DDoS Mitigation: A Measurement-Based Approach

Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

4 Citations (Scopus)
12 Downloads (Pure)


Society heavily relies upon the Internet for global communications. Simultaneously, Internet stability and reliability are continuously subject to deliberate threats. These threats include (Distributed) Denial-of-Service (DDoS) attacks, which can potentially be devastating. As a result of DDoS, businesses lose hundreds of millions of dollars annually. Moreover, when it comes to vital infrastructure, national safety and even lives could be at stake. Effective defenses are therefore an absolute necessity. Prospective users of readily available mitigation solutions find themselves having many shapes and sizes to choose from, the right fit of which may, however, not always be apparent. In addition, the deployment and operation of mitigation solutions may come with hidden hazards that need to be better understood. Policy makers and governments also find themselves facing questions concerning what needs to be done to promote cybersafety on a national level. Developing an optimal course of action to deal with DDoS, therefore, also brings about societal challenges. Even though the DDoS problem is by no means new, the scale of the problem is still unclear. We do not know exactly what it is we are defending against and getting a better understanding of attacks is essential to addressing the problem head-on. To advance situational awareness, many technical and societal challenges need still to be tackled. Given the central importance of better understanding the DDoS problem to improve overall Internet security, the thesis that we summarize in this paper has three main contributions. First, we rigorously characterize attacks and attacked targets at scale. Second, we advance knowledge about the Internet-wide adoption, deployment and operational use of various mitigation solutions. Finally, we investigate hidden hazards that can render mitigation solutions altogether ineffective.
Original languageEnglish
Title of host publication2020 IEEE/IFIP Network Operations and Management Symposium (NOMS 2020)
Place of PublicationPiscataway, NJ
Number of pages6
ISBN (Electronic)978-1-7281-4973-8
ISBN (Print)978-1-7281-4974-5
Publication statusPublished - 23 Apr 2020
Event17th IEEE/IFIP Network Operations and Management Symposium, NOMS 2020: Management in the Age of Softwarization and Artificial Intelligence - Virtual conference, Budapest, Hungary
Duration: 20 Apr 202024 Apr 2020
Conference number: 17
https://noms2020.ieee-noms.org/ (Conference)

Publication series

NameIEEE/IFIP Network Operations and Management Symposium (NOMS)
ISSN (Print)1542-1201
ISSN (Electronic)2374-9709


Conference17th IEEE/IFIP Network Operations and Management Symposium, NOMS 2020
Abbreviated titleNOMS
Internet address


  • Denial-of-Service
  • DDoS
  • Attacks
  • Mitigation
  • Internet measurement
  • Cybersecurity
  • 2023 OA procedure


Dive into the research topics of 'DDoS Mitigation: A Measurement-Based Approach'. Together they form a unique fingerprint.

Cite this