1st Edition
DDoS Attacks Evolution, Detection, Prevention, Reaction, and Tolerance
DDoS Attacks: Evolution, Detection, Prevention, Reaction, and Tolerance discusses the evolution of distributed denial-of-service (DDoS) attacks, how to detect a DDoS attack when one is mounted, how to prevent such attacks from taking place, and how to react when a DDoS attack is in progress, with the goal of tolerating the attack. It introduces types and characteristics of DDoS attacks, reasons why such attacks are often successful, what aspects of the network infrastructure are usual targets, and methods used to launch attacks.
The book elaborates upon the emerging botnet technology, current trends in the evolution and use of botnet technology, its role in facilitating the launching of DDoS attacks, and challenges in countering the role of botnets in the proliferation of DDoS attacks. It introduces statistical and machine learning methods applied in the detection and prevention of DDoS attacks in order to provide a clear understanding of the state of the art. It presents DDoS reaction and tolerance mechanisms with a view to studying their effectiveness in protecting network resources without compromising the quality of services.
To practically understand how attackers plan and mount DDoS attacks, the authors discuss the development of a testbed that can be used to perform experiments such as attack launching, monitoring of network traffic, and detection of attacks, as well as for testing strategies for prevention, reaction, and mitigation. Finally, the authors address current issues and challenges that need to be overcome to provide even better defense against DDoS attacks.
Introduction
Anomalies in Networks
Distributed Denial-of-Service (DDoS) Attacks
Causes of DDoS Attacks
Targets of DDoS Attacks
Launching of DDoS Attacks
Current Trends in Botnet Technology
Machine Learning in DDoS Attack Handling
DDoS Defense
Modules of a DDoS Defense System
Types of DDoS Defense Systems
DDoS Tools and Systems
DDoS Defense Evaluation
Prior Work
Contribution of This Book
Organization of This Book
DDoS Attacks, Machine Learning, and Measures
Issues in Internet Design
DDoS Attacks and Their Types
DDoS Attack Targets
Current Trends in DDoS Attacks
Strength of DDoS Attackers
Desired Characteristics of DDoS Defense System
Recent DDoS Attacks
Machine Learning Background
Some Empirical Studies
Chapter Summary
Botnets: Trends and Challenges
DDoS Attacks Using Stationary Botnets
Chapter Summary and Recommendations
DDoS Detection
Modules of a DDoS Defense Solution
Types of DDoS Defense Solutions
DDoS Detection Techniques
Chapter Summary
DDoS Prevention
DDoS Prevention Techniques
Chapter Summary
DDoS Reaction and Tolerance
Intrusion Response System (IRS)
DDoS Tolerance Approaches and Methods
Chapter Summary
Tools and Systems
Introduction
Types of Network Security Tools
Observations
TUCANNON+: DDoS Attack-Generation and Monitoring Tool
TUCannon Architecture
TUMonitor: Traffic Monitoring Module in TUCANNON+
DDoS Defense Systems
Chapter Summary
Research Challenges and Recommendations
Conclusion
Research Challenges
Biography
Dhruba Kumar Bhattacharyya is a professor in computer science and engineering at Tezpur University, where he earned his PhD degree in cryptography and error-control coding in 1999. His research areas include network security, data mining, and bioinformatics. He has published more than 200 research articles in leading international journals and peer-reviewed conference proceedings. Dr. Bhattacharyya has authored three technical reference books and edited eight technical volumes. Under his guidance, thirteen students have received their PhD degrees in the areas of machine learning, bioinformatics, and network security. He is on the editorial board of several international journals.
Jugal Kumar Kalita teaches computer science at the University of Colorado, Colorado Springs. He earned his MS and PhD degrees in computer and information science from the University of Pennsylvania in Philadelphia in 1988 and 1990, respectively. Prior to that, he earned an MSc from the University of Saskatchewan in Saskatoon, Canada, in 1984, and a BTech from the Indian Institute of Technology, Kharagpur, in 1982. His expertise is in the areas of artificial intelligence and machine learning and the application of techniques in machine learning to network security, natural language processing, and bioinformatics.