Advanced SearchSearch Tips
Policy Based DDoS Attack Mitigation Methodology
facebook(new window)  Pirnt(new window) E-mail(new window) Excel Download
  • Journal title : Journal of KIISE
  • Volume 43, Issue 5,  2016, pp.596-605
  • Publisher : Korean Institute of Information Scientists and Engineers
  • DOI : 10.5626/JOK.2016.43.5.596
 Title & Authors
Policy Based DDoS Attack Mitigation Methodology
Kim, Hyuk Joon; Lee, Dong Hwan; Kim, Dong Hwa; Ahn, Myung Kil; Kim, Yong Hyun;
Since the Denial of Service Attack against multiple targets in the Korean network in private and public sectors in 2009, Korea has spent a great amount of its budget to build strong Internet infrastructure against DDoS attacks. As a result of the investments, many major governments and corporations installed dedicated DDoS defense systems. However, even organizations equipped with the product based defense system often showed incompetency in dealing with DDoS attacks with little variations from known attack types. In contrast, by following a capacity centric DDoS detection method, defense personnel can identify various types of DDoS attacks and abnormality of the system through checking availability of service resources, regardless of the types of specific attack techniques. Thus, the defense personnel can easily derive proper response methods according to the attacks. Deviating from the existing DDoS defense framework, this research study introduces a capacity centric DDoS detection methodology and provides methods to mitigate DDoS attacks by applying the methodology.
denial of service attack;DDoS;capacity centric;policy based DDoS mitigation;
 Cited by
J. Mirkovic and P. Reiher, "A taxonomy of DDoS attack and DDoS defense mechanisms," ACM SIGCOMM Computer Communication Review, Vol. 34, Issue 2, pp. 39-53, Apr. 2004.

S.M. Specht and R.B. Lee, "Distributed Denial of Service: Taxonomies of Attacks, Tools and Countermeasures," Proc. of the 17th Int'l Conf. Parallel and Distributed Computing Systems (PDCS 2004), Sep. 2004.

M Ahn, D. Lee, H. Oh, W. Cho, and Y. Kim, "Research on M&S System Architecture and Technology for Effect Analysis and Training/Test based Cyber warfare," Journal of KIMST : Information and Communication Technology, pp. 1230-1231, Jun. 2015. (in Korean)

W. Eddy, "TCP SYN Flooding Attacks and Common Mitigations," RFC 4987, Aug. 2007.

J. Touch, "TCP Control Block Interdependence," RFC 2140, Apr. 1997.

W. Richard, Stevens, "TCP/IP Illustrated: The protocols," Addison-Wesley professional computing series, pp. 229-260, 2004.

E. Zuckerman, , H. Roberts, R. McGrady, J. York and J. Palfrey, John G(2010, Dec 20). 2010 Report on Distributed Denial of Service (DDos) Attacks. [Online]. Available: cfm?abstract_id=1872065 (downloaded 2016, Feb. 29)

H. Kim and S. Lee, "Categorising Denial of Service Attack Through Network Forensics," Journal of KIISC : Network Secycurity, Vol. 21, No. 4, pp. 7-74, Jun. 2011. (in Korean)

W. O Chee and T. Brennan, "H...t....t...p...p...o...s...t," presentation at OWASP AppSec Conference, Washington, D.C., 2010.

L. Liu, X. Zhang, and S. Chen, "Botnet with Browser Extensions", Privacy, Security, Risk and Trust (PASSAT) and 2011 IEEE Third Inernational Conference on Social Computing (SocialCom), 2011 IEEE Third International Conference on. IEEE, pp. 1089-1094, 2011.