Автор: Richard R. Brooks, Ilker Ozcelik
Издательство: CRC Press
Год: 2020
Страниц: 423
Язык: английский
Формат: pdf (true), epub
Размер: 36.2 MB
This book is the result of many years of research on Distributed Denial of Service (DDoS) attacks. DDoS attacks have become more destructive, wide-spread and harder to control over time. This book allows students to understand how these attacks are constructed, the security flaws they leverage, why they are effective, how they can be detected, and how they can be mitigated. Students use software defined networking (SDN) technology to created and execute controlled DDoS experiments. They learn how to deploy networks, analyze network performance, and create resilient systems.
A Denial of Service (DoS) attack disables network resources. The DDoS attack surface is large. It basically amounts to all the hardware and software components attached to the Internet. This includes:
• Network resources (hubs, routers, firewalls, gateways, wireless spectrum, etc.),
• System resources (computer memory, network interfaces, operating systems, web servers,
etc.),
• Protocol definitions and implementations, and
• Physical damage (cables, optical cables, power lines, satellites, etc.)
To better understand DDoS attacks, researchers classified the attacks based on their significant characteristics. These classifications help researchers gain new insights and perspectives about the problem and help while tackling with them. Some of the DDoS attack characteristics, which are used to classify these attacks and found in the literature are Degree of Automation, Exploited Weakness, Attack Rate Dynamics, Impact on the Victim, Source Address Validity, Persistence of Agent Set, Victim Type, Possibility of Characterization, Attack Network and Modes.
This book is used for graduate level computer engineering instruction at Clemson University. It augments the traditional graduate computing curricula by integrating: Internet deployment, network security, ethics, contemporary social issues, and engineering principles into a laboratory based course of instruction. Unique features of this book include:
A history of DDoS attacks that includes attacker motivations
Discussion of cyber-war, censorship, and Internet black-outs
SDN based DDoS laboratory assignments
Up-to-date review of current DDoS attack techniques and tools
Review of the current laws that globally relate to DDoS
Abuse of DNS, NTP, BGP and other parts of the global Internet infrastructure to attack networks
Mathematics of Internet traffic measurement
Game theory for DDoS resilience
Construction of content distribution systems that absorb DDoS attacks
This book assumes familiarity with computing, Internet design, appropriate background in mathematics, and some programming skills. It provides analysis and reference material for networking engineers and researchers. By increasing student knowledge in security, and networking; it adds breadth and depth to advanced computing curricula.
Скачать Distributed Denial of Service Attacks: Real-world Detection and Mitigation