The global pandemic lockdowns fostered the digital transition of companies worldwide
since most of their employees worked from home using public or private cloud services.
Accordingly, these services became the primary targets of the latest generation DDoS
threats. While some features of current DDoS attack profiles appeared before the pandemic
period, they became significant and reached their current complexity in the recent
period. Besides applying novel methods and tools, the attacks’ frequency, extent,
and complexity also increased significantly. The combination of various attack vectors
opened the way for multi-vector attacks incorporating a unique blend of L3-L7 attacking
profiles. Unifying the hit-and-run method and the multi-vector approach contributed
to the remarkable rise in success rate. The current paper has two focal points. First,
it discusses the profiles of the latest DDoS attacks discovered in real data center
infrastructures. To demonstrate and emphasize the changes in attack profile, we reference
attack samples recently collected in various data center networks. Second, it provides
a comprehensive survey of the state-of-the-art detection methods related to recent
attacks. The paper especially focuses on the accuracy and speed of these, mostly networking-related
detection approaches. Furthermore, we define features and quantitative and qualitative
requirements to support detection methods handling the latest threat profiles.
