An analysis of security incidents on the Internet 1989-1995
An analysis of security incidents on the Internet 1989-1995
Computer security
Testing and evaluating computer intrusion detection systems
Communications of the ACM
Routing in the Internet (2nd ed.)
Routing in the Internet (2nd ed.)
Bro: a system for detecting network intruders in real-time
Computer Networks: The International Journal of Computer and Telecommunications Networking
An analysis of using reflectors for distributed denial-of-service attacks
ACM SIGCOMM Computer Communication Review
Network Intrusion Detection: An Analyst's Handbook
Network Intrusion Detection: An Analyst's Handbook
Controlling high bandwidth aggregates in the network
ACM SIGCOMM Computer Communication Review
Toward cost-sensitive modeling for intrusion detection and response
Journal of Computer Security
Beyond folklore: observations on fragmented traffic
IEEE/ACM Transactions on Networking (TON)
Cover story: dragon claws its way to the top
Network Computing
Code-Red: a case study on the spread and victims of an internet worm
Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment
Autonomic Response to Distributed Denial of Service Attacks
RAID '00 Proceedings of the 4th International Symposium on Recent Advances in Intrusion Detection
How to Own the Internet in Your Spare Time
Proceedings of the 11th USENIX Security Symposium
Software Security for Open-Source Systems
IEEE Security and Privacy
An Analysis of the Slapper Worm
IEEE Security and Privacy
Validation of Sensor Alert Correlators
IEEE Security and Privacy
A Sense of Self for Unix Processes
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
Analysis of a Denial of Service Attack on TCP
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
IEEE Security and Privacy
A taxonomy of DDoS attack and DDoS defense mechanisms
ACM SIGCOMM Computer Communication Review
SSYM'00 Proceedings of the 9th conference on USENIX Security Symposium - Volume 9
SSYM'00 Proceedings of the 9th conference on USENIX Security Symposium - Volume 9
Centertrack: an IP overlay network for tracking DoS floods
SSYM'00 Proceedings of the 9th conference on USENIX Security Symposium - Volume 9
Inferring internet denial-of-service activity
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Network intrusion detection: evasion, traffic normalization, and end-to-end protocol semantics
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Denial of service via algorithmic complexity attacks
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
StackGuard: automatic adaptive detection and prevention of buffer-overflow attacks
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
A Call to Action: Look Beyond the Horizon
IEEE Security and Privacy
Defending against flooding-based distributed denial-of-service attacks: a tutorial
IEEE Communications Magazine
Securing the Internet routing infrastructure
IEEE Communications Magazine
Network intrusion and fault detection: a statistical anomaly approach
IEEE Communications Magazine
Network security via reverse engineering of TCP code: vulnerability analysis and proposed solutions
IEEE Network: The Magazine of Global Internetworking
Detecting disruptive routers: a distributed network monitoring approach
IEEE Network: The Magazine of Global Internetworking
Internet infrastructure security: a taxonomy
IEEE Network: The Magazine of Global Internetworking
An efficient analytical solution to thwart DDoS attacks in public domain
Proceedings of the International Conference on Advances in Computing, Communication and Control
P2P-AIS: a P2P artificial immune systems architecture for detecting DDoS flooding attacks
GIIS'09 Proceedings of the Second international conference on Global Information Infrastructure Symposium
Applying Kernel methods to anomaly based intrusion detection systems
GIIS'09 Proceedings of the Second international conference on Global Information Infrastructure Symposium
Review: Analyzing well-known countermeasures against distributed denial of service attacks
Computer Communications
DDoS detection and defense: client termination approach
Proceedings of the CUBE International Information Technology Conference
Proceeding of the 16th International Academic MindTrek Conference
| Hi-index | 0.00 |
This tutorial describes what Denial of Service (DOS) attacks are. how they can be carried out in IP networks, and how one can defend against them. Distributed DoS (DDoS) attacks are included here as a subset of DoS attacks. A DoS attack has two phases: a deployment and an attack phase. A DoS program must first be deployed on one or more compromised hosts before an attack is possible. Mitigation of DoS attacks requires thus defense mechanisms for both phases. Completely reliable protection against DoS attacks is, however, not possible. There will always be vulnerable hosts in the Internet. and many attack mechanisms are based on ordinary use of protocols, Defense in depth is thus needed to mitigate the effect of DoS attacks. This paper describes shortly many defense mechanisms proposed in the literature. The goal is not to implement all possible defenses. Instead, one should optimize the trade-off between security costs and acquired benefits in handling the most important risks. Mitigation of DoS attacks is thus closely related to risk management.