Xia, Y.: NetFence: Preventing Internet Denial of Service from Inside Out. In: ACM SIGCOMM (2010)
Argyraki, K., Cheriton, D.: Scalable Network-layer Defense Against Internet Bandwidth-Flooding Attacks. ACM/IEEE ToN 17(4) (2009)
Carl, G., Kesidis, G., Brooks, R.: Denial-of-Service Attack-Detection Techniques. IEEE Internet Computing 10, 82–89 (2006)
Vijayasarathy, R., Raghavan, S., Ravindran, B.: A system approach to network modelling for DDoS detection using a Naive Bayesian classifier. In: Communication Systems and Networks, COMSNETS (2011)
Yu., S., Zhou, W., Dross, R., Jia, W.: Traceback of DDoS Attacks Using Entropy Variations. IEEE Transactions on Parallel and Distributed Systems 22 (2011)
The Open Web Application Security Project. OWASP HTTP Post Tool, https://www.owasp.org/index.php/OWASP_HTTP_Post_Tool
Chang, B.-H., Jeong, C.: An Efficient Network Attack Visualization Using Security Quad and Cube. ETRI Journal (2011)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Kim, D., Kim, B., Kim, I., Kim, J., Cho, H. (2012). Endpoint Mitigation of DDoS Attacks Based on Dynamic Thresholding. In: Chim, T.W., Yuen, T.H. (eds) Information and Communications Security. ICICS 2012. Lecture Notes in Computer Science, vol 7618. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-34129-8_36
Download citation
DOI: https://doi.org/10.1007/978-3-642-34129-8_36
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-34128-1
Online ISBN: 978-3-642-34129-8
eBook Packages: Computer ScienceComputer Science (R0)