Denial of Service Attacks

Handbook of Computer Networks

Volumn 3, Issue , 2012, Pages 454-468

  Gu, Qijun ^a   Liu, Peng ^b  

^a TEXAS STATE UNIVERSITY   (United States)

^b PENNSYLVANIA STATE UNIVERSITY   (United States)

Author keywords

DDoS defenses; Denial of service attacks; DoS attacks; Internet; Taxonomy of DoS DDoS attacks

Indexed keywords

EID: 84886218857     PISSN: None     EISSN: None     Source Type: Book    
DOI: 10.1002/9781118256107.ch29     Document Type: Chapter

References (74)

1. Aad, I., J. P. Hubaux, and E. Knightly. 2004. Denial of service resilience in ad hoc networks. In Proceedings of ACM Mobicom. New York: ACM Press.
2. Aljifri, H., M. Smets, and A. Pons. 2003. IP traceback using header compression. Computers & Security, 22 (2): 136-51.
3. Andersen, D. G. 2003. Mayday: Distributed filtering for Internet services. In Proceedings of the 4th USENIX Symposium on Internet Technologies and Systems. Berkeley, CA: USENIX Press.
4. Anderson, T., T. Roscoe, and D. Wetherall. 2003. Preventing Internet denial of service with capabilities. In Proceedings of HotNets-II. New York: ACM Press.
5. Argyraki, K., and D. R. Cheriton. 2005. Active Internet traffic filtering: Real-time response to denial-of-service attacks. In Proceedings of the USENIX Annual Technical Conference. Berkeley, CA: USENIX Press.
6. Aura, T., P. Nikander, and J. Leiwo. 2000. DoS-resistant authentication with client puzzles. Proceedings of Security Protocols Workshop, Lecture Notes in Computer Science, 213 (33): 170-81.
7. Bellardo, J., and S. Savage. 2003. 802.11 denial-of-service attacks: real vulnerabilities and practical solutions. In Proceedings of USENIX Security Symposium, 15-28. Berkeley, CA: USENIX Press.
8. Bernstein, D. J. 1996. SYN cookies. http://cr.yp.to/syncookies.html (accessed October 31, 2006).
9. Bro. 2006. Bro Intrusion Detection System. http://bro-ids.org/(accessed October 31, 2006).
10. CERT. 1996. CERT Advisory CA-1996-21 TCP SYN flooding and IP spoofing attacks. www.cert.org/advisories/CA-1996-21.html (accessed January 2, 2006).
11. CERT. 1997. CERT Advisory CA-1997-28 IP Denial-of-Service Attacks. www.cert.org/advisories/CA-1997-28.html (accessed August 20, 2006).
12. CERT. 1998. CERT Advisory CA-1998-01 Smurf IP denial-of-service attacks. www.cert.org/advisories/CA-1998-01.html (accessed January 2, 2006).
13. CERT. 2004. Technical Cyber Security Alert TA04-028A, W32/MyDoom.B virus. www.us-cert.gov/cas/techalerts/TA04-028A.html (accessed January 2, 2006).
14. CERT. 2006. CERT/CC Statistics 1988-2005. www.cert.org/stats/#incidents (accessed January 2, 2006).
15. Cheswick, B., H. Burch, and S. Branigan. 2000. Mapping and visualizing the internet. In Proceedings of USENIX Annual Technical Conference. Berkeley, CA: USENIX Press.
16. CISCO. 2001. Dealing with malloc fail and high CPU utilization resulting from the code red worm. www.cisco. com/warp/public/63/ts_codred_worm.shtml (accessed April 15, 2006).
17. CISCO. (2006). CISCO IOS NetFlow. www.cisco.com/en/US/products/ps6601/products_ios_protocol_group_ home.html (accessed August 20, 2006).
18. CISCO. (2006). CISCO PIX 500 Series Security Appliances . www.cisco.com/en/US/products/hw/vpndevc/ps2030/index.html (accessed August 20, 2006)
19. CISCO. (2006). Cisco Guard DDoS Mitigation Appliances . www.cisco.com/en/US/products/ps5888/index. html (accessed August 20, 2006).
20. Cowan, C., S. Beattie, J. Johansen, and P. Wagle. 2003. PointGuard: Protecting pointers from buffer overflow vulnerabilities. In Proceedings of the 12th USENIX Security Symposium. Berkeley, CA: USENIX Press
21. Crosby, S. A., and D. S. Wallach. 2003. Denial of service via algorithmic complexity attacks. In Proceedings of the 12th USENIX Security Symposium, 29-44. Berkeley, CA: USENIX Press.
22. Dean, D., and A. Stubblefield. 2001. Using client puzzles to protect TLS. In Proceedings of the 10th Annual USENIX Security Symposium. Berkeley, CA: USENIX Press.
23. Dean, D., M. Franklin, and A. Stubblefield. 2002. An algebraic approach to IP traceback. ACM Transactions on Information and System Security, 5 (2): 119-37.
24. DETER 2005. Cyber Defense Technology Experimental Research. www.isi.edu/deter (accessed January 2, 2006).
25. Dittrich, D. 1999. The DoS Project's "trinoo" distributed denial of service attack tool. http://staff.washington. edu/dittrich/misc/trinoo.analysis (accessed January 2, 2006).
26. EMIST. 2005. Evaluation methods for Internet security technology. www.isi.edu/deter/emist.temp.html (accessed January 2, 2006).
27. Ferguson, P., and D. Senie. 1998. RFC 2267-Network ingress filtering: Defeating denial of service attacks which employ IP source address spoofing. www.faqs. org/rfcs/rfc2267.html (accessed January 2, 2006)
28. Gil, T. M., and M. Poletter. 2001. Multops: A data-structure for bandwidth attack detection. In Proceedings of USENIX Security Symposium. Berkeley, CA: USENIX Press.
29. Gu, Q., P. Liu, and C. Chu. 2004. Tactical bandwidth exhaustion in ad hoc networks. In Proceedings of the 5th Annual IEEE Information Assurance Workshop, 257-64. New York: IEEE Press.
30. Gu, Q., P. Liu, S. Zhu, and C. H. Chu. 2005. Defending against packet injection attacks in unreliable ad hoc networks. Proceedings of IEEE Globecom. New York: IEEE Press.
31. Guirguis, M., A. Bestavros I. Matta and Y. Zhang. 2005. Reduction of quality (RoQ) attacks on Internet end systems. Proceedings of INFOCOM. New York: IEEE Press.
32. Hamadeh, I., J. Hart, G. Kesidis, and V. Pothamsetty. 2005. A preliminary simulation of the effect of scanning worm activity on multicast. In Proceedings of the 19th Workshop on Principles of Advanced and Distributed Simulation. Washington, DC: IEEE Computer Society.
33. Handley, M. and E. Rescorla. 2006. Internet denial of service considerations. http://tools.ietf.org/html/draftiab-dos-05 (accessed October 31, 2006).
34. Honeynet 2005. Know your enemy: Tracking botnets. www.honeynet.org/papers/bots/(accessed January 2, 2006).
35. Houle, K. J., and G. M. Weaver. 2001. Trends in denial of service attack technology. www.cert.org/archive/pdf/DoS_trends.pdf (accessed January 2, 2006).
36. Hu, Y. C., A Perrig, and D. B. Johnson. 2002. Ariadne: a secure on-demand routing protocol for ad hoc networks. In Proceedings of ACM Mobicom, 12-23. New York: ACM Press.
37. Hu, Y. C., A Perrig, and D. B. Johnson. 2003. SEAD: Secure efficient distance vector routing for mobile wireless ad hoc networks. Ad Hoc Networks 1 (1): 175-92.
38. Ioannidis, J., S. M. Bellovin. 2002. Implementing pushback: Router-based defense against DDoS attacks. In Proceedings of NDSS. Reston, VA: The Internet Society. Jian, W. 2000. A possible LAST_ACK DoS attack and fix. www.ussg.iu.edu/hypermail/linux/kernel/0004.1/0105. html (accessed October 31, 2006).
39. Jin, C., H. Wang, and K. G. Shin. (2003). Hop-count filtering: an effective defense against spoofed DDoS traffic. In Proceedings of ACM CCS, 30-41. New York: ACM Press.
40. Johnson, D. B., D. A. Maltz, and Y-C. Hu. 2002. The dynamic source routing protocol for mobile ad hoc networks (DSR). www3.ietf.org/proceedings/04mar/ID/draft-ietf-manet-dsr-09.txt (accessed May 23, 2007).
41. Juels, A., and J. Brainard. 1999. Client puzzle: A cryptographic defense against connection depletion attacks. In Proceedings of NDSS, 151-65. Reston, VA: The Internet Society.
42. Kandula S., D. Katabi, M. Jacob, and A. Berger. 2005. Botz-4-Sale: Surviving organized DDoS attacks that mimic flash crowds. In Proceedings of the 2nd Symposium on Networked Systems Design and Implementation . Berkeley, CA: USENIX Press.
43. Keromytis, A. D., V. Misra, and D. Rubenstein. 2004. SOS: An architecture for mitigating DDoS attacks. IEEE Journal on Selected Areas of Communications, 33 (3): 413-26.
44. Kuzmanovic, A., and E. W. Knightly. 2003. Low-rate TCPtargeted denial of service attacks. Proceedings of ACM SIGCOMM, 75-86. New York: ACM Press.
45. Li, J., J. Mirkovic, M. Wang, P. Reiher, and L. Zhang. 2002. Save: Source address validity enforcement protocol . Proceedings of IEEE Infocom 3: 1557-66.
46. Mahajan, R., S. M. Bellovin, S. Floyd, J. Ioannidis, V. Paxson, and S. Shenker. 2002. Controlling high bandwidth aggregates in the network. ACM SIGCOMM Computer Communications Review 32 (3): 62-73.
47. MAZU. 2006. MAZU Enforcer. www.mazunetworks.com/products/mazu-enforcer.php. (accessed January 2, 2006).
48. Mirkovic, J., G. Prier, and P. Reiher. 2002. Attacking DDoS at the source. Proceedings of IEEE ICNP, 312-21. New York: IEEE Press.
49. Mirkovic, J., M. Robinson, P. Reiher, and G. Kuenning. 2003. Alliance formation for DDoS defense. In Proceedings of the New Security Paradigms Workshop in ACM SIGSAC. New York: ACM Press.
50. Mirkovic, J., and P. Reiher, 2004. A taxonomy of DDoS attack and DDoS defense mechanisms. ACM SIGCOMM Computer Communication Review 34 (2): 39-53.
51. Mirkovic, J., S. Dietrich, D. Dittrich, and P. Reiher. 2005. Internet denial of service: Attack and defense mechanisms . Upper Saddle River, NJ: Prentice Hall.
52. Pappalardo, D., and E. Messmer. 2005. Extortion via DDoS on the rise. www.techworld.com/security/features/index.cfm?featureid1452 (accessed October 31, 2006).
53. Park, K., and H. Lee. 2001. On the effectiveness of routebased packet filtering for distributed DoS attack prevention in power-law Internets. In Proceedings of ACM SI. New York: ACM Press.
54. Paxson, V. 1997. End-to-end routing behavior on the Internet . IEEE/ACM Transactions on Networking, 5 (5).
55. Perkins, C.E., E.M. Belding-Royer, and S. R. Das. 2002. Ad hoc on-demand distance vector (AODV) routing. http://tools.ietf.org/html/draft-ietf-manet-aodv-11 (accessed May 23, 2007).
56. Perrig, A., R. Canetti, D. Tygar, and D. Song. 2002. The TESLA broadcast authentication protocol. Cryptobytes , 5 (2): 2-13.
57. Savage, S., D. Wetherall, A. Karlin, and T. Anderson. 2000. Practical network support for IP traceback. In Proceedings of ACM SIGCOMM, 295-306. New York: ACM Press.
58. Shannon, C., D. Moore, and K. C. Claffy, 2002. Beyond folklore: Observations on fragmented traffic. IEEE/ACM Transactions on Networking, 10 (6): 709-20.
59. Snoeren, A. C., C. Partridge, L. A. Sanchez, C. E. Jones, F. Tchakountio, S. T. Kent, and W. T. Strayer. 2001. Hash-based IP traceback. In Proceedings of ACM SIGCOMM . New York: ACM Press.
60. Song, D., and A. Perrig. 2001. Advanced and authenticated marking schemes for IP traceback. In Proceedings of IEEE INFOCOM. New York: IEEE Press.
61. Staniford, S., V. Paxson, and N. Weaver. 2002. How to own the internet in your spare time. In Proceedings of the 11th USENIX Security Symposium, 207-13. Berkeley, CA: USENIX Press.
62. Thomas, R., B. Mark, T. Johnson, and J. Croall. 2003. Net-Bouncer: Client-legitimacy-based high-performance DDoS filtering. In Proceedings of DARPA Information Survivability Conference and Exposition, 1 :14.
63. Walfish M., M. Vutukuru, H. Balakrishnan, D. Karger, and S. Shenker. 2006. DoS defense by offense. In Proceedings of ACM SIGCOMM. New York: ACM Press.
64. Wang, H., D. Zhang, and K. G. Shin. 2002. Detecting SYN flooding attacks. In Proceedings of IEEE Infocom. New York: IEEE Press.
65. Wang, X., and M. K. Reiter. 2004. Mitigating bandwidthexhaustion attacks using congestion puzzles. In Proceedings of ACM CCS, 257-67. New York: ACM Press.
66. Wullems, C., K. Tham, J. Smith, and M. Looi. 2004. Technical summary of denial of service attack against IEEE 802.11 DSSS based wireless LANs. www.isi.qut. edu.au/research/publications/technical/wlan.php (accessed January 2, 2006).
67. Xu, W., W. Trappe, Y. Zhang, and T. Wood. 2005. The feasibility of launching and detecting jamming attacks in wireless networks. In Proceeding of ACM Mobihoc, 46-57. New York: ACM Press.
68. Yaar, A., A. Perrig, and D. Song. 2003. Pi: A path identification mechanism to defend against DoS attacks. In Proceedings of IEEE Symposium on Security and Privacy . New York IEEE Press.
69. Yaar, A., A. Perrig, and D. Song. 2004. SIFF: A stateless internet flow filter to mitigate DDoS flooding attacks. In Proceedings of IEEE Symposium on Security and Privacy. New York: IEEE Press.
70. Yaar, A., Perrig, A., and Song, D. 2005. FIT: Fast internet traceback. In Proceedings of IEEE Infocom. New York: IEEE Press.
71. Yang, X., D. Wetherall, and T. Anderson. 2005. A DoSlimiting network architecture. In Proceedings of ACM SIGCOMM. New York: ACM Press.
72. Ye, F., H. Luo, S. Lu, and L. Zhang. 2004. Statistical enroute detection and filtering of injected false data in sensor networks. In Proceedings of IEEE INFOCOM. New York: IEEE Press.
73. Zhang, R., and K. Chen. 2005. Improvements on the WTLS protocol to avoid denial of service attacks. Computers & Security, 24 (1): 76-82.
74. Zhu, S., S. Setia, S. Jajodia, and P. Ning. 2004. An interleaved hop-by-hop authentication scheme for filtering false data in sensor networks. In Proceedings of IEEE Symposium on Security and Privacy. New York: IEEE Press.