Computer Science

Internet Denial of Service provides an in-depth look at the history and future of DDoS attacks. The authors draw on their extensive experience with actual DDoS attacks to offer practical methods for defending against and responding to such crimes. They also survey the commercial DDoS defense tools currently available and share the pros and cons of various defense strategies.

The first straightforward account of DDoS--a serious issue that impacts revenue in the board room and production in the server room.

• Despite there being thousands of distributed denial-of-service (DDoS) attacks daily and increasing at a rate of 120% per year, this is the first book devoted to the subject.
• The authors are highly-regarded authorities in this field who have been involved in a large number of real-life cases.
• Contains a thorough survey of the commercial DDoS defense tools currently available.

Foreword.

Acknowledgments.

About the Authors.

1. Introduction.

    DoS and DdoS

    Why Should We Care?

    What Is This Book?

    Who Is This Book For?

    What Can This Book Help You Do?

    Outline of the Remaining Chapters

2. Understanding Denial of Service.

    The Ulterior Motive

    Meet the Attackers

    Behind the Scenes

    Distribution Effects

    DDoS: Hype or Reality?

    How Vulnerable Are You to DDoS?

3. History of DoS and DDoS.

    Motivation

    Design Principles of the Internet

    DoS and DDoS Evolution

4. How Attacks Are Waged.

    Recruitment of the Agent Network

    Controlling the DDoS Agent Network

    Semantic Levels of DDoS Attacks

    Attack Toolkits

    What Is IP Spoofing?

    DDoS Attack Trends

5. An Overview of DDoS Defenses.

    Why DDoS Is a Hard Problem

    DDoS Defense Challenges

    Prevention versus Protection and Reaction

    DDoS Defense Goals

    DDoS Defense Locations

    Defense Approaches

6. Detailed Defense Approaches.

    Thinking about Defenses

    General Strategy for DDoS Defense

    Preparing to Handle a DDoS Attack

    Handling an Ongoing DDoS Attack as a Target

    Handling an Ongoing DDoS Attack as a Source

    Agreements/Understandings with Your ISP

    Analyzing DDoS tools

7. Survey of Research Defense Approaches.

    Pushback

    Traceback

    D-WARD

    NetBouncer

    Secure Overlay Services (SOS)

    Proof of Work

    DefCOM

    COSSACK

    Pi

    SIFF: An End-Host Capability Mechanism to Mitigate DDoS Flooding Attacks

    Hop-Count Filtering (HCF)

    Locality and Entropy Principles

    An Empirical Analysis of Target-Resident DoS Filters

    Research Prognosis

8. Legal Issues.

    Basics of the U.S. Legal System

    Laws That May Apply to DDoS Attacks

    Who Are the Victims of DDoS?

    How Often Is Legal Assistance Sought in DDoS Cases?

    Initiating Legal Proceedings as a Victim of DdoS

    Evidence Collection and Incident Response Procedures

    Estimating Damages

    Jurisdictional Issues

    Domestic Legal Issues

    International Legal Issues

    Self-Help Options

    A Few Words on Ethics

    Current Trends in International Cyber Law

9. Conclusions.

    Prognosis for DdoS

    Social, Moral, and Legal Issues

    Resources for Learning More

    Conclusion

Appendix A. Glossary.

Appendix B. Survey of Commercial Defense Approaches.

    Mazu Enforcer by Mazu Networks

    Peakflow by Arbor Networks

    WS Series Appliances by Webscreen Technologies

    Captus IPS by Captus Networks

    MANAnet Shield by CS3

    Cisco Traffic Anomaly Detector XT and Cisco Guard XT

    StealthWatch by Lancope

    Summary

Appendix C. DDoS Data.

    2004 CSI/FBI Computer Crime and Security Survey

    Inferring Internet Denial-of-Service Activity

    A Framework for Classifying Denial-of- Service Attacks

    Observations and Experiences Tracking Denial-of-Service Attacks across a Regional ISP

    Report on the DDoS Attack on the DNS Root Servers

    Conclusion

References.

Index.

Networking--Advanced [PTG: PRENTICE HALL PROFESSIONAL] (Computer Science)

Jelena Mirkovic has been an assistant professor at the University of Delaware since 2003. She holds a Ph.D. in computer science from the University of California, Los Angeles, where she developed effective defenses against distributed denial-of-service attacks.

Sven Dietrich is a member of the technical staff at the CERT Coordination Center, part of the Software Engineering Institute at Carnegie Mellon University, and is affiliated with Carnegie Mellon CyLab, a university-wide cyber security research and education initiative. He has worked and published on DDoS since 1999.

David Dittrich is a senior security engineer at the University of Washingtons Center for Information Assurance and Cybersecurity and a founding member of the Honeynet Project. He published the first detailed technical analyses of DDoS tools in 1999, and maintains the largest Web page on the subject.

Peter Reiher is an adjunct associate professor at the University of California, Los Angeles. His research includes defenses against denial-of-service attacks.

Suddenly your Web server becomes unavailable. When you investigate, you realize that a flood of packets is surging into your network. You have just become one of the hundreds of thousands of victims of a denial-of-service attack, a pervasive and growing threat to the Internet. What do you do?

Internet Denial of Service sheds light on a complex and fascinating form of computer attack that impacts the confidentiality, integrity, and availability of millions of computers worldwide. It tells the network administrator, corporate CTO, incident responder, and student how DDoS attacks are prepared and executed, how to think about DDoS, and how to arrange computer and network defenses. It also provides a suite of actions that can be taken before, during, and after an attack.

Inside, you'll find comprehensive information on the following topics

• How denial-of-service attacks are waged
• How to improve your network's resilience to denial-of-service attacks
• What to do when you are involved in a denial-of-service attack
• The laws that apply to these attacks and their implications
• How often denial-of-service attacks occur, how strong they are, and the kinds of damage they can cause
• Real examples of denial-of-service attacks as experienced by the attacker, victim, and unwitting accomplices

The authors' extensive experience in handling denial-of-service attacks and researching defense approaches is laid out clearly in practical, detailed terms.

View a Sample Chapter PDF:

Pearson Higher Education offers special pricing when you choose to package your text with other student resources. If you're interested in creating a cost-saving package for your students, contact your Pearson Higher Education representative for pricing and ordering information.

This title is a member of the Radia Perlman Series in Computer Networking and Security, which also contains the titles below . You can also visit the Radia Perlman Series in Computer Networking and Security page.

For years, Counter Hack has been the primary resource for every network/system administrator and security professional who needs a deep, hands-on understanding of hacker attacks and countermeasures. Now, leading network security experts Ed Skoudis and Tom Liston have thoroughly updated this best-selling guide, showing how to defeat today's newest, most sophisticated, and most destructive attacks.

• Counter Hack Reloaded: A Step-by-Step Guide to Computer Attacks and Effective Defenses, 2/E
  Skoudis & Liston
  © 2006 | Prentice Hall | Paper; 784 pages | Instock
  ISBN-10: 0131481045 | ISBN-13: 9780131481046
  Brief Description | Buy from myPearsonStore
  
  



An administrator's guide to setting up and managing a wireless LAN. Will cover: speeds and feeds (802.11b vs 11a vs 11g) configuring an 802.11 NIC (network information center) in a Windows and Linux environment.

• Field Guide to Wireless LANs for Administrators and Power Users, A
  Maufer
  © 2004 | Prentice Hall | Paper; 368 pages | Out of Stock
  ISBN-10: 0131014064 | ISBN-13: 9780131014060
  Brief Description
  
  



Internet Denial of Service provides an in-depth look at the history and future of DDoS attacks. The authors draw on their extensive experience with actual DDoS attacks to offer practical methods for defending against and responding to such crimes. They also survey the commercial DDoS defense tools currently available and share the pros and cons of various defense strategies.
• Internet Denial of Service: Attack and Defense Mechanisms
  Mirkovic, Dietrich, Dittrich & Reiher
  © 2005 | Prentice Hall | Paper; 400 pages | Instock
  ISBN-10: 0131475738 | ISBN-13: 9780131475731
  Brief Description | Buy from myPearsonStore
  
  



Malicious code is a set of instructions that runs on your computer and makes

your system do something that you do not want it to do. For example, it can

delete sensitive configuration files from your hard drive, rendering your

computer completely inoperable; infect your computer and use it as a jumpingoff

point to spread to all of your buddies' computers; and steal files from your

machine. Malicious code in the hands of a crafty attacker is indeed powerful.

It's becoming even more of a problem because many of the very same factors

fueling the evolution of the computer industry are making our systems even

more vulnerable to malicious code. Specifically, malicious code writers benefit

from the trends toward mixing static data and executable instructions,

increasingly homogenous computing environments, unprecedented

connectivity, an ever-larger clueless user base, and an unfriendly world. Skoudis

addressed malicious code in just one chapter of his previous book. Here, a

dozen chapters focus on one of the most interesting and rapidly developing

areas of computer attacks.

*Chapter 11, "Defender's Toolbox," rolls together the defensive strategies

described in the book. As a bonus, Skoudis gives recipes for creating your own

malicious code analysis laboratory using cheap hardware and software.

*Foreword by Gene Schultz, security inspector for Global Integrity.

• Malware: Fighting Malicious Code
  Skoudis & Zeltser
  © 2004 | Prentice Hall | Paper; 672 pages | Instock
  ISBN-10: 0131014056 | ISBN-13: 9780131014053
  Brief Description | Buy from myPearsonStore
  
  



The book will focus on mobile networks which use IP or the Internet Protodol. Author is on IETF (Internet Eng Task Force) Group which has standardized Mobile IP and has worked inthis field at Motorola for many years. A good chunck of this book will focus on mobile IP routing and advanced mobile IP features. Author will also cover: security and firewalls in mobile IP nets, IPv6 mobility, multicasting, multi-protocol support, applications (intranet LAN to LAN, wireless LANS, conferencing, commercial wireless products).

• Mobile IP: The Internet Unplugged
  Solomon
  © 1998 | Prentice Hall | Paper; 384 pages | Instock
  ISBN-10: 0138562466 | ISBN-13: 9780138562465
  Brief Description | Buy from myPearsonStore
  
  



Appropriate for all graduate-level and upper-level courses in network or computer security.

Widely regarded as the most comprehensive yet comprehensible guide to network security, the First Edition of Network Security received critical acclaim for its lucid and witty explanations of the inner workings of network security protocols. Now, in the Second Edition, this books exceptionally distinguished author team draws on its hard-won experience to illuminate every facet of information security, from the basics to advanced cryptography and authentication; secure Web and email services; and emerging security standards. Highlights of the books extensive new coverage include Advanced Encryption Standard (AES), IPsec, SSL, X.509 and related PKI standards, and Web security. The authors go far beyond documenting standards and technology: they contrast competing schemes, explain strengths and weaknesses, and identify the crucial errors most likely to compromise secure systems.

• Network Security: Private Communication in a Public World, 2/E
  Kaufman, Perlman & Speciner
  © 2003 | Prentice Hall | Cloth; 752 pages | Instock
  ISBN-10: 0130460192 | ISBN-13: 9780130460196
  Brief Description | Buy from myPearsonStore
  
  
• Network Security:Private Communications in a Public World, Safari, 2/E
  Kaufman, Perlman & Speciner
  © 2003 | Prentice Hall | On-line Supplement; 752 pages | Instock
  ISBN-10: 0137155883 | ISBN-13: 9780137155880
  URL: http://www.safari.informit.com
  
  
  



An implementation guide to optical networking from 2 cisco engineers. Topics covered will include: optical networking standards, optical technologies, Dense Wave Division Multiplexing, net generation intelligent optical networks, optical wavelength routing, routing with rsvp, dynamic packet transport and intelligent protection switching.

• Next Generation Optical Networks: The Convergence of IP Intelligence and Optical Technologies
  Tomsu & Schmutzer
  © 2002 | Prentice Hall | Paper; 352 pages | Instock
  ISBN-10: 013028226X | ISBN-13: 9780130282262
  Brief Description | Buy from myPearsonStore
  
  



PLEASE PROVIDE COURSE INFORMATION

PLEASE PROVIDE

• Optimizing Network Performance with Content Switching: Server, Firewall and Cache Load Balancing
  Syme & Goldie
  © 2004 | Prentice Hall | Paper; 288 pages | Instock
  ISBN-10: 0131014684 | ISBN-13: 9780131014688
  Brief Description | Buy from myPearsonStore
  
  
• PowerPoint Slides
  Skoudis
  © 2007 | Prentice Hall | Slides | Estimated Availability: 09/25/2006
  ISBN-10: 013233352X | ISBN-13: 9780132333528
  
  
  



Appropriate for all courses in network or information security.

This book teaches students how to secure any network, large or small. More than other books, it reflects the realities network administrators actually face on the front lines, where they are constantly under attack, and don't always get the support they need from their organizations. Former UUNet network architect Allan Liska addresses every facet of network security, including defining security models, access control, Web/DNS/email security, remote access and VPNs, wireless LAN/WAN security, day-to-day monitoring and logging, attack response, and more. He systematically identifies today's most widespread security mistakes and vulnerabilities, offering realistic and up-to-date solutions. He then integrates these techniques in an end-to-end case study, showing how to redesign an insecure enterprise network for maximum security, one step at a time.

• Practice of Network Security, The: Deployment Strategies for Production Environments
  Liska
  © 1996 | Prentice Hall | Paper; 416 pages | Instock
  ISBN-10: 0130462233 | ISBN-13: 9780130462237
  Brief Description | Buy from myPearsonStore
  
  



This book is the complete reference to today’s only Internet-based document

authoring and management standard: WebDAV (Web-based Distributed

Authoring and Versioning). If your work involves collaborative document

authoring, document management or Web or print publishing, WebDAV is

beginning to change the way you share documents with others.

Until recently, the Web has been limited to download and display capabilities.

HTTP editing functions do not allow multiple authors to work on the same

document remotely and in a secure manner. Much Web content authoring is

collaborative and occurs remotely. WebDAV is the first standard protocol to

address this need. It builds on and extends HTTP to bring the same benefits to

authoring that the Web has already brought to viewing content.

The Web is finally becoming a true authoring medium.

In the past year, support for WebDAV has greatly accelerated. Authors can

now use WebDAV in products such as Dreamweaver and Adobe products

such as Photoshop, GoLive and in the recently released version of

Framemaker WebDAV is also being supported in the operating systems

including MAC OS X and Windows XP.

• WebDAV: Next-Generation Collaborative Web Authoring
  Dusseault
  © 2004 | Prentice Hall | Paper; 480 pages | Instock
  ISBN-10: 0130652083 | ISBN-13: 9780130652089
  Brief Description | Buy from myPearsonStore
  
  

Pearson Higher Education offers special pricing when you choose to package your text with other student resources. If you're interested in creating a cost-saving package for your students contact your Pearson Higher Education representative.