Combating DDoS Attacks in Web-based Services

Wanlei Zhou and Yang Xiang
School of Information Technology
Deakin University, Melbourne, Australia
Emails: {wanlei, yxi}

Brief description

The goal of this tutorial is to introduce and discuss the DDoS problems in web-based services and its countermeasures. This tutorial is divided into two parts. The first part gives an overview of DDoS attacks and its evolution and classification. Then we discuss the security problems caused by DDoS attacks that threaten web-based services. The second part outlines current defense mechanisms against DDoS attacks.

In particular, Part 1 first introduces the overview of DDoS attacks, examples of how to launch a DDoS attack, evolution of DDoS tools, and the classification of DDoS attacks. Then it discusses the security issues on web-based services and its vulnerability of DDoS attacks.

Part 2 of the tutorial addresses two main streams of current defense mechanisms used to combat DDoS attacks. It first introduces the passive defense mechanisms that including detecting and reacting mechanisms. Then the active defense approaches are introduced. After that, three major active defense methods (source end defense, active traceback, and protocol-based defense) are discussed. Finally, the comparisons between passive and active defense are presented, and some major challenges of DDoS defense are discussed.

The audience of this tutorial includes researchers, practitioners, and technical officers from academic, business and government. No specific knowledge is required. Anyone with a basic knowledge of computing and an interest in the Internet and Web based services will be able to understand the materials presented in the tutorial.


Part 1: DDoS Attacks and its Threatening to Web-based Services
1. Overview - What's DDoS attacks
2. Evolution and Classification of DDoS Attacks
3. DDoS Threatening to Web-based Services

Part 2: Defense against DDoS Attacks for Web-based Services
4. Overview of Current Defense Mechanisms
5. Passive Defence against DDoS Attacks
6. Active Defence against DDoS Attacks
7. Discussion
8. Conclusions

A Short Bio of Professor Wanlei Zhou

Professor Wanlei Zhou received the B.Eng and M.Eng degrees from Harbin Institute of Technology, Harbin, China in 1982 and 1984, respectively, and the PhD degree from The Australian National University, Canberra, Australia, in 1991. He is currently the Chair Professor of IT and the Head in School of Information Technology, Deakin University, Melbourne, Australia. Before joining Deakin University, Professor Zhou has been a programmer in Apollo/HP at Massachusetts, USA, a Chief Software Engineer in HighTech Computers at Sydney, Australia, a Lecturer in National University of Singapore, Singapore, and a Lecturer in Monash University, Melbourne, Australia. His research interests include theory and practical issues of building distributed systems, Internet computing and security, distributed and heterogeneous databases, mobile computing, performance evaluation, and fault-tolerant computing. Professor Zhou is a member of the IEEE and IEEE Computer Society.
Professor Zhou has published more than 100 papers in refereed international journals and refereed international conferences proceedings. Professor Zhou was the Program Committee Co-Chair of the 2000 IEEE International Conference on Algorithms and Architectures for Parallel Processing (ICA3PP 2000), the Program Committee Co-Chair of ICA3PP 2002, and the Program Committee Co-Chair of The Second International Conference on Web-Based Learning (ICWL2003). Since 1997 Professor Zhou has been involved in more than 30 international conferences as PC Chair, Session Chair, Publication Chair, and PC member.

A Short Bio of Mr. Yang Xiang

Mr. Yang Xiang is currently a PhD candidate at School of Information Technology, Deakin University, Melbourne, Australia. Yang received the B.Eng degree from Dalian University of Technology in 1997 and M.Sc degree from the Chinese Academy of Sciences in 2000. Before he came to Deakin University in 2003, he was a software engineer in Mustek Opto-Electronics Inc., Taiwan and West Lake Software, China. His research interests include network security, web services and wireless system. Mr. Xiang published more than 10 refereed journal and conference papers. He is an associate member of Australia Computer Society.

Home Top