By Topic

Procedure for detection of and response to Distributed Denial of Service cyber attacks on complex enterprise systems

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)
Paul C. Hershey ; Raytheon Intelligence and Information Systems, 22110 Pacific Blvd, Suite 300, Dulles, VA 20166 ; Charles B. Silio

The increasing frequency, rising costs, and growing sophistication of cyber attacks on DoD, agency and commercial enterprise systems are dramatically reducing the quality of end-user services and compromising mission effectiveness. Of those attacks, one of the more severe is Distributed Denial-of-Service (DDoS) through which an attacker can disrupt, and possibly shutdown, local network enclaves and global net-centric enterprise systems. Previous attempts to overcome this threat include intrusion detection and prevention systems (IDS/IPS), firewalls, and packet scanning software. However, none of these approaches individually achieves prevention or provides sufficient countermeasures to overcome and resolve DDoS threats. This paper presents a detailed procedure for identifying both the on-set of DDoS attacks and corresponding countermeasures to prevent or limit their effects. This procedure applies a hybrid approach that adapts to changing DDoS attack scenarios. Concrete examples provided for each step of the procedure identify the key tools to proactively prevent or respond to DDoS events. Simulated results demonstrate the effectiveness of the procedure for a representative DDoS attack scenario.

Published in:

Systems Conference (SysCon), 2012 IEEE International

Date of Conference:

19-22 March 2012