Suddenly your Web server becomes unavailable. When you investigate, you realize that a flood of packets is surging into your network. You have just become one of the hundreds of thousands of victims of a denial-of-service attack, a pervasive and growing threat to the Internet. What do you do?Internet Denial of Service sheds light on a complex and fascinating form of computer attack that impacts the confidentiality, integrity, and availability of millions of computers worldwide. It tells the network administrator, corporate CTO, incident responder, and student how DDoS attacks are prepared and executed, how to think about DDoS, and how to arrange computer and network defenses. It also provides a suite of actions that can be taken before, during, and after an attack.Inside, you'll find comprehensive information on the following topics How denial-of-service attacks are waged How to improve your network's resilience to denial-of-service attacks What to do when you are involved in a denial-of-service attack The laws that apply to these attacks and their implications How often denial-of-service attacks occur, how strong they are, and the kinds of damage they can cause Real examples of denial-of-service attacks as experienced by the attacker, victim, and unwitting accomplicesThe authors' extensive experience in handling denial-of-service attacks and researching defense approaches is laid out clearly in practical, detailed terms.
Cited By
- Atiyah A and Almajali S A traffic tracking algorithm for a fast detection of active network sources Proceedings of the 2nd International Conference on Future Networks and Distributed Systems, (1-6)
- Shan Y, Kesidis G and Fleck D Cloud-Side Shuffling Defenses against DDoS Attacks on Proxied Multiserver Systems Proceedings of the 2017 on Cloud Computing Security Workshop, (1-10)
- Jonker M, King A, Krupp J, Rossow C, Sperotto A and Dainotti A Millions of targets under attack Proceedings of the 2017 Internet Measurement Conference, (100-113)
- Tiloca M, Gehrmann C and Seitz L (2017). On improving resistance to Denial of Service and key provisioning scalability of the DTLS handshake, International Journal of Information Security, 16:2, (173-193), Online publication date: 1-Apr-2017.
- Zlomislić V, Fertalj K and Sruk V (2017). Denial of service attacks, defences and research challenges, Cluster Computing, 20:1, (661-671), Online publication date: 1-Mar-2017.
- Farina P, Cambiaso E, Papaleo G and Aiello M (2016). Are mobile botnets a possible threat? The case of SlowBot Net, Computers and Security, 58:C, (268-283), Online publication date: 1-May-2016.
- Eikel M and Scheideler C (2015). IRIS, ACM Transactions on Parallel Computing, 2:3, (1-33), Online publication date: 2-Nov-2015.
- Soska K and Christin N Automatically detecting vulnerable websites before they turn malicious Proceedings of the 23rd USENIX conference on Security Symposium, (625-640)
- Kührer M, Hupperich T, Rossow C and Holz T Exit from hell? reducing the impact of amplification DDoS attacks Proceedings of the 23rd USENIX conference on Security Symposium, (111-125)
- Rodríguez-Gómez R, Maciá-Fernández G and García-Teodoro P (2013). Survey and taxonomy of botnet research through life-cycle, ACM Computing Surveys, 45:4, (1-33), Online publication date: 1-Aug-2013.
- Eikel M and Scheideler C IRIS Proceedings of the twenty-fifth annual ACM symposium on Parallelism in algorithms and architectures, (119-129)
- Kotenko I, Konovalov A and Shorov A (2012). Agent-based simulation of cooperative defence against botnets, Concurrency and Computation: Practice & Experience, 24:6, (573-588), Online publication date: 1-Apr-2012.
- Bhandari A, Sangal A and Saluja K Queuing algorithms performance against buffer size and attack intensities in DDOS attacks Proceedings of the 2011 international conference on Advanced Computing, Networking and Security, (534-540)
- Geneiatakis D, Portokalidis G and Keromytis A A multilayer overlay network architecture for enhancing IP services availability against dos Proceedings of the 7th international conference on Information Systems Security, (322-336)
- Roman J, Radek B, Radek V and Libor S Launching distributed denial of service attacks by network protocol exploitation Proceedings of the 2nd international conference on Applied informatics and computing theory, (210-216)
- Sun X, Torres R and Rao S (2010). Preventing DDoS attacks on internet servers exploiting P2P systems, Computer Networks: The International Journal of Computer and Telecommunications Networking, 54:15, (2756-2774), Online publication date: 1-Oct-2010.
- Maciá-Fernández G, Rodríguez-Gómez R and Díaz-Verdejo J (2010). Defense techniques for low-rate DoS attacks against application servers, Computer Networks: The International Journal of Computer and Telecommunications Networking, 54:15, (2711-2727), Online publication date: 1-Oct-2010.
- Geneiatakis D, Vrakas N and Lambrinoudakis C (2009). Utilizing bloom filters for detecting flooding attacks against SIP based services, Computers and Security, 28:7, (578-591), Online publication date: 1-Oct-2009.
- Liu C and Zhang S A bidirectional-based DDoS detection mechanism Proceedings of the 5th International Conference on Wireless communications, networking and mobile computing, (4482-4485)
- Maciá-Fernández G, Díaz-Verdejo J and García-Teodoro P (2009). Mathematical model for low-rate DoS attacks against application servers, IEEE Transactions on Information Forensics and Security, 4:3, (519-529), Online publication date: 1-Sep-2009.
- Baumgart M, Scheideler C and Schmid S A DoS-resilient information system for dynamic data management Proceedings of the twenty-first annual symposium on Parallelism in algorithms and architectures, (300-309)
- Goldstein M, Reif M, Stahl A and Breuel T High performance traffic shaping for DDoS mitigation Proceedings of the 2008 ACM CoNEXT Conference, (1-2)
- Ostaszewski M, Bouvry P and Seredynski F Denial of service detection and analysis using idiotypic networks paradigm Proceedings of the 10th annual conference on Genetic and evolutionary computation, (79-86)
- Roichman A and Gudes E DIWeDa - Detecting Intrusions in Web Databases Proceeedings of the 22nd annual IFIP WG 11.3 working conference on Data and Applications Security, (313-329)
- Andreou M and van Moorsel A Logging based IP Traceback in switched ethernets Proceedings of the 1st European Workshop on System Security, (1-7)
- Prusiewicz A A multi-agent system for computer network security monitoring Proceedings of the 2nd KES International conference on Agent and multi-agent systems: technologies and applications, (842-849)
- Bullot T, Khatoun R, Hugues L, Gaïti D and Merghem-Boulahia L (2008). A situatedness-based knowledge plane for autonomic networking, International Journal of Network Management, 18:2, (171-193), Online publication date: 1-Mar-2008.
- Taesombut N and Chien A Evaluating network information models on resource efficiency and application performance in lambda-grids Proceedings of the 2007 ACM/IEEE conference on Supercomputing, (1-12)
- Boteanu D, Reich E, Fernandez J and McHugh J Implementing and testing dynamic timeout adjustment as a dos counter-measure Proceedings of the 2007 ACM workshop on Quality of protection, (34-39)
- Boteanu D, Fernandez J, McHugh J and Mullins J Queue management as a DoS counter-measure? Proceedings of the 10th international conference on Information Security, (263-280)
- Wu Z and Zhang D Scheme of defending against DDoS attacks in large-scale ISP networks Proceedings of the 2007 IFIP international conference on Network and parallel computing, (296-305)
- Zhang G, Ehlert S, Magedanz T and Sisalem D Denial of service attack and prevention on SIP VoIP infrastructures using DNS flooding Proceedings of the 1st international conference on Principles, systems and applications of IP telecommunications, (57-66)
- El Defrawy K, Gjoka M and Markopoulou A BotTorrent Proceedings of the 3rd USENIX workshop on Steps to reducing unwanted traffic on the internet, (1-6)
- Wu Q, Zhang H and Pu J Mitigating distributed denial-of-service attacks using network connection control charts Proceedings of the 2nd international conference on Scalable information systems, (1-4)
- Kotenko I and Ulanov A Multi-agent framework for simulation of adaptive cooperative defense against internet attacks Proceedings of the 2nd international conference on Autonomous intelligent systems: agents and data mining, (212-228)
- Peng T, Leckie C and Ramamohanarao K (2007). Survey of network-based defense mechanisms countering the DoS and DDoS problems, ACM Computing Surveys, 39:1, (3-es), Online publication date: 12-Apr-2007.
- Huang Y, Geng X and Whinston A (2007). Defeating DDoS attacks by fixing the incentive chain, ACM Transactions on Internet Technology, 7:1, (5-es), Online publication date: 1-Feb-2007.
- Zhang Z, Ho P, Lin X and Shen H Janus Proceedings of the 9th international conference on Information Security and Cryptology, (136-154)
- Mao Z, Sekar V, Spatscheck O, van der Merwe J and Vasudevan R Analyzing large DDoS attacks using multiple data sources Proceedings of the 2006 SIGCOMM workshop on Large-scale attack defense, (161-168)
- Li M, Wang S and Zhao W A real-time and reliable approach to detecting traffic variations at abnormally high and low rates Proceedings of the Third international conference on Autonomic and Trusted Computing, (541-550)
- Kotenko I and Ulanov A Simulation of internet DDoS attacks and defense Proceedings of the 9th international conference on Information Security, (327-342)
- Naoumov N and Ross K Exploiting P2P systems for DDoS attacks Proceedings of the 1st international conference on Scalable information systems, (47-es)
- Cheung S (2006). Denial of Service against the Domain Name System, IEEE Security and Privacy, 4:1, (40-45), Online publication date: 1-Jan-2006.
- Carl G, Kesidis G, Brooks R and Rai S (2006). Denial-of-Service Attack-Detection Techniques, IEEE Internet Computing, 10:1, (82-89), Online publication date: 1-Jan-2006.
- Freiling F, Holz T and Wicherski G Botnet tracking Proceedings of the 10th European conference on Research in Computer Security, (319-335)
- Hussain A, Bartlett G, Pryadkin Y, Heidemann J, Papadopoulos C and Bannister J Experiences with a continuous network tracing infrastructure Proceedings of the 2005 ACM SIGCOMM workshop on Mining network data, (185-190)
Index Terms
- Internet Denial of Service: Attack and Defense Mechanisms (Radia Perlman Computer Networking and Security)
Recommendations
Mitigating denial of service attacks: a tutorial
This tutorial describes what Denial of Service (DOS) attacks are. how they can be carried out in IP networks, and how one can defend against them. Distributed DoS (DDoS) attacks are included here as a subset of DoS attacks. A DoS attack has two phases: ...
Surviving Distributed Denial-of-Service Attacks
A series of distributed denial-of-service (DDoS) attacks were launched against computer systems and services in the US and South Korea beginning July 4th. A DDoS attack is an attempt to make a computer service unavailable to its intended users. The ...
Protection Against Denial of Service Attacks
Denial of service (DoS) is a prevalent threat in today's networks because DoS attacks are easy to launch, while defending a network resource against them is disproportionately difficult. Despite the extensive research in recent years, DoS attacks ...