ABSTRACT
The Internet impacts greatly upon every aspect of our lives, and hence is a critical resource for everyone. Any disruption or unavailability of this resource may lead to serious impacts at various levels of our society. As the dependency on the Internet keeps on growing at an exponential rate, the threats to the availability of network resources have also been increasing rapidly. Threats which aim to overcrowd networked computer systems or resources and consequently make unavailable legitimate services are typically referred to as Denial-of-Service (DoS) attacks [6]. When such a threat is activated through a large group of compromised machines, called zombies or bots, which send coordinated traffic to the victim, in an attempt to exhaust the network resources such as CPU, memory or link bandwidth of the victim, we refer to it as Distributed Denial-of-Service (DDoS) flooding attack. Currently, the DDoS flooding attack is generally considered the strongest weapon of choice by intruders who want to block availability of Internet services by overwhelming a network with unsolicited traffic. The ever-increasing lethality of DDoS attacks pose a serious concern to network health and as a result, has spurred sustained research in finding effective and efficient methods to handle these attacks. In a DDoS attack, the victim can range from a single Web server to the Internet connection to an entire university or an entire city or even an entire country. In most cases, the users of the compromised machines that participate in an attack are unaware of the fact.
