ebook img

Distributed Denial of Service Attack and Defense PDF

104 Pages·2014·1.638 MB·English
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Distributed Denial of Service Attack and Defense

SPRINGER BRIEFS IN COMPUTER SCIENCE Shui Yu Distributed Denial of Service Attack and Defense 123 SpringerBriefs in Computer Science SeriesEditors StanZdonik PengNing ShashiShekhar JonathanKatz XindongWu LakhmiC.Jain DavidPadua XueminShen BorkoFurht V.S.Subrahmanian MartialHebert KatsushiIkeuchi BrunoSiciliano Forfurthervolumes: http://www.springer.com/series/10028 Shui Yu Distributed Denial of Service Attack and Defense 123 ShuiYu SchoolofInformationTheory DeakinUniversity Melbourne,VIC Australia ISSN2191-5768 ISSN2191-5776(electronic) ISBN978-1-4614-9490-4 ISBN978-1-4614-9491-1(eBook) DOI10.1007/978-1-4614-9491-1 SpringerNewYorkHeidelbergDordrechtLondon LibraryofCongressControlNumber:2013952909 ©TheAuthor(s)2014 Thisworkissubjecttocopyright.AllrightsarereservedbythePublisher,whetherthewholeorpartof thematerialisconcerned,specificallytherightsoftranslation,reprinting,reuseofillustrations,recitation, broadcasting,reproductiononmicrofilmsorinanyotherphysicalway,andtransmissionorinformation storageandretrieval,electronicadaptation,computersoftware,orbysimilarordissimilarmethodology nowknownorhereafterdeveloped.Exemptedfromthislegalreservationarebriefexcerptsinconnection with reviews or scholarly analysis or material supplied specifically for the purpose of being entered and executed on a computer system, for exclusive use by the purchaser of the work. Duplication of this publication or parts thereof is permitted only under the provisions of the Copyright Law of the Publisher’slocation,initscurrentversion,andpermissionforusemustalwaysbeobtainedfromSpringer. PermissionsforusemaybeobtainedthroughRightsLinkattheCopyrightClearanceCenter.Violations areliabletoprosecutionundertherespectiveCopyrightLaw. Theuseofgeneraldescriptivenames,registerednames,trademarks,servicemarks,etc.inthispublication doesnotimply,evenintheabsenceofaspecificstatement,thatsuchnamesareexemptfromtherelevant protectivelawsandregulationsandthereforefreeforgeneraluse. While the advice and information in this book are believed to be true and accurate at the date of publication,neithertheauthorsnortheeditorsnorthepublishercanacceptanylegalresponsibilityfor anyerrorsoromissionsthatmaybemade.Thepublishermakesnowarranty,expressorimplied,with respecttothematerialcontainedherein. Printedonacid-freepaper SpringerispartofSpringerScience+BusinessMedia(www.springer.com) To Suand Ian Preface Since human beings stepped into the Internet era, our lives are deeply involved with the Internet. Many killer applications are carried out through Internet-based applications. At the same time, motivated by huge financial, political, or other rewards, hackers are exhausting their energy to execute cybercrimes. Due to the natureoftheInternetandthelackofcyberlaws,cyberspacehasbeenaheavenfor intelligentattackers.Itiseasytolaunchattacks,buthardtoidentifythepersonswho committheattacks.Itisevenhardertobringthemtojustice. To date, one critical attack in cyberspace is the distributed denial-of-service (DDoS) attack. My study on cybersecurity started in 2007. I am attracted by this topic not only because of the problem itself but also the bigger research field of cyberspace.ItisgenerallyagreedthatthecurrentInternetresearchlackstheoretical foundation.Researchindicatesthatourunderstandingofthe cyberspaceislimited and there are a huge unexplored territory in cyberspace for both academical and industrialparticipants. This book brief is mainly based on our research of the DDoS problem. For readers’ convenience, we try to make each chapter relatively independent. More- over,we pay a specialattention onmethodologyandmathematicalmodellingand expecttobenefitreadersfortheirpotentialresearchinrelatedfields.Constrainedby myknowledgeandcapability,thecontentofthisbookbriefisveryshallowinterms ofmathematicalmodelling.However,Idecidenottohidemydisadvantageinorder tosaveabittimeforsomebeginnerswhomayworkontherelatedfields. I would like to thank the editor of this series, Professor Sherman Shen, for his constructiveguidanceandkindhelp.ThanksarealsonotedfortheteamofSpringer fortheirpatienceandassistance. IalsowouldliketotakethisopportunitytothankProfessorYueWu,ProfessorYi Zhang,andProfessorWanleiZhouforbringingmetotheacademicworld.During theseyearsstudyonDDoS,mycolleagues,co-authors,andmanypeopleofferedme theirguidance,support,andhelp,suchasProfessorIvanStojmenovic,ProfessorKai Hwang,andMr BinLiu.Thelist istoolongto completehere,butI doappreciate theirtimeandeffortfromthebottomofmyheart.IespeciallythankProfessorWeijia Jia from City University of Hong Kong, Professor Weifa Liang from Australia vii viii Preface National University, and Professor Song Guo from University of Aizu and their institutions for the financial supportof my visits. I am gratefulto Professor Yong XiangandDrSimonJamesfortheircontinuousdiscussionandhelponresearchand paperwriting. In particular,I would like to thankmy wife, Su, for herunderstandingandfull supportformyresearch. Melbourne,Australia DrShuiYu Contents 1 AnOverviewofDDoSAttacks .............................................. 1 1.1 Introduction .............................................................. 1 1.2 HowtoLaunchDDoSAttacks.......................................... 3 1.3 ChallengesinDDoSRelatedResearch ................................. 5 1.3.1 MaliciousNetworks ............................................. 6 1.3.2 DataCollectionofMaliciousNetworks........................ 8 1.3.3 TopologyModellingofMaliciousNetworks................... 9 1.3.4 DynamicsofMaliciousNetworks .............................. 10 1.3.5 ConcealedMaliciousActivityDetection ....................... 11 1.3.6 ForensicsofMaliciousNetworks............................... 11 References...................................................................... 12 2 MaliciousNetworksforDDoSAttacks ..................................... 15 2.1 Introduction .............................................................. 15 2.2 TheFastFluxMechanismandDetection............................... 16 2.2.1 TheFastFluxMechanism....................................... 16 2.2.2 FastFluxDetection.............................................. 17 2.3 TheDomainFluxMechanismandDetection........................... 19 2.3.1 TheDomainFluxMechanism................................... 19 2.3.2 DomainFluxDetection.......................................... 20 2.4 ModellingMaliciousNetworks ......................................... 23 2.4.1 TheSIModel .................................................... 25 2.4.2 TheSISModel................................................... 25 2.4.3 TheSIRModel................................................... 26 References...................................................................... 27 3 DDoSAttackDetection....................................................... 31 3.1 Introduction .............................................................. 31 3.2 FeatureBasedDetectionMethods....................................... 32 3.2.1 ProfileBasedDetection.......................................... 32 3.2.2 LowRateDDoSAttackDetection.............................. 35 3.3 NetworkTrafficBasedDetection ....................................... 36 ix

See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.