Revealing Protocol Architecture’s Design Patterns in the Volumetric DDoS Defense Design Space

IF 34.4 1区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

IEEE Communications Surveys and Tutorials Pub Date : 2024-04-22 DOI:10.1109/COMST.2024.3392253

Zhiyi Zhang;Guorui Xiao;Sichen Song;R. Can Aygun;Angelos Stavrou;Lixia Zhang;Eric Osterweil

{"title":"Revealing Protocol Architecture’s Design Patterns in the Volumetric DDoS Defense Design Space","authors":"Zhiyi Zhang;Guorui Xiao;Sichen Song;R. Can Aygun;Angelos Stavrou;Lixia Zhang;Eric Osterweil","doi":"10.1109/COMST.2024.3392253","DOIUrl":null,"url":null,"abstract":"Distributed Denial of Service (DDoS) attacks have plagued the Internet for decades. Despite the ever-increasing investments into mitigation solution development, DDoS attacks continue to grow with ever-increasing frequency and magnitude. To identify the root cause of the above-observed trend, in this paper, we conduct a systematic and architectural evaluation of volumetric DDoS detection and mitigation efforts over 24,000 papers, articles, and RFCs over 30+ years. To that end, we introduce a novel approach for systematizing comparisons of DDoS research, resulting in a comprehensive examination of the DDoS literature. Our analysis illustrates a small set of common design patterns across seemingly disparate solutions, and reveals insights into deployment traction and success of DDoS solutions. Furthermore, we discuss economic incentives and the lack of harmony between synergistic but independent approaches for detection and mitigation. As expected, defenses with a clear cost/benefit rationale are more prevalent than those that require extensive infrastructure changes. Finally, we discuss the lessons learned which we hope can shed light on future directions that can potentially turn the tide of the war against DDoS.","PeriodicalId":55029,"journal":{"name":"IEEE Communications Surveys and Tutorials","volume":"27 1","pages":"353-371"},"PeriodicalIF":34.4000,"publicationDate":"2024-04-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Communications Surveys and Tutorials","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10506756/","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

Distributed Denial of Service (DDoS) attacks have plagued the Internet for decades. Despite the ever-increasing investments into mitigation solution development, DDoS attacks continue to grow with ever-increasing frequency and magnitude. To identify the root cause of the above-observed trend, in this paper, we conduct a systematic and architectural evaluation of volumetric DDoS detection and mitigation efforts over 24,000 papers, articles, and RFCs over 30+ years. To that end, we introduce a novel approach for systematizing comparisons of DDoS research, resulting in a comprehensive examination of the DDoS literature. Our analysis illustrates a small set of common design patterns across seemingly disparate solutions, and reveals insights into deployment traction and success of DDoS solutions. Furthermore, we discuss economic incentives and the lack of harmony between synergistic but independent approaches for detection and mitigation. As expected, defenses with a clear cost/benefit rationale are more prevalent than those that require extensive infrastructure changes. Finally, we discuss the lessons learned which we hope can shed light on future directions that can potentially turn the tide of the war against DDoS.

查看原文本刊更多论文

揭示体积式 DDoS 防御设计空间中的协议架构设计模式

分布式拒绝服务（DDoS）攻击已经困扰了互联网几十年。尽管在缓解解决方案开发方面的投资不断增加，但DDoS攻击的频率和规模仍在不断增加。为了确定上述趋势的根本原因，在本文中，我们对30多年来24,000篇论文、文章和rfc的海量DDoS检测和缓解工作进行了系统和架构评估。为此，我们引入了一种新的方法来系统化地比较DDoS研究，从而对DDoS文献进行全面的检查。我们的分析说明了看似不同的解决方案中的一小部分常见设计模式，并揭示了对DDoS解决方案的部署吸引力和成功的见解。此外，我们讨论了经济激励和缺乏协调的协同但独立的方法之间的检测和缓解。正如预期的那样，具有明确成本/收益原理的防御比那些需要大量基础设施更改的防御更为普遍。最后，我们讨论了吸取的教训，我们希望这些教训可以阐明未来的方向，从而有可能扭转针对DDoS的战争趋势。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

IEEE Communications Surveys and Tutorials COMPUTER SCIENCE, INFORMATION SYSTEMS-TELECOMMUNICATIONS

CiteScore

80.20

自引率

2.50%

发文量

审稿时长

6 months

期刊介绍： IEEE Communications Surveys & Tutorials is an online journal published by the IEEE Communications Society for tutorials and surveys covering all aspects of the communications field. Telecommunications technology is progressing at a rapid pace, and the IEEE Communications Society is committed to providing researchers and other professionals the information and tools to stay abreast. IEEE Communications Surveys and Tutorials focuses on integrating and adding understanding to the existing literature on communications, putting results in context. Whether searching for in-depth information about a familiar area or an introduction into a new area, IEEE Communications Surveys & Tutorials aims to be the premier source of peer-reviewed, comprehensive tutorials and surveys, and pointers to further sources. IEEE Communications Surveys & Tutorials publishes only articles exclusively written for IEEE Communications Surveys & Tutorials and go through a rigorous review process before their publication in the quarterly issues. A tutorial article in the IEEE Communications Surveys & Tutorials should be designed to help the reader to become familiar with and learn something specific about a chosen topic. In contrast, the term survey, as applied here, is defined to mean a survey of the literature. A survey article in IEEE Communications Surveys & Tutorials should provide a comprehensive review of developments in a selected area, covering its development from its inception to its current state and beyond, and illustrating its development through liberal citations from the literature. Both tutorials and surveys should be tutorial in nature and should be written in a style comprehensible to readers outside the specialty of the article.