TY  - JOUR
T1  - Policy Based DDoS Attack Mitigation Methodology
AU  - Kim, Hyuk Joon 
AU  - Lee, Dong Hwan 
AU  - Kim, Dong Hwa 
AU  - Ahn, Myung Kil 
AU  - Kim, Yong Hyun 
JO  - Journal of KIISE, JOK
PY  - 2016
DA  - 2016/1/14
DO  - 
KW  - denial of service attack
KW  - capacity centric
KW  - policy based DDoS mitigation
AB  - Since the Denial of Service Attack against multiple targets in the Korean network in private and public sectors in 2009, Korea has spent a great amount of its budget to build strong Internet infrastructure against DDoS attacks. As a result of the investments, many major governments and corporations installed dedicated DDoS defense systems. However, even organizations equipped with the product based defense system often showed incompetency in dealing with DDoS attacks with little variations from known attack types. In contrast, by following a capacity centric DDoS detection method, defense personnel can identify various types of DDoS attacks and abnormality of the system through checking availability of service resources, regardless of the types of specific attack techniques. Thus, the defense personnel can easily derive proper response methods according to the attacks. Deviating from the existing DDoS defense framework, this research study introduces a capacity centric DDoS detection methodology and provides methods to mitigate DDoS attacks by applying the methodology.