1. Introduction
DDoS attack is a type of network's anomaly which severely attempts to stop the normal working of web applications [1]. It became serious threat specially for those companies who have low budget for security and development of website. Internet is being widely used for professional and personal information sharing including transaction of money for getting online services through various websites. A common person, without technical knowledge, is using internet for business purposes. Different offline services are getting converted into online services day by day which have increased the number of internet users rapidly. A popular web site with weak security can become the main target for DDoS attackers. These attacks make server paralyzed during the time of attack. A user experience gets worse when the website is being DDoS attacked and user is compelled to move to another website for services. At the same time, it causes financial and brand damage to victims' company. Average size of DDoS attack is growing tremendously as shown in Figure 1. Github (software code providing company) experienced 1.3 Tbps DDoS attack during which Github server became incapable to handle it. After a week NETSCOUT Arbor confirmed 1.7 Tbps DDoS attack towards a US based service provider which was a new highest rate of this kind recorded by ATLAS global traffic and threat data system [2]. Both of the attacks were based on the same Memcached (a caching utility used to increase load times on websites and networks.) reflection/amplification attack. In many compromised systems, attackers exploit protocols basically those which are used to enhance the speed of transfer of data, increase downloading time, establish communication between systems and error handling etc. Different aspects of DDoS are mentioned below:
Peak attack size through March 2018 [2]