TCP/IP illustrated (vol. 2): the implementation
TCP/IP illustrated (vol. 2): the implementation
Practical network support for IP traceback
Proceedings of the conference on Applications, Technologies, Architectures, and Protocols for Computer Communication
Analysis Techniques for Detecting Coordinated Attacks and Probes
Proceedings of the Workshop on Intrusion Detection and Network Monitoring
Snort - Lightweight Intrusion Detection for Networks
LISA '99 Proceedings of the 13th USENIX conference on System administration
Centertrack: an IP overlay network for tracking DoS floods
SSYM'00 Proceedings of the 9th conference on USENIX Security Symposium - Volume 9
Tradeoffs in probabilistic packet marking for IP traceback
STOC '02 Proceedings of the thiry-fourth annual ACM symposium on Theory of computing
Quantifying Network Denial of Service: A Location Service Case Study
ICICS '01 Proceedings of the Third International Conference on Information and Communications Security
Defending Against Denial-of-Service Attacks with Puzzle Auctions
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
Using graphic turing tests to counter automated DDoS attacks against web servers
Proceedings of the 10th ACM conference on Computer and communications security
Hop-count filtering: an effective defense against spoofed DDoS traffic
Proceedings of the 10th ACM conference on Computer and communications security
A Testbed for Quantitative Assessment of Intrusion Detection Systems using Fuzzy Logic
IWIA '04 Proceedings of the Second IEEE International Information Assurance Workshop (IWIA'04)
DDoS attacks and defense mechanisms: classification and state-of-the-art
Computer Networks: The International Journal of Computer and Telecommunications Networking
A taxonomy of DDoS attack and DDoS defense mechanisms
ACM SIGCOMM Computer Communication Review
Change-Point Monitoring for the Detection of DoS Attacks
IEEE Transactions on Dependable and Secure Computing
Security Enhancement in InfiniBand Architecture
IPDPS '05 Proceedings of the 19th IEEE International Parallel and Distributed Processing Symposium (IPDPS'05) - Papers - Volume 01
Trade-offs in probabilistic packet marking for IP traceback
Journal of the ACM (JACM)
WebSOS: an overlay-based system for protecting web servers from denial of service attacks
Computer Networks: The International Journal of Computer and Telecommunications Networking - Web security
Using equivalence-checking to verify robustness to denial of service
Computer Networks: The International Journal of Computer and Telecommunications Networking
Survey of network-based defense mechanisms countering the DoS and DDoS problems
ACM Computing Surveys (CSUR)
Attack abstraction using a multiagent system for intrusion detection
Journal of Intelligent & Fuzzy Systems: Applications in Engineering and Technology
Defense against spoofed IP traffic using hop-count filtering
IEEE/ACM Transactions on Networking (TON)
Revealing botnet membership using DNSBL counter-intelligence
SRUTI'06 Proceedings of the 2nd conference on Steps to Reducing Unwanted Traffic on the Internet - Volume 2
Power to the people: securing the internet one edge at a time
Proceedings of the 2007 workshop on Large scale attack defense
WebSOS: an overlay-based system for protecting web servers from denial of service attacks
Computer Networks: The International Journal of Computer and Telecommunications Networking - Web security
Using equivalence-checking to verify robustness to denial of service
Computer Networks: The International Journal of Computer and Telecommunications Networking
Tagged fragment marking scheme with distance-weighted sampling for a fast IP traceback
APWeb'03 Proceedings of the 5th Asia-Pacific web conference on Web technologies and applications
BLADE: an attack-agnostic approach for preventing drive-by malware infections
Proceedings of the 17th ACM conference on Computer and communications security
Efficient defence against misbehaving TCP receiver DoS attacks
Computer Networks: The International Journal of Computer and Telecommunications Networking
Efficient technique for fast IP traceback
CDVE'06 Proceedings of the Third international conference on Cooperative Design, Visualization, and Engineering
Using admissible interference to detect denial of service vulnerabilities
IWFM'03 Proceedings of the 6th international conference on Formal Methods
| Hi-index | 0.00 |
In this paper we present an analysis of Shaft, an example of malware used in distributed denial of service (DDoS) attacks. This relatively recent occurrence combines well-known denial of service attacks (such as TCP SYN flood, smurf, and UDP flood) with a distributed and coordinated approach to create a powerful program, capable of slowing network communications to a grinding halt.Denial of service attack programs, root kits, and network sniffers have been around in the computer underground for a very long time. They have not gained nearly the same level of attention by the general public as did the Morris Internet Worm of 1988, but have slowly progressed in their development. As more and more systems have come to be required for business, research, education, the basic functioning of government, and now entertainment and commerce from people's homes, the increasingly large number of vulnerable systems has converged with the development of these tools to create a situation that resulted in distributed denial of service attacks that took down the largest e-commerce and media sites on the Internet.In contrast, we provide a comparative analysis of several distributed denial of service tools (e.g., Trinoo, TFN, Stacheldraht, and Mstream), look at emerging countermeasures against some of these tools. We look at practical examples of these techniques, provide some examples from test environments and finally talk about future trends of these distributed tools.