Distributed denial-of-service (DDoS) attacks typically exhaust bandwidth, processing capacity, or memory of a targeted machine, service or network. Despite enormous efforts in combating DDoS attacks in the past decade, DDoS attacks are still a serious threat to the security of cyberspace. In this talk I shall outline the efforts of my research group in traceback of DDoS attacks. In particular, this talk will concentrate on the following three critical issues related to DDoS attacks: (1) Traceback of DDoS attacks through flexible packet marking; (2) Traceback of DDoS attacks using Entropy Variations; and (3) Dealing with low-rate DDoS attacks and flash crowds. The talk will be based on the following papers:
1. Yang Xiang, Wanlei Zhou and Minyi Guo, "Flexible Deterministic Packet Marking: An IP Traceback System to Find the Real Source of Attacks", IEEE Transactions on Parallel and Distributed Systems, vol. 20, no. 4, pp. 567-580, April 2009.
2. Shui Yu, Wanlei Zhou, Robin Doss, and Weijia Jia, "Traceback of DDoS Attacks using Entropy Variations", IEEE Transactions on Parallel and Distributed Systems, Vol. 22, No. 3, March 2011, pp. 412-425
3. Yang Xiang, Ke Li, and Wanlei Zhou, "Low-Rate DDoS Attacks Detection and Traceback by Using New Information Metrics", IEEE Transactions on Information Forensics and Security, Vol. 6, No. 2, June 2011, pp. 426-437.
4. Shui Yu, Wanlei Zhou, Weijia Jia, Song Guo, Yong Xiang, and Feilong Tang, "Discriminating DDoS Attacks from Flash Crowds Using Flow Correlation Coefficient", IEEE Transactions on Parallel and Distributed Systems, Vol. 23, No. 6, June 2012. pp. 1073-1080.
5. Wei Zhou, Weijia Jia, Sheng Wen, Yang Xiang, Wanlei Zhou, "Detection and defense of application-layer DDoS attacks in backbone web traffic", Future Generation Computer System, Volume 38, 2014, Pages 36-46.
6. Shui Yu, Wanlei Zhou, Song Guo, Minyi Guo, "A Feasible IP Traceback Framework through Dynamic Deterministic Packet Marking", Accepted by IEEE Transactions on Computers, accepted 8/5/2015.