DDoS Attacks Over the Last Three Years: Emerging Trends and Defensive Approaches

To protect and properly mitigate DDoS attacks, today’s organizations need a very advanced next generation architecture that is designed to detect and react to very complex, deceptive and sophisticated attacks without blocking the normal operations of the organization. By the pattern of events, it is apparent that flow and ebb of new DDoS attacks and new defenses will not stop anytime soon. It is feasible that based on this study, the best way to mitigate DDoS attacks would be to just stop them. Most successful DDoS attacks utilize botnets as a core enabler. Existing data indicates that malicious actors with access to large scale resources are developing and advanced server botnets that allow them to launch extremely complex large-scale attacks with names that are specifically designed to evade DDoS mitigation technology. This is a significant barrier for existing DDoS mitigation approaches, given semi-automated DDoS mitigation technologies would likely fail or can be overwhelmed by such attacks. Therefore, in addition to continual research to improve network layer protocols and implement overlays, there is a need for more long term and holistic work toward detection, prevention and disassembling botnets. Those efforts should not only be focused on technical improvements that change network protocols by addressing existing weaknesses, but there should be policy interventions that relate to the economic side of information security as well. Moreover, it is necessary to formulate a comprehensive defense strategy that will be enormously beneficial in the face of existing and future DDoS attacks. Securitizing the network requires a comprehensive defense strategy, planning, adjusting and getting ready for new effects, and strategic effective solutions in a modernizing technological context, without losing a close and vigilante oversight of the current situation.