Poster: DDoSGrid: a Platform for the Post-mortem Analysis and Visualization of DDoS Attacks

Distributed Denial-of-Service (DDoS) attacks remain one of the top reasons for business disruption and financial losses. Although mitigation solutions are available on the market, there is still a need for approaches that help network operators understand attack characteristics and behaviors, resulting in better planning of companies' cybersecurity strategies. This paper introduces DDoSGrid, a platform for the analysis and visualization of DDoS attacks. DDoSGrid implements an extensible set of miners to extract, process, and analyze information from network traces (i.e., PCAP files) to provide insightful visualizations for a better understanding and in-depth analysis of DDoS attacks in different scenarios. A case study was performed using an HTTP flood attack scenario to evaluate the feasibility of the approach. DDoSGrid enables real-world DDoS scenarios' analysis, providing an intuitive interface integrated with extensible insightful visualizations and data miners.