Open Access  Subscription or Fee Access

About nine hundred million people are using internet today. Therefore, the availability of internet is very critical for the socio economic growth. Distributed Denial-of-Service (DDoS) is one of the major threats for the current Internet. It degrades internet services severely. In order to measure the impact of DDoS attacks on internet services, we need DDoS impact metrics that are applicable to web services. In this paper, we have used the real time attack traces in order to measure the impact of DDoS attack on web services. The impact of attack is measured in terms of metrics such as throughput, number of requests dropout, Average serve rate to request rate, percentage link utilization and normal packet survival ratio (NPSR).

Bandwidth, DDoS, Internet, NPSR, Throughput.

Tao Peng, Christopher Leckie, Kotagiri Ramamohanarao, “Survey of Network-Based Defense Mechanisms Countering the DoS and DDoS Problems”, ACM Computing Surveys, Vol. 39, No. 1, Article 3, April 2007.

Monika Sachdeva, Krishan Kumar, Gurvinder Singh and Kuldip Singh, “Performance Analysis of Web Service under DDoS Attacks”, IEEE International Advance Computing Conference (IACC 2009) Patiala, India, 6-7 March 2009.

Monika Sachdeva, Gurvinder Singh, Krishan Kumar and Kuldip Singh, “Measuring Impact of DDOS Attacks on Web Services”, Journal of Information Assurance and Security 5, p.p 392-400, January 2010.

Monika Sachdeva, Gurvinder Singh, Krishan Kumar, and Kuldip Singh, “DDoS Incidents and their Impact: A Review”, The International Arab Journal of Information Technology, Vol. 7, No. 1, January 2010.

Yonghua You, “A Defense Framework for Flooding-based DDoS Attacks”, Master’s Thesis, Queen's University Kingston, Ontario, Canada August 2007. UCLA CSD Packet Traces. Available at: “http://fmg-www.cs.ucla.edu/ddos/traces/”, [last accessed July, 2010].

J. Mirkovic, P. Reiher, S. Fahmy, R. Thomas, A. Hussain, S. Schwab and C. Ko, “Measuring Denial-of-Service,” Proceedings of the ACM CCS Quality of Protection Workshop (QoP), 2006.

J. Mirkovic, G. Prier and P. Reiher, “Attacking DDoS at the Source,” Proceedings of the IEEE International Conference on Network Protocols (ICNP), 2002.

J. Mirkovic, E. Arikan, S. Wei, S. Fahmy, R. Thomas, and P. Reiher, “Benchmarks for DDoS Defense Evaluation,” Proceedings of the IEEE AFCEA MILCOM, 2006.

J. Mirkovic. D-WARD: Source-End Defense Against Distributed Denial-of-service Attacks, Ph.D. Thesis, University of California, Los Angeles, 2003.

J. Mirkovic and P. Reiher. “A Taxonomy of DDoS Attack and DDoS Defense Mechanisms”, ACM SIGCOMM Computer Communications Review, Volume 34, Issue 2, pp. 39-53, April, 2004.

Alefiya Hussain, Stephen Schwab, Sonia Fahmy, Jelena Mirkovic and R. Thomas, “DDoS Experiment Methodology”, June 2006, Available at: “citeseerx.ist.psu.edu”.

NS Documentation. Available at: “http://www.isi.edu/nsnam/ns”, [last accessed July, 2010].

Cheolho Lee, Sanguk Noh, Kyunghee Choi and Kyunghee Choi, “Characterizing DDoS Attacks with Traffic Rate Analysis”, IADIS International Conference e-Society,p.p 81-88, 2003.

R. K. Chang, “Defending against flooding-based distributed denial-of-service attacks: A tutorial." IEEE Commun. Mag., vol. 40, no. 10, pp. 42-51, October 2002.

Z. Morley Mao, Vyas Sekar, Oliver Spatscheck, Jacobus van der Merwe, Rangarajan Vasudevan, “Analyzing Large DDoS Attacks Using Multiple Data Sources”, SIGCOMM’06 Workshops, September 11-15, 2006.

Jian Kang, Yuan Zhang, Jiu-Bin Ju, “Classifying DDOS Attacks By Hierarchical Clustering Based On Similarity”, Proceedings of the Fifth International Conference on Machine Learning and Cybernetics, Dalian, 13-16 August 2006.

Yang Xiang, Wanlei Zhou, Zhongwen Li, “An Analytical Model for DDoS Attacks and Defense” Proceedings of the International Multi-Conference on Computing in the Global Information Technology (ICCGI'06) IEEE, 2006.

Wei Wang, Sylvain Gombault, “Efficient Detection of DDoS Attacks with Important Attributes”, Third International Conference on Risks and Security of Internet and Systems (CRiSIS) IEEE, 2008.

Arun Raj Kumar, P. and S. Selvakumar, “Distributed Denial-of-Service (DDoS) Threat in Collaborative Environment - A Survey on DDoS Attack Tools and Traceback Mechanisms”, IEEE International Advance Computing Conference (IACC 2009) Patiala, India, 6-7 March 2009.

P. Owezarski, "On the impact of DoS attacks on Internet traffic characteristics and QoS", 14th IEEE International Conference and Computer Communications and Networks (ICCCN’2005), San Diego, CA, USA, 17-19 October 2005.

J. Mirkovic and P. Reiher, ”D-WARD”: Source-End Defense Against Flooding DDoS Attacks”, IEEE Transactions on Dependable and Secure Computing, July-September 2005.

Christos Douligeris and Aikaterini Mitrokotsa, “DDoS attacks and defense mechanisms: a classification”, Proceedings of the 3rd IEEE International Symposium on Signal Processing and Information Technology (ISSPIT 2003), p.p 190-193, 14-17 Dec. 2003.

B. B. Gupta, Manoj Misra and R. C. Joshi, “An ISP Level Solution to Combat DDoS Attacks using Combined Statistical Based Approach”, Journal of Information Assurance and Security 2, p.p102-110, 2008.

Christos Siaterlis, Vasilis Maglaris, “Detecting incoming and outgoing DDoS attacks at the edge using a single set of network characteristics”, Proceedings of the 10th IEEE Symposium on Computers and Communications (ISCC 2005), 2005.

J. Mirkovic, B. Wilson, A. Hussain, S. Fahmy, P. Reiher, R. Thomas and S. Schwab, “Automating DDoS Experimentation,” Proceedings of the USENIX DETER Workshop, 2007.

Mirkovic, S. Fahmy, P. Reiher and R. Thomas, “How to Test DDoS Defenses”, Proceedings of the Cybersecurity Applications & Technology Conference For Homeland Security (CATCH), 2009.