Article Preview
TopIntroduction
Distributed Denial of Service (DDoS) attacks are designed to overwhelm a network with malicious traffic (Kamaljeet Kaur & Parveen Kakkar, n.d.; Q. Zhang et al., 2023; Cvitic´ et al., 2021). DDoS attacks are a significant threat to web-based applications and networks. Lau et al. (Lau et al., n.d.) describes the methods and techniques used in DDoS attacks and lists possible defenses. Salim et al.(Salim et al., 2019) comprehensively surveys DDoS attacks from IoT devices to the cloud environment, including attack methods, tools, and state-of-the-art defense measures. Bhuyan et al.,(Bhuyan et al., 2013) discusses the two types of DDoS attack architectures: the Agent-Handler architecture and the Internet Relay Chat (IRC)-based architecture. Patil et al.(Patil et al., 2021) presents a comprehensive review of existing distributed frameworks for detecting DDoS attacks and characterizes several existing distributed processing frameworks to select an appropriate one for deploying DDoS attack detection mechanisms.
DDoS is a severe attack caused so far in the world, that crashes many servers, blocks network traffic, and drastically reduces its speed. Various technologies such as Machine Learning, Deep Learning, Blockchain, and Cyber Security have been applied by researchers for handling DDoS attacks. Securing data in an IoT network is challenging due to its decentralized nature and data being shared among millions of devices (Varalakshmi et al., 2021; Stergiou et al., 2021; A. Singh & Gupta, 2022). Machine Learning is a powerful tool for detecting DoS/DDoS attacks.Different machine learning techniques have been used to detect DoS/DDoS attacks, such as supervised, unsupervised, and deep learning. The accuracy of the detection of DoS/DDoS attacks can be improved by combining different machine learning techniques (Verma & Kumar, 2021; B. B. Gupta et al., 2009; Z. Zhang et al., 2017). DDoS attack detection is a challenging task in cloud computing. Artificial Intelligence (AI) based approaches can be used to detect DDoS attacks in cloud computing. Comprehensive reviews of existing DDoS attack detection methods are needed to improve the security of cloud computing (R. Devi & N. Umamaheswari, n.d.; Dahiya & Gupta, 2021; Kumar et al., 2021; Wahab et al., 2017). Feature selection is an important factor in improving the accuracy of ML-based solutions for detecting DDoS attacks. Different datasets such as KDD, UNSW-NB15, and others can affect the accuracy of ML. Several feature engineering strategies can be chosen to improve ML solutions on DDoS attacks(Faiz et al., 2022).
The consequences of a DDoS attack are varied and can affect multiple stakeholders (Abbas et al., 2021; Wassan et al., 2022; Mishra et al., 2021). Somani et al.(Somani et al., 2016) argues that in cloud computing, collateral damage to non-targets can include performance interference, web service performance, resource race, indirect EDoS, service downtime, and business losses. Maciel et al.(Maciel et al., 2018) proposes hierarchical models to assess the impact of a DDoS attack on computer systems, including the likelihood of an attack, attacker benefits, feasibility, the pain factor, and the propensity of the offense. Abhishta et al.(Abhishta et al., 2017) analyzes the impact of DDoS attack announcements on victim stock prices and finds a significant negative impact in cases where the attack creates an interruption in services. Hurst et al.(Hurst et al., 2015) focuses on predicting the effects of DDoS attacks on a network of critical infrastructures and demonstrates a technique for assessing the future impact of disruptions on an integrated critical infrastructure network. Overall, the papers suggest that the consequences of a DDoS attack can be significant and wide-ranging, affecting not only the target but also other stakeholders and potentially causing financial losses.