Survey of network-based defense mechanisms countering the DoS and DDoS problems

被引：374

作者：

Peng, Tao ^{[1
]}

Leckie, Christopher ^{[1
]}

Ramamohanarao, Kotagiri ^{[1
]}

机构：

[1] Univ Melbourne, Dept Comp Sci & Software Engn, Parkville, Vic 3052, Australia

来源：

ACM COMPUTING SURVEYS | 2007年 / 39卷 / 01期

关键词：

reliability; security; botnet; bandwidth attack; DNS reflector attack; DoS; DDoS; Internet security; IP spoofing; IP traceback; IRC; resource management; SYN flood; VoIP security;

D O I：

10.1145/1216370.1216373

中图分类号：

TP301 [理论、方法];

学科分类号：

081202 ;

摘要：

This article presents a survey of denial of service attacks and the methods that have been proposed for defense against these attacks. In this survey, we analyze the design decisions in the Internet that have created the potential for denial of service attacks. We review the state-of-art mechanisms for defending against denial of service attacks, compare the strengths and weaknesses of each proposal, and discuss potential countermeasures against each defense mechanism. We conclude by highlighting opportunities for an integrated solution to solve the problem of distributed denial of service attacks.

引用

页数：42

共 97 条

[1] An efficient filter for denial-of-service bandwidth attacks [J].

Abdelsayed, S ;

Glimsholt, D ;

Leckie, C ;

Ryan, S ;

Shami, S .

GLOBECOM'03: IEEE GLOBAL TELECOMMUNICATIONS CONFERENCE, VOLS 1-7, 2003, :1353-1357

[2]

[Anonymous], P 10 USENIX SEC S

[3]

[Anonymous], 1987, 1034 RFC IETF

[4]

[Anonymous], 1812 RFC INT ENG TAS

[5]

[Anonymous], 2003, 2003 C APPL TECHNOLO, P99, DOI 10.1145/863955.863968

[6]

[Anonymous], 2401 RFC INT ENG TAS

[7]

[Anonymous], 2001, ACM

[8]

[Anonymous], INTERNET DENIAL SERV

[9]

[Anonymous], 2002, 3261 RFC INT ENG TAS

[10]

[Anonymous], 2000, P 2000 ACM SIGCOMM C

← 1 2 3 4 5 6 7 8 9 10 →