DDoS Attacks Evolution, Detection, Prevention, Reaction, and Tolerance 1st Edition by Dhruba Kumar Bhattacharyya, Jugal Kumar Kalita – Ebook PDF Instant Download/Delivery: 1040071333, 9781040071335
Full dowload DDoS Attacks Evolution, Detection, Prevention, Reaction, and Tolerance 1st Edition after payment
Product details:
ISBN 10: 1040071333
ISBN 13: 9781040071335
Author: Dhruba Kumar Bhattacharyya, Jugal Kumar Kalita
DDoS Attacks: Evolution, Detection, Prevention, Reaction, and Tolerance discusses the evolution of distributed denial-of-service (DDoS) attacks, how to detect a DDoS attack when one is mounted, how to prevent such attacks from taking place, and how to react when a DDoS attack is in progress, with the goal of tolerating the attack. It introduces typ.
DDoS Attacks Evolution, Detection, Prevention, Reaction, and Tolerance 1st Table of contents:
1 Introduction
1.1 Anomalies in Networks
1.2 Distributed Denial-of-Service (DDoS) Attacks
1.3 Causes of DDoS Attacks
1.4 Targets of DDoS Attacks
1.5 Launching of DDoS Attacks
1.6 Current Trends in Botnet Technology
1.7 Machine Learning in DDoS Attack Handling
1.7.1 Traffic Attributes and User-Parameter Selection
1.7.2 Selection of Metrics or Measures
1.7.3 Analysis of Data
1.7.4 Mode of Detection
1.7.5 Generation of Alarm Information and Reaction
1.8 DDoS Defense
1.9 Modules of a DDoS Defense System
1.10 Types of DDoS Defense Systems
1.10.1 Based on Approach
1.10.1.1 DDoS Detection
1.10.1.2 DDoS Prevention
1.10.1.3 DDoS Response
1.10.1.4 DDoS Tolerance
1.10.2 Based on Nature of Control
1.10.2.1 Centralized DDoS Defense
1.10.2.2 Hierarchical DDoS Defense
1.10.2.3 Distributed DDoS Defense
1.10.3 Based on Defense Infrastructure
1.10.3.1 Host-Based DDoS Defense
1.10.3.2 Network-Based DDoS Defense
1.10.4 Based on Defense Location
1.10.4.1 Victim-End DDoS Defense
1.10.4.2 Source-End DDoS Defense
1.10.4.3 Intermediate Network DDoS Defense
1.10.5 Based on Technique Used
1.10.5.1 Misuse Detection
1.10.5.2 Anomaly Detection
1.11 DDoS Tools and Systems
1.12 DDoS Defense Evaluation
1.13 Prior Work
1.14 Contribution of This Book
1.15 Organization of This Book
2 DDoS, Machine Learning, Measures
2.1 Issues in Internet Design
2.1.1 Complex Edge but Simple Core
2.1.2 Link Bandwidth Mismatch between Core and Edge
2.1.3 Routing Principles
2.1.4 Lack of Centralized Network Management
2.1.5 Sharing of Reserved Resources across Data Centers
2.2 DDoS Attacks and Their Types
2.2.1 Agent-Handler and IRC-Based DDoS Attack Generation
2.2.2 Types of DDoS Attacks
2.2.2.1 Layer-Specific DDoS Attacks
2.2.2.2 Direct and Reflector-Based DDoS Attacks
2.2.2.3 Direct and Indirect DDoS Attacks
2.2.2.4 High-Rate and Low-Rate DDoS Attacks
2.2.2.5 Attack Types Based on Rate Dynamics
2.3 DDoS Attack Targets
2.3.1 On Infrastructure
2.3.2 On Link
2.3.3 On Router
2.3.4 On OS
2.3.5 On Defense Mechanism
2.4 Current Trends in DDoS Attacks
2.5 Strength of DDoS Attackers
2.6 Desired Characteristics of DDoS Defense System
2.7 Recent DDoS Attacks
2.8 Machine Learning Background
2.8.1 Supervised and Unsupervised Machine Learning
2.8.2 Measures: Similarity and Dissimilarity
2.8.2.1 Dissimilarity Measures
2.8.2.2 Correlation Measures
2.8.2.3 f-Divergence Measures
2.8.2.4 Information Metrics
2.8.3 Discussion
2.9 Some Empirical Studies
2.9.1 Using Information Metrics
2.9.1.1 Testbed Used
2.9.1.2 Datasets Used
2.9.1.3 Results of Empirical Study
2.9.1.4 Discussion
2.9.2 Using Correlation Measures
2.9.2.1 An Example
2.9.3 Using f-Divergence Measures
2.9.3.1 Results
2.9.4 Discussion
2.10 Chapter Summary
3 Botnets: Trends and Challenges
3.1 DDoS Attacks Using Stationary Botnets
3.1.1 Botnet Characteristics
3.1.2 Botnet Models
3.1.2.1 Agent Handler Model
3.1.2.2 IRC-Based Model
3.1.2.3 Web-Based Model
3.1.3 Botnet Formation Life Cycle
3.1.4 Stationary Botnet Architecture
3.1.4.1 Botnet Topology
3.1.4.2 Protocols Used
3.1.4.3 Botnet C&C Systems
3.1.5 Some Stationary Botnets
3.1.6 DDoS Attacks Using Mobile Botnets
3.1.6.1 Mobile Botnet Characteristics
3.1.6.2 C&C Mechanisms in Mobile Botnet
3.1.7 Some Mobile Botnets
3.2 Chapter Summary and Recommendations
4 DDoS Detection
4.1 Modules of a DDoS Defense Solution
4.1.1 Monitoring
4.1.2 Detection
4.1.3 Reaction
4.2 Types of DDoS Defense Solutions
4.2.1 Based on Approach Used
4.2.2 Based on Nature of Control
4.2.2.1 Centralized DDoS Defense
4.2.2.2 Hierarchical DDoS Defense
4.2.2.3 Distributed DDoS Defense
4.2.3 Based on Defense Infrastructure
4.2.3.1 Host-Based DDoS Defense
4.2.3.2 Network-Based DDoS Defense
4.2.4 Based on Defense Location
4.2.4.1 Victim-End DDoS Defense
4.2.4.2 Source-End DDoS Defense
4.2.4.3 Intermediate Network DDoS Defense
4.2.5 Based on Techniques Used
4.3 DDoS Detection Techniques
4.3.1 Misuse Detection
4.3.1.1 Signature-Based DDoS Detection
4.3.1.2 Rule-Based Detection
4.3.1.3 State-Transition Techniques
4.3.2 Anomaly-Based DDoS Detection
4.3.2.1 Statistical Techniques
4.3.2.2 Machine Learning and Data Mining Techniques
4.3.2.3 Soft Computing Techniques
4.3.2.4 Knowledge-Based Techniques
4.4 Chapter Summary
5 DDoS Prevention
5.1 DDoS Prevention Techniques
5.1.1 IP Traceback
5.1.1.1 Link Testing
5.1.1.2 Packet Marking
5.1.1.3 Packet Logging
5.1.1.4 ICMP Traceback Messages
5.1.1.5 Discussion
5.1.2 Filtering Techniques
5.1.2.1 Ingress and Egress Filtering
5.1.2.2 Router-Based Packet Filtering (RPF)
5.1.2.3 Source Address Validity Enforcement (SAVE) Protocol
5.1.3 Rate Control
5.2 Chapter Summary
6 DDoS Reaction and Tolerance
6.1 Intrusion Response System (IRS)
6.1.1 Intrusion Response (IR) and Its Types
6.1.1.1 A Model to Demonstrate Relationships among Responses
6.1.2 Development of IRSs: Approaches, Methods, and Techniques
6.1.2.1 Based on the Degree of Automation
6.1.2.2 Based on the Approach Used for Triggering Responses
6.1.2.3 Based on Adaptability
6.1.2.4 Based on Promptness in Response Generation
6.1.2.5 Based on the Level of Cooperation
6.1.2.6 Based on Versatility in Reacting to Unseen Situations
6.1.3 Some Example Intrusion Response Systems
6.1.3.1 Cooperative Intrusion Traceback and Response Architecture (CITRA)
6.1.3.2 Distributed Management Architecture for Cooperative Detection and Reaction
6.1.3.3 EMERALD
6.1.3.4 CSM
6.1.3.5 Adaptive, Agent-Based IRS (AAIRS)
6.1.3.6 ALPHATECH
6.1.3.7 SITAR
6.1.4 Discussion
6.2 DDoS Tolerance Approaches and Methods
6.2.1 Multi-Level IDS-Based Approaches
6.2.2 Middleware Algorithm-Based Approaches
6.2.3 Recovery-Based Approaches
6.2.4 Discussion
6.3 Chapter Summary
7 Tools and Systems
7.1 Introduction
7.2 Types of Network Security Tools
7.2.1 Information Gathering Tools
7.2.1.1 Sniffing Tools
7.2.1.2 Network Mapping/Scanning Tools
7.2.2 Attack Launching Tools
7.2.2.1 Trojans
7.2.2.2 Transport and Network Layer Denial-of-Service Attacks
7.2.2.3 Application Layer Attack Tools
7.2.2.4 Additional Attack Tools
7.2.3 Network Monitoring Tools
7.2.3.1 Visualization and Analysis Tools
7.3 Observations
7.4 TUCANNON+: DDoS Attack-Generation and Monitoring Tool
7.4.1 TUCannon: Attack-Generation Module
7.4.2 Server Sub-module of TUCannon
7.4.3 Client Sub-module
7.4.4 Scalability of TUCannon
7.4.5 Speed of TUCannon
7.4.6 Reflector Attack
7.5 TUCannon Architecture
7.5.1 Server Architecture
7.5.2 Client Architecture
7.6 TUMonitor
7.6.1 TUMonitor: An Overview
7.6.2 TUMonitor Architecture
7.6.3 Visualization with TUMonitor
7.7 DDoS Defense Systems
7.7.1 Systems that Respond to Intrusion
7.7.1.1 Architectures of Some Well-Known Defense Systems
7.7.2 Some Commercial and Academic Defense Systems
7.7.3 Discussion
7.8 Chapter Summary
8 Conclusion and Research Challenges
8.1 Conclusion
8.1.1 Source IP Spoofing
8.1.2 Degree of Randomization
8.1.3 Isolation vs. Combination
8.1.4 Realistic TCP SYN Flooding
8.1.5 Removal of Unique Characteristics
8.1.6 Low-Cost and Limited Bandwidth Attack
8.2 Research Challenges
8.2.1 Developing a Generic DDoS Defense Mechanism
8.2.2 Integration of Packet/Flow Monitoring and Detection
8.2.3 Developing DDoS-Tolerant Architecture
8.2.4 Developing a Cost-Effective Source-End Defense
8.2.5 Developing an Efficient Dynamic Firewall
8.2.6 Hybridization Issues to Support Real-Time Performance with QoS
8.2.7 Heuristics for Accurate Estimation of Defense Parameters
8.2.8 Developing a Robust and Cost-Effective Proximity Measure
8.2.9 Standard for Unbiased Evaluation of Defense Solutions
8.2.10 Large-Scale Testbed for Defense Validation
People also search for DDoS Attacks Evolution, Detection, Prevention, Reaction, and Tolerance 1st:
evolution detection prevention reaction and tolerance
ddos attacks evolution detection prevention reaction and tolerance pdf
ddos attacks evolution detection prevention reaction and tolerance
prevention of evolution
prevention detection correction
Reviews
There are no reviews yet.