Internet Denial of Service: Attack and Defense Mechanisms

Description:

Internet Denial of Service provides an in-depth look at the history and future of DDoS attacks. The authors draw on their extensive experience with actual DDoS attacks to offer practical methods for defending against and responding to such crimes. They also survey the commercial DDoS defense tools currently available and share the pros and cons of various defense strategies.

Table of Contents:

Foreword.

Acknowledgments.

About the Authors.

1. Introduction.

    DoS and DdoS

    Why Should We Care?

    What Is This Book?

    Who Is This Book For?

    What Can This Book Help You Do?

    Outline of the Remaining Chapters

2. Understanding Denial of Service.

    The Ulterior Motive

    Meet the Attackers

    Behind the Scenes

    Distribution Effects

    DDoS: Hype or Reality?

    How Vulnerable Are You to DDoS?

3. History of DoS and DDoS.

    Motivation

    Design Principles of the Internet

    DoS and DDoS Evolution

4. How Attacks Are Waged.

    Recruitment of the Agent Network

    Controlling the DDoS Agent Network

    Semantic Levels of DDoS Attacks

    Attack Toolkits

    What Is IP Spoofing?

    DDoS Attack Trends

5. An Overview of DDoS Defenses.

    Why DDoS Is a Hard Problem

    DDoS Defense Challenges

    Prevention versus Protection and Reaction

    DDoS Defense Goals

    DDoS Defense Locations

    Defense Approaches

6. Detailed Defense Approaches.

    Thinking about Defenses

    General Strategy for DDoS Defense

    Preparing to Handle a DDoS Attack

    Handling an Ongoing DDoS Attack as a Target

    Handling an Ongoing DDoS Attack as a Source

    Agreements/Understandings with Your ISP

    Analyzing DDoS tools

7. Survey of Research Defense Approaches.

    Pushback

    Traceback

    D-WARD

    NetBouncer

    Secure Overlay Services (SOS)

    Proof of Work

    DefCOM

    COSSACK

    Pi

    SIFF: An End-Host Capability Mechanism to Mitigate DDoS Flooding Attacks

    Hop-Count Filtering (HCF)

    Locality and Entropy Principles

    An Empirical Analysis of Target-Resident DoS Filters

    Research Prognosis

8. Legal Issues.

    Basics of the U.S. Legal System

    Laws That May Apply to DDoS Attacks

    Who Are the Victims of DDoS?

    How Often Is Legal Assistance Sought in DDoS Cases?

    Initiating Legal Proceedings as a Victim of DdoS

    Evidence Collection and Incident Response Procedures

    Estimating Damages

    Jurisdictional Issues

    Domestic Legal Issues

    International Legal Issues

    Self-Help Options

    A Few Words on Ethics

    Current Trends in International Cyber Law

9. Conclusions.

    Prognosis for DdoS

    Social, Moral, and Legal Issues

    Resources for Learning More

    Conclusion

Appendix A. Glossary.

Appendix B. Survey of Commercial Defense Approaches.

    Mazu Enforcer by Mazu Networks

    Peakflow by Arbor Networks

    WS Series Appliances by Webscreen Technologies

    Captus IPS by Captus Networks

    MANAnet Shield by CS3

    Cisco Traffic Anomaly Detector XT and Cisco Guard XT

    StealthWatch by Lancope

    Summary

Appendix C. DDoS Data.

    2004 CSI/FBI Computer Crime and Security Survey

    Inferring Internet Denial-of-Service Activity

    A Framework for Classifying Denial-of- Service Attacks

    Observations and Experiences Tracking Denial-of-Service Attacks across a Regional ISP

    Report on the DDoS Attack on the DNS Root Servers

    Conclusion

References.

Index.