1st Edition

DDoS Attacks Evolution, Detection, Prevention, Reaction, and Tolerance

    312 Pages 88 B/W Illustrations
    by Chapman & Hall

    DDoS Attacks: Evolution, Detection, Prevention, Reaction, and Tolerance discusses the evolution of distributed denial-of-service (DDoS) attacks, how to detect a DDoS attack when one is mounted, how to prevent such attacks from taking place, and how to react when a DDoS attack is in progress, with the goal of tolerating the attack. It introduces types and characteristics of DDoS attacks, reasons why such attacks are often successful, what aspects of the network infrastructure are usual targets, and methods used to launch attacks.

    The book elaborates upon the emerging botnet technology, current trends in the evolution and use of botnet technology, its role in facilitating the launching of DDoS attacks, and challenges in countering the role of botnets in the proliferation of DDoS attacks. It introduces statistical and machine learning methods applied in the detection and prevention of DDoS attacks in order to provide a clear understanding of the state of the art. It presents DDoS reaction and tolerance mechanisms with a view to studying their effectiveness in protecting network resources without compromising the quality of services.

    To practically understand how attackers plan and mount DDoS attacks, the authors discuss the development of a testbed that can be used to perform experiments such as attack launching, monitoring of network traffic, and detection of attacks, as well as for testing strategies for prevention, reaction, and mitigation. Finally, the authors address current issues and challenges that need to be overcome to provide even better defense against DDoS attacks.

    Introduction
    Anomalies in Networks
    Distributed Denial-of-Service (DDoS) Attacks
    Causes of DDoS Attacks
    Targets of DDoS Attacks
    Launching of DDoS Attacks
    Current Trends in Botnet Technology
    Machine Learning in DDoS Attack Handling
    DDoS Defense
    Modules of a DDoS Defense System
    Types of DDoS Defense Systems
    DDoS Tools and Systems
    DDoS Defense Evaluation
    Prior Work
    Contribution of This Book
    Organization of This Book

    DDoS Attacks, Machine Learning, and Measures
    Issues in Internet Design
    DDoS Attacks and Their Types
    DDoS Attack Targets
    Current Trends in DDoS Attacks
    Strength of DDoS Attackers
    Desired Characteristics of DDoS Defense System
    Recent DDoS Attacks
    Machine Learning Background
    Some Empirical Studies
    Chapter Summary

    Botnets: Trends and Challenges
    DDoS Attacks Using Stationary Botnets
    Chapter Summary and Recommendations

    DDoS Detection
    Modules of a DDoS Defense Solution
    Types of DDoS Defense Solutions
    DDoS Detection Techniques
    Chapter Summary

    DDoS Prevention
    DDoS Prevention Techniques
    Chapter Summary

    DDoS Reaction and Tolerance
    Intrusion Response System (IRS)
    DDoS Tolerance Approaches and Methods
    Chapter Summary

    Tools and Systems
    Introduction
    Types of Network Security Tools
    Observations
    TUCANNON+: DDoS Attack-Generation and Monitoring Tool
    TUCannon Architecture
    TUMonitor: Traffic Monitoring Module in TUCANNON+
    DDoS Defense Systems
    Chapter Summary

    Research Challenges and Recommendations
    Conclusion
    Research Challenges

    Biography

    Dhruba Kumar Bhattacharyya is a professor in computer science and engineering at Tezpur University, where he earned his PhD degree in cryptography and error-control coding in 1999. His research areas include network security, data mining, and bioinformatics. He has published more than 200 research articles in leading international journals and peer-reviewed conference proceedings. Dr. Bhattacharyya has authored three technical reference books and edited eight technical volumes. Under his guidance, thirteen students have received their PhD degrees in the areas of machine learning, bioinformatics, and network security. He is on the editorial board of several international journals.

    Jugal Kumar Kalita teaches computer science at the University of Colorado, Colorado Springs. He earned his MS and PhD degrees in computer and information science from the University of Pennsylvania in Philadelphia in 1988 and 1990, respectively. Prior to that, he earned an MSc from the University of Saskatchewan in Saskatoon, Canada, in 1984, and a BTech from the Indian Institute of Technology, Kharagpur, in 1982. His expertise is in the areas of artificial intelligence and machine learning and the application of techniques in machine learning to network security, natural language processing, and bioinformatics.