A taxonomy of capabilities based DDoS defense architectures


DDoS defenses based on network capabilities advocate fundamental changes to the Internet. However, despite the many point solutions, there has not been a rigorous study of the entire solution space for capability architectures. We believe the proposed changes to the Internet will inevitably introduce challenges and tradeoffs. To better understand the tradeoffs and identify challenges, we propose a taxonomy to categorize possible options and map the potential solution space. Our taxonomy identifies key components of capability architectures, separates fundamentals from implementation details, and opens up new directions to explore in these architectures. © 2011 IEEE.

Publication Title

Proceedings of IEEE/ACS International Conference on Computer Systems and Applications, AICCSA