Library Logo
Normal view MARC view ISBD view

Theoretical and experimental methods for defending against DDoS attacks / [electronic resource]

by Soltanian, Mohammad Reza Khalifeh [author.]; Amiri, Iraj Sadegh [author.].
Material type: materialTypeLabelBookSeries: Advanced topics in information security.Publisher: Waltham, MA : Syngress is an imprint of Elsevier, 2016.Description: 1 online resource (viii, 62 pages) : illustrations.ISBN: 0128053992; 9780128053997; 0128053917; 9780128053911.Subject(s): Computer networks -- Security measures | Denial of service attacks | COMPUTERS -- Internet -- Security | COMPUTERS -- Networking -- Security | COMPUTERS -- Security -- General | Computer networks -- Security measures | Denial of service attacks | Electronic books | Electronic booksOnline resources: ScienceDirect
Contents:
Title page; Table of Contents; Copyright; List of figures; List of tables; Preface; Chapter 1: Introduction; Abstract; 1.1. DDoS attacks; 1.2. Motivation; 1.3. Objective; 1.4. Organization; Chapter 2: Related Works; Abstract; 2.1. General overview and definitions; 2.2. Client puzzle theory; 2.3. CPU-bound puzzles; 2.4. Summary of CPU-bound puzzles; 2.5. Memory-bound puzzles; 2.6. Summary of memory-bound puzzles; 2.7. Comparison of existing client puzzles schemes; 2.8. Collaboration of detection over multiple networks; Chapter 3: Problem Solving, Investigating Ideas, and Solutions; Abstract.
3.1. MikroTik routers3.2. Multirouter traffic grapher (MRTG); 3.3. Birthday attack and birthday paradox; 3.4. Legal and illegal requests; 3.5. Traffic models; 3.6. Assumptions and considerations; 3.7. Probability of concurrency request to a website; 3.8. Detection and prevention; Chapter 4: Results and Discussions; Abstract; 4.1. Time investigation in attack detection; 4.2. False-positive and false-negative error; 4.3. Measuring the performance metrics; 4.4. Trade off; 4.5. Summary; Chapter 5: Conclusions and Recommendations; Abstract; 5.1. Conclusions; 5.2. Recommendations; References.
Summary: Denial of Service (DoS) attacks are a form of attack that seeks to make a network resource unavailable due to overloading the resource or machine with an overwhelming number of packets, thereby crashing or severely slowing the performance of the resource. Distributed Denial of Service (DDoS) is a large scale DoS attack which is distributed in the Internet. Every computer which has access to the Internet can behave as an attacker. Typically bandwidth depletion can be categorized as either a flood or an amplification attack. Flood attacks can be done by generating ICMP packets or UDP packets in which it can utilize stationary or random variable ports. Smurf and Fraggle attacks are used for amplification attacks. DDoS Smurf attacks are an example of an amplification attack where the attacker sends packets to a network amplifier with the return address spoofed to the victim's IP address. This book presents new research and methodologies along with a proposed algorithm for prevention of DoS attacks that has been written based on cryptographic concepts such as birthday attacks to estimate the rate of attacks generated and passed along the routers. Consequently, attackers would be identified and prohibited from sending spam traffic to the server which can cause DDoS attacks. Due to the prevalence of DoS attacks, there has been a lot of research conducted on how to detect them and prevent them. The authors of this short format title provide their research results on providing an effective solution to DoS attacks, including introduction of the new algorithm that can be implemented in order to deny DoS attacks.
Tags from this library: No tags from this library for this title. Add tag(s)
Log in to add tags.
    average rating: 0.0 (0 votes)
No physical items for this record

Denial of Service (DoS) attacks are a form of attack that seeks to make a network resource unavailable due to overloading the resource or machine with an overwhelming number of packets, thereby crashing or severely slowing the performance of the resource. Distributed Denial of Service (DDoS) is a large scale DoS attack which is distributed in the Internet. Every computer which has access to the Internet can behave as an attacker. Typically bandwidth depletion can be categorized as either a flood or an amplification attack. Flood attacks can be done by generating ICMP packets or UDP packets in which it can utilize stationary or random variable ports. Smurf and Fraggle attacks are used for amplification attacks. DDoS Smurf attacks are an example of an amplification attack where the attacker sends packets to a network amplifier with the return address spoofed to the victim's IP address. This book presents new research and methodologies along with a proposed algorithm for prevention of DoS attacks that has been written based on cryptographic concepts such as birthday attacks to estimate the rate of attacks generated and passed along the routers. Consequently, attackers would be identified and prohibited from sending spam traffic to the server which can cause DDoS attacks. Due to the prevalence of DoS attacks, there has been a lot of research conducted on how to detect them and prevent them. The authors of this short format title provide their research results on providing an effective solution to DoS attacks, including introduction of the new algorithm that can be implemented in order to deny DoS attacks.

Includes bibliographical references.

Online resource; title from PDF title page (ScienceDirect, viewed December 2, 2015).

Title page; Table of Contents; Copyright; List of figures; List of tables; Preface; Chapter 1: Introduction; Abstract; 1.1. DDoS attacks; 1.2. Motivation; 1.3. Objective; 1.4. Organization; Chapter 2: Related Works; Abstract; 2.1. General overview and definitions; 2.2. Client puzzle theory; 2.3. CPU-bound puzzles; 2.4. Summary of CPU-bound puzzles; 2.5. Memory-bound puzzles; 2.6. Summary of memory-bound puzzles; 2.7. Comparison of existing client puzzles schemes; 2.8. Collaboration of detection over multiple networks; Chapter 3: Problem Solving, Investigating Ideas, and Solutions; Abstract.

3.1. MikroTik routers3.2. Multirouter traffic grapher (MRTG); 3.3. Birthday attack and birthday paradox; 3.4. Legal and illegal requests; 3.5. Traffic models; 3.6. Assumptions and considerations; 3.7. Probability of concurrency request to a website; 3.8. Detection and prevention; Chapter 4: Results and Discussions; Abstract; 4.1. Time investigation in attack detection; 4.2. False-positive and false-negative error; 4.3. Measuring the performance metrics; 4.4. Trade off; 4.5. Summary; Chapter 5: Conclusions and Recommendations; Abstract; 5.1. Conclusions; 5.2. Recommendations; References.

There are no comments for this item.

Log in to your account to post a comment.
Last Updated on September 15, 2019
© Dhaka University Library. All Rights Reserved|Staff Login