Theoretical and Experimental Methods for Defending Against DDoS Attacks.pdf

(5223 KB) Pobierz

Theoretical and Experimental

Methods for Defending Against

DDoS Attacks

Mohammad Reza Khalifeh Soltanian

Iraj Sadegh Amiri

University of Malaya, Kuala Lumpur, Malaysia

Matthew Neely, Technical Editor

AMSTERDAM • BOSTON • HEIDELBERG

LONDON • NEW YORK • OXFORD

PARIS • SAN DIEGO • SAN FRANCISCO

SINGAPORE • SYDNEY • TOKYO

Syngress is an imprint of Elsevier

Syngress is an imprint of Elsevier

225 Wyman Street, Waltham, MA 02451, USA

No part of this publication may be reproduced or transmitted in any form or by any means, electronic

or mechanical, including photocopying, recording, or any information storage and retrieval system,

without permission in writing from the publisher. Details on how to seek permission, further

information about the Publisher’s permissions policies and our arrangements with organizations

such as the Copyright Clearance Center and the Copyright Licensing Agency, can be found at our

website:

www.elsevier.com/permissions.

This book and the individual contributions contained in it are protected under copyright by the

Publisher (other than as may be noted herein).

Notices

Knowledge and best practice in this field are constantly changing. As new research and experience

broaden our understanding, changes in research methods, professional practices, or medical

treatment may become necessary.

Practitioners and researchers must always rely on their own experience and knowledge in evaluating

and using any information, methods, compounds, or experiments described herein. In using such

information or methods they should be mindful of their own safety and the safety of others,

including parties for whom they have a professional responsibility.

To the fullest extent of the law, neither the Publisher nor the authors, contributors, or editors, assume

any liability for any injury and/or damage to persons or property as a matter of products liability,

negligence or otherwise, or from any use or operation of any methods, products, instructions, or

ideas contained in the material herein.

ISBN: 978-0-12-805391-1

British Library Cataloguing-in-Publication Data

A catalogue record for this book is available from the British Library

Library of Congress Cataloging-in-Publication Data

A catalog record for this book is available from the Library of Congress

For information on all Syngress publications

visit our website at

store.elsevier.com/Syngress

LIST OF FIGURES

Figure 1.1

Figure 1.2

Figure 2.1

Figure 2.2

Figure 2.3

Figure 2.4

Figure 2.5

Figure 2.6

A single zombie network performs a DDoS attack

Taxonomy of DoS and DDoS

A sample overlay network

Logical layers of overlay network

A DDoS attack in progress

General client puzzle handshaking

Classification of client puzzles schemes

A large number of zombies generate traffic

superflow by DDoS flooding attacks toward

a common destination as victim host

Distributed change detection of DDoS attacks

over multiple AS domains. (a) Multidomain DDoS

defense system. (b) Interdomain communication via

VPN tunnels or an overlay network atop the CAT

servers in four domains

Simulated internet topology

Effect of parameter

Router

as the destination of DDoS attacks’

flowchart

Flowchart of the edge routers scripts to distinguish

attackers

MRTG daily incoming (grey area) traffic into LAN

of edge router before launching our algorithm

MRTG daily outgoing (single line) traffic via WAN

of edge router before launching our algorithm

MRTG daily incoming (grey area) traffic into LAN

of router

under attack before launching

our algorithm

General WAN/LAN diagram

MRTG daily CPU usage of router

under

attack before launching our algorithm

MRTG daily incoming (grey area) traffic into

LAN of edge router during running our algorithm

Figure 2.7

Figure 3.1

Figure 3.2

Figure 3.3

Figure 3.4

Figure 4.1

Figure 4.2

Figure 4.3

Figure 4.4

Figure 4.5

Figure 4.6

viii

List of Figures

Figure 4.7

MRTG daily incoming (grey area) traffic into

LAN of router

during running our algorithm

Figure 4.8 MRTG daily CPU usage of router

during

running our algorithm

Figure 4.9 MRTG daily outgoing (single line) traffic via WAN

of edge router during running our algorithm

Figure 4.10 Detection ratio

with different router threshold

levels (a and

LIST OF TABLES

Table 2.1

Table 2.2

Table 3.1

Table 4.1

Table 4.2

Table 4.3

Table 4.4

Table 4.5

Table 4.6

Abbreviations of Comparative Element

Comparison of Existing Client Puzzles Schemes

Table of Definitions

Time Taken for the Whole Detection and Mitigation

Process for Router Setting of

b = 4

and

a = 0.1

Time Taken for the Whole Detection and Mitigation

Process for Router Setting of

b = 3

and

a = 0.1

Results for False-Negative and False-Positive Error

for Router Setting of

b = 4

and

a = 0.1

Results for False-Negative and False-Positive Error

for Router Setting of

b = 3

and

a = 0.1

Detection Rate

for

b = 4

and

a = 0.1

Detection Rate

for

b = 3

and

a = 0.1

Plik z chomika:

jacek_040

Inne pliki z tego folderu:

Exploiting Web-Based Applications - FREE Video Training Course PART 1.rar (506812 KB)
Exploiting Web-Based Applications - FREE Video Training Course PART 2.rar (933817 KB)
50 Android Hacks.pdf (3465 KB)
50 Reasons For Mastering Penetration Testing.azw3 (171 KB)
610.1 - Malware Analysis Fundamentals.pdf (31650 KB)

Theoretical and Experimental Methods for Defending Against DDoS Attacks.pdf

Plik z chomika:

Inne pliki z tego folderu:

Inne foldery tego chomika: