A Survey on Distributed Denial of Service Attacks and Counter Measures

Abstract

Distributed Denial of Service (DDoS) attack is a Denial of Service (DoS) attack that is made in large scale over a potential service in distributed environment. Adversaries targeting such attack makes a sustainable effort to exploit software vulnerabilities in computers through which attack is made on a target server. Such computers that unwittingly cooperate attacker are known as zombies where attacker keeps malicious piece of software known as agent. As countermeasures are being developed from time to time, the attackers are enhancing their tools to launch DDoS attacks. In this context, it is essential to have counter measures that defend existing and future DDoS variants. However, it needs thorough understanding pertaining to scope and detection methods for handling such massive attacks. This paper provides insights on different terms associated with DDoS attacks, different attack types and counter methods existing. It also covers the attacks and countermeasures in cloud computing. Provided comprehension of the DDoS attacks and their scope, it is possible to device new countermeasures for well-known and future DDoS attacks. Especially the problem of low-rate DDoS attacks in container based and SDN based cloud environments is to be addressed.