Always Learning

Advanced Search

Internet Denial of Service

Internet Denial of Service

Attack and Defense Mechanisms

Jelena Mirkovic, Sven Dietrich, David Dittrich, Peter Reiher

Jan 2005, Paperback, 400 pages
ISBN13: 9780131475731
ISBN10: 0131475738
This title is ordered on demand which may result in extended delivery times.
  • Print pagePrint page
  • Email this pageEmail page
  • Write a reviewWrite a review
  • Share

Suddenly your Web server becomes unavailable. When you investigate, you realize that a flood of packets is surging into your network. You have just become one of the hundreds of thousands of victims of a denial-of-service attack, a pervasive and growing threat to the Internet. What do you do?

Internet Denial of Service sheds light on a complex and fascinating form of computer attack that impacts the confidentiality, integrity, and availability of millions of computers worldwide. It tells the network administrator, corporate CTO, incident responder, and student how DDoS attacks are prepared and executed, how to think about DDoS, and how to arrange computer and network defenses. It also provides a suite of actions that can be taken before, during, and after an attack.

Inside, you'll find comprehensive information on the following topics

  • How denial-of-service attacks are waged
  • How to improve your network's resilience to denial-of-service attacks
  • What to do when you are involved in a denial-of-service attack
  • The laws that apply to these attacks and their implications
  • How often denial-of-service attacks occur, how strong they are, and the kinds of damage they can cause
  • Real examples of denial-of-service attacks as experienced by the attacker, victim, and unwitting accomplices

The authors' extensive experience in handling denial-of-service attacks and researching defense approaches is laid out clearly in practical, detailed terms.



Suddenly your Web server becomes unavailable. When you investigate, you realize that a flood of packets is surging into your network. You have just become one of the hundreds of thousands of victims of a denial-of-service attack, a pervasive and growing threat to the Internet. What do you do?

Internet Denial of Service sheds light on a complex and fascinating form of computer attack that impacts the confidentiality, integrity, and availability of millions of computers worldwide. It tells the network administrator, corporate CTO, incident responder, and student how DDoS attacks are prepared and executed, how to think about DDoS, and how to arrange computer and network defenses. It also provides a suite of actions that can be taken before, during, and after an attack.

Inside, you'll find comprehensive information on the following topics

  • How denial-of-service attacks are waged
  • How to improve your network's resilience to denial-of-service attacks
  • What to do when you are involved in a denial-of-service attack
  • The laws that apply to these attacks and their implications
  • How often denial-of-service attacks occur, how strong they are, and the kinds of damage they can cause
  • Real examples of denial-of-service attacks as experienced by the attacker, victim, and unwitting accomplices

The authors' extensive experience in handling denial-of-service attacks and researching defense approaches is laid out clearly in practical, detailed terms.



Foreword.

Acknowledgments.

About the Authors.

1. Introduction.

DoS and DdoS

Why Should We Care?

What Is This Book?

Who Is This Book For?

What Can This Book Help You Do?

Outline of the Remaining Chapters

2. Understanding Denial of Service.

The Ulterior Motive

Meet the Attackers

Behind the Scenes

Distribution Effects

DDoS: Hype or Reality?

How Vulnerable Are You to DDoS?

3. History of DoS and DDoS.

Motivation

Design Principles of the Internet

DoS and DDoS Evolution

4. How Attacks Are Waged.

Recruitment of the Agent Network

Controlling the DDoS Agent Network

Semantic Levels of DDoS Attacks

Attack Toolkits

What Is IP Spoofing?

DDoS Attack Trends

5. An Overview of DDoS Defenses.

Why DDoS Is a Hard Problem

DDoS Defense Challenges

Prevention versus Protection and Reaction

DDoS Defense Goals

DDoS Defense Locations

Defense Approaches

6. Detailed Defense Approaches.

Thinking about Defenses

General Strategy for DDoS Defense

Preparing to Handle a DDoS Attack

Handling an Ongoing DDoS Attack as a Target

Handling an Ongoing DDoS Attack as a Source

Agreements/Understandings with Your ISP

Analyzing DDoS tools

7. Survey of Research Defense Approaches.

Pushback

Traceback

D-WARD

NetBouncer

Secure Overlay Services (SOS)

Proof of Work

DefCOM

COSSACK

Pi

SIFF: An End-Host Capability Mechanism to Mitigate DDoS Flooding Attacks

Hop-Count Filtering (HCF)

Locality and Entropy Principles

An Empirical Analysis of Target-Resident DoS Filters

Research Prognosis

8. Legal Issues.

Basics of the U.S. Legal System

Laws That May Apply to DDoS Attacks

Who Are the Victims of DDoS?

How Often Is Legal Assistance Sought in DDoS Cases?

Initiating Legal Proceedings as a Victim of DdoS

Evidence Collection and Incident Response Procedures

Estimating Damages

Jurisdictional Issues

Domestic Legal Issues

International Legal Issues

Self-Help Options

A Few Words on Ethics

Current Trends in International Cyber Law

9. Conclusions.

Prognosis for DdoS

Social, Moral, and Legal Issues

Resources for Learning More

Conclusion

Appendix A. Glossary.

Appendix B. Survey of Commercial Defense Approaches.

Mazu Enforcer by Mazu Networks

Peakflow by Arbor Networks

WS Series Appliances by Webscreen Technologies

Captus IPS by Captus Networks

MANAnet Shield by CS3

Cisco Traffic Anomaly Detector XT and Cisco Guard XT

StealthWatch by Lancope

Summary

Appendix C. DDoS Data.

2004 CSI/FBI Computer Crime and Security Survey

Inferring Internet Denial-of-Service Activity

A Framework for Classifying Denial-of- Service Attacks

Observations and Experiences Tracking Denial-of-Service Attacks across a Regional ISP

Report on the DDoS Attack on the DNS Root Servers

Conclusion

References.

Index.

Jelena Mirkovic has been an assistant professor at the University of Delaware since 2003. She holds a Ph.D. in computer science from the University of California, Los Angeles, where she developed effective defenses against distributed denial-of-service attacks.

Sven Dietrich is a member of the technical staff at the CERT Coordination Center, part of the Software Engineering Institute at Carnegie Mellon University, and is affiliated with Carnegie Mellon CyLab, a university-wide cyber security research and education initiative. He has worked and published on DDoS since 1999.

David Dittrich is a senior security engineer at the University of Washingtons Center for Information Assurance and Cybersecurity and a founding member of the Honeynet Project. He published the first detailed technical analyses of DDoS tools in 1999, and maintains the largest Web page on the subject.

Peter Reiher is an adjunct associate professor at the University of California, Los Angeles. His research includes defenses against denial-of-service attacks.



Your opinions count

Be the first to review this product. Write your review now.