1.5 What Can This Book Help You Do?
1.6 Outline of the Remaining Chapters
2 Understanding Denial of Service
2.3.1 Recruiting and Controlling Attacking Machines
2.3.3 Misusing Legitimate Services
2.5.1 How Common Are DDoS Attacks?
2.5.2 The Magnitude of DDoS Attacks
2.6 How Vulnerable Are You to DDoS?
3.2 Design Principles of the Internet
3.2.1 Packet-Switched Networks
3.2.2 Best-Effort Service Model and End-to-End Paradigm
3.3.1 History of Network-Based Denial of Service
4.1 Recruitment of the Agent Network
4.1.1 Finding Vulnerable Machines
4.1.2 Breaking into Vulnerable Machines
4.1.3 Malware Propagation Methods
4.2 Controlling the DDoS Agent Network
4.2.4 Unwitting Agent Scenario
4.3 Semantic Levels of DDoS Attacks
4.3.1 Exploiting a Vulnerability
4.3.4 Attacking an Application
4.4.1 Some Popular DDoS Programs
4.5.1 Why Is IP Spoofing Defense Challenging?
4.5.2 Why DDoS Attacks Use IP Spoofing
4.5.3 Spoofing Is Irrelevant at 10,000+ Hosts
5 An Overview of DDoS Defenses
5.1 Why DDoS Is a Hard Problem
5.3 Prevention versus Protection and Reaction
5.5.4 Multiple Deployment Locations
6.2 General Strategy for DDoS Defense
6.3 Preparing to Handle a DDoS Attack
6.3.1 Understanding Your Network
6.3.2 Securing End Hosts on Your Network
6.3.4 Preparing to Respond to the Attack
6.4 Handling an Ongoing DDoS Attack as a Target
6.5 Handling an Ongoing DDoS Attack as a Source
6.6 Agreements/Understandings with Your ISP
6.7.1 Historical DDoS Analyses
6.7.2 Full Disclosure versus Nondisclosure
6.7.3 How to Analyze Malware Artifacts
7 Survey of Research Defense Approaches
7.5 Secure Overlay Services (SOS)
7.10 SIFF: An End-Host Capability Mechanism to Mitigate DDoS Flooding Attacks
7.11 Hop-Count Filtering (HCF)
7.12 Locality and Entropy Principles
7.13 An Empirical Analysis of Target-Resident DoS Filters
7.14.2 Several Promising Approaches
7.14.3 Difficult Deployment Challenges
8.1 Basics of the U.S. Legal System
8.2 Laws That May Apply to DDoS Attacks
8.3 Who Are the Victims of DDoS?
8.4 How Often Is Legal Assistance Sought in DDoS Cases?
8.5 Initiating Legal Proceedings as a Victim of DDoS
8.6 Evidence Collection and Incident Response Procedures
8.10 International Legal Issues
8.13 Current Trends in International Cyber Law
9.1.2 Increase in Sophistication
9.1.3 Increases in Semantic DDoS Attacks
9.2 Social, Moral, and Legal Issues
9.3 Resources for Learning More
9.3.3 Conferences and Workshops
Appendix B: Survey of Commercial Defense Approaches
B.1 Mazu Enforcer by Mazu Networks
B.2 Peakflow by Arbor Networks
B.3 WS Series Appliances by Webscreen Technologies
B.4 Captus IPS by Captus Networks
B.6 Cisco Traffic Anomaly Detector XT and Cisco Guard XT
C.1 2004 CSI/FBI Computer Crime and Security Survey
C.2 Inferring Internet Denial-of-Service Activity
C.3 A Framework for Classifying Denial-of-Service Attacks
C.4 Observations and Experiences Tracking Denial-of-Service Attacks across a Regional ISP
3.135.201.217