Early Signals from Volumetric DDoS Attacks: An Empirical Study
This addresses the need for early prediction to enhance network resilience against DDoS attacks, which can damage company reputation and increase costs, though it appears incremental as it builds on prior detection and mitigation studies.
The paper tackles the problem of predicting volumetric DDoS attacks early by using non-parametric leading indicators, reporting promising results on a real dataset from CAIDA.
Distributed Denial of Service (DDoS) is a common type of Cybercrime. It can strongly damage a company reputation and increase its costs. Attackers improve continuously their strategies. They doubled the amount of unleashed communication requests in volume, size, and frequency in the last few years. This occurs against different hosts, causing resource exhaustion. Previous studies focused on detecting or mitigating ongoing DDoS attacks. Yet, addressing DDoS attacks when they are already in place may be too late. In this article, we consider network resilience by early prediction of attack trends. We show empirically the advantage of using non-parametric leading indicators for early prediction of volumetric DDoS attacks. We report promising results over a real dataset from CAIDA. Our results raise new questions and opportunities for further research in early predicting trends of DDoS attacks.