Scope of DDoS Countermeasures: Taxonomy of Proposed Solutions and Design Goals for Real-World Deployment

Source:

8th International Symposium on Systems and Information Security (SSI'2006) (2006)

URL:

http://palms.ee.princeton.edu/PALMSopen/champagne06DDoS.pdf

Keywords:

DDoS Countermeasures; Design Goals; Distributed Denial of Service (DDoS); Taxonomy.

Abstract:

Distributed Denial of Service (DDoS) attacks have been plaguing the Internet for several years. They cause economic losses due to the unavailability of services and potentially serious security problems due to incapacitation of critical infrastructures. Such severe implications lead the research community to strive to find DDoS countermeasures. In spite of all the ideas that have been developed, a practical and comprehensive defense system has yet to be deployed Internetwide. Through a novel taxonomy, this paper classifies and describes DDoS countermeasures developed by industry and academia. To our knowledge, our taxonomy is the first to unify such a large body of work into a single, detailed classification. Based on the analysis of these ideas, we then introduce design goals and principles that can guide the development of a practical DDoS solution.