< Day Day Up >
Internet Denial of Service: Attack and Defense Mechanisms
By
Jelena Mirkovic
,
Sven Dietrich
,
David Dittrich
,
Peter Reiher
...............................................
Publisher:
Prentice Hall PTR
Pub Date:
December 30, 2004
Print ISBN:
0-13-147573-8
Pages:
400
Table of Contents
|
Index
Copyright
The Radia Perlman Series in Computer Networking and Security Radia Perlman, Series Editor
Foreword
Acknowledgments
About the Authors
Chapter 1. Introduction
Section 1.1. DoS and DDoS
Section 1.2. Why Should We Care?
Section 1.3. What Is This Book?
Section 1.4. Who Is This Book For?
Section 1.5. What Can This Book Help You Do?
Section 1.6. Outline of the Remaining Chapters
Chapter 2. Understanding Denial of Service
Section 2.1. The Ulterior Motive
Section 2.2. Meet the Attackers
Section 2.3. Behind the Scenes
Section 2.4. Distribution Effects
Section 2.5. DDoS: Hype or Reality?
Section 2.6. How Vulnerable Are You to DDoS?
Chapter 3. History of DoS and DDoS
Section 3.1. Motivation
Section 3.2. Design Principles of the Internet
Section 3.3. DoS and DDoS Evolution
Chapter 4. How Attacks Are Waged
Section 4.1. Recruitment of the Agent Network
Section 4.2. Controlling the DDoS Agent Network
Section 4.3. Semantic Levels of DDoS Attacks
Section 4.4. Attack Toolkits
Section 4.5. What Is IP Spoofing?
Section 4.6. DDoS Attack Trends
Chapter 5. An Overview of DDoS Defenses
Section 5.1. Why DDoS Is a Hard Problem
Section 5.2. DDoS Defense Challenges
Section 5.3. Prevention versus Protection and Reaction
Section 5.4. DDoS Defense Goals
Section 5.5. DDoS Defense Locations
Section 5.6. Defense Approaches
Chapter 6. Detailed Defense Approaches
Section 6.1. Thinking about Defenses
Section 6.2. General Strategy for DDoS Defense
Section 6.3. Preparing to Handle a DDoS Attack
Section 6.4. Handling an Ongoing DDoS Attack as a Target
Section 6.5. Handling an Ongoing DDoS Attack as a Source
Section 6.6. Agreements/Understandings with Your ISP
Section 6.7. Analyzing DDoS tools
Chapter 7. Survey of Research Defense Approaches
Section 7.1. Pushback
Section 7.2. Traceback
Section 7.3. D-WARD
Section 7.4. NetBouncer
Section 7.5. Secure Overlay Services (SOS)
Section 7.6. Proof of Work
Section 7.7. DefCOM
Section 7.8. COSSACK
Section 7.9. Pi
Section 7.10. SIFF: An End-Host Capability Mechanism to Mitigate DDoS Flooding Attacks
Section 7.11. Hop-Count Filtering (HCF)
Section 7.12. Locality and Entropy Principles
Section 7.13. An Empirical Analysis of Target-Resident DoS Filters
Section 7.14. Research Prognosis
Chapter 8. Legal Issues
Section 8.1. Basics of the U.S. Legal System
Section 8.2. Laws That May Apply to DDoS Attacks
Section 8.3. Who Are the Victims of DDoS?
Section 8.4. How Often Is Legal Assistance Sought in DDoS Cases?
Section 8.5. Initiating Legal Proceedings as a Victim of DDoS
Section 8.6. Evidence Collection and Incident Response Procedures
Section 8.7. Estimating Damages
Section 8.8. Jurisdictional Issues
Section 8.9. Domestic Legal Issues
Section 8.10. International Legal Issues
Section 8.11. Self-Help Options
Section 8.12. A Few Words on Ethics
Section 8.13. Current Trends in International Cyber Law
Chapter 9. Conclusions
Section 9.1. Prognosis for DDoS
Section 9.2. Social, Moral, and Legal Issues
Section 9.3. Resources for Learning More
Section 9.4. Conclusion
Appendix A. Glossary
Appendix B. Survey of Commercial Defense Approaches
Section B.1. Mazu Enforcer by Mazu Networks
Section B.2. Peakflow by Arbor Networks
Section B.3. WS Series Appliances by Webscreen Technologies
Section B.4. Captus IPS by Captus Networks
Section B.5. MANAnet Shield by CS3
Section B.6. Cisco Traffic Anomaly Detector XT and Cisco Guard XT
Section B.7. StealthWatch by Lancope
Section B.8. Summary
Appendix C. DDoS Data
Section C.1. 2004 CSI/FBI Computer Crime and Security Survey
Section C.2. Inferring Internet Denial-of-Service Activity
Section C.3. A Framework for Classifying Denial-of-Service Attacks
Section C.4. Observations and Experiences Tracking Denial-of-Service Attacks across a Regional ISP
Section C.5. Report on the DDoS Attack on the DNS Root Servers
Section C.6. Conclusion
References
Index
< Day Day Up >
