Paper Type
Completed Research Paper
Abstract
This research proposes a measure for assessing the adequacy of DDOS detection systems. DDOS attacks pose serious threats to businesses around the globe. The best defense incorporates a plurality of detection methods. To increase the likelihood that malicious traffic can be effectively identified, multiple detection tests should be used. However, the complexity and quantity of contemporary tests makes selection difficult. This research develops a metric to assist in making such determinations. The measure was developed in three stages: first, a review of contemporary detection algorithms was conducted in order to identify specific tactics. Second, the results were clustered into logical groupings which were improved over multiple iterations. Finally, a Delphi group provided recommendations and feedback via two rounds of revision. The result is a formative measure consisting of 28 separate tests organized into 10 categories. It can be used to assess in-place defenses or guide development of new detection systems.
Recommended Citation
Shropshire, Jordan and Gowan, Jack A., "A Measure for Assessing the Adequacy of DDOS Defenses" (2013). AMCIS 2013 Proceedings. 10.
https://aisel.aisnet.org/amcis2013/ISSecurity/GeneralPresentations/10
A Measure for Assessing the Adequacy of DDOS Defenses
This research proposes a measure for assessing the adequacy of DDOS detection systems. DDOS attacks pose serious threats to businesses around the globe. The best defense incorporates a plurality of detection methods. To increase the likelihood that malicious traffic can be effectively identified, multiple detection tests should be used. However, the complexity and quantity of contemporary tests makes selection difficult. This research develops a metric to assist in making such determinations. The measure was developed in three stages: first, a review of contemporary detection algorithms was conducted in order to identify specific tactics. Second, the results were clustered into logical groupings which were improved over multiple iterations. Finally, a Delphi group provided recommendations and feedback via two rounds of revision. The result is a formative measure consisting of 28 separate tests organized into 10 categories. It can be used to assess in-place defenses or guide development of new detection systems.