- Jun Li (Chair)
- Lei Jiao
- Reza Rejaie
- Bryce Newell (Journalism and Communication)
Two decades after the first distributed denial-of-service (DDoS) attack, the Internet remains challenged by DDoS attacks as they evolve. The scale of attacks is not only larger than ever, but they are harder to detect and mitigate. Nevertheless, the Internet's fundamental design, machines are free to send traffic to any other machines, remains the same. This thesis reinvestigates the prior DDoS defense solutions to find architectural issues in existing defense solutions and proposes solutions to improve the system input, design, and evaluation of DDoS defense. Specifically, we show why DDoS defense systems need a better view of the Internet's traffic at AS level. We use a novel attack to expose the inefficiencies in the existing defense systems. Finally, we reason why a defense solution needs a sound empirical evaluation and provide a framework to facilitate DDoS evaluation that mimics real-world networks.