A Survey of Emerging DDoS Threats in New Power Systems
Fan Luo, Siqin Fan, Guolin Shao

TL;DR
This paper explores how DDoS attacks are evolving into complex multi-stage operations and how new defenses like AI can help counter them.
Contribution
The paper introduces a new three-phase DDoS attack chain model and outlines emerging defense strategies leveraging large language models and adaptive systems.
Findings
DDoS attacks are increasingly multi-stage, relying on new hardware and network protocols.
Current defenses include anycast, scrubbing, and adaptive ML detection, but gaps remain.
Future research should focus on cross-layer telemetry and cooperative mitigation strategies.
Abstract
Distributed Denial-of-Service (DDoS) attacks remain the most pervasive and operationally disruptive cyber threat and are routinely weaponized in interstate conflict (e.g., Russia–Ukraine and Stuxnet). Although attack-chain models are standard for Advanced Persistent Threat (APT) analysis, they have seldom been applied to DDoS, which is often framed as a single-step volumetric assault. However, ubiquitous intelligence and ambient connectivity increasingly enable DDoS campaigns to unfold as multi-stage operations rather than isolated floods. In parallel, large language models (LLMs) create new opportunities to strengthen traditional DDoS defenses through richer contextual understanding. Reviewing incidents from 2019 to 2024, we propose a three-phase DDoS attack chain—preparation, development, and execution—that captures contemporary tactics and their dependencies on novel hardware,…
Genes, proteins, chemicals, diseases, species, mutations and cell lines named across the full text — each resolved to its canonical identifier and authoritative record.
Click any figure to enlarge with its caption.
Figure 1
Figure 2
Figure 3
Figure 4Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsNetwork Security and Intrusion Detection · Smart Grid Security and Resilience · Software-Defined Networks and 5G
