Internet Denial of Service: Attack and Defense Mechanisms [NOOK Book]


Suddenly your Web server becomes unavailable. When you investigate, you realize that a flood of packets is surging into your network. You have just become one of the hundreds of thousands of victims of a denial-of-service attack, a pervasive and growing threat to the Internet. What do you do?

Internet Denial of Service sheds light on a complex and fascinating form of computer attack that impacts the confidentiality, integrity, and availability of millions of computers worldwide....

See more details below
Internet Denial of Service: Attack and Defense Mechanisms

Available on NOOK devices and apps  
  • NOOK Devices
  • NOOK HD/HD+ Tablet
  • NOOK
  • NOOK Color
  • NOOK Tablet
  • Tablet/Phone
  • NOOK for Windows 8 Tablet
  • NOOK for iOS
  • NOOK for Android
  • NOOK Kids for iPad
  • PC/Mac
  • NOOK for Windows 8
  • NOOK for PC
  • NOOK for Mac
  • NOOK Study

Want a NOOK? Explore Now

NOOK Book (eBook)
$19.99 price
(Save 44%)$35.99 List Price


Suddenly your Web server becomes unavailable. When you investigate, you realize that a flood of packets is surging into your network. You have just become one of the hundreds of thousands of victims of a denial-of-service attack, a pervasive and growing threat to the Internet. What do you do?

Internet Denial of Service sheds light on a complex and fascinating form of computer attack that impacts the confidentiality, integrity, and availability of millions of computers worldwide. It tells the network administrator, corporate CTO, incident responder, and student how DDoS attacks are prepared and executed, how to think about DDoS, and how to arrange computer and network defenses. It also provides a suite of actions that can be taken before, during, and after an attack.

Inside, you'll find comprehensive information on the following topics

  • How denial-of-service attacks are waged
  • How to improve your network's resilience to denial-of-service attacks
  • What to do when you are involved in a denial-of-service attack
  • The laws that apply to these attacks and their implications
  • How often denial-of-service attacks occur, how strong they are, and the kinds of damage they can cause
  • Real examples of denial-of-service attacks as experienced by the attacker, victim, and unwitting accomplices

The authors' extensive experience in handling denial-of-service attacks and researching defense approaches is laid out clearly in practical, detailed terms.

Read More Show Less

Product Details

  • ISBN-13: 9780132704540
  • Publisher: Pearson Education
  • Publication date: 1/13/2005
  • Sold by: Barnes & Noble
  • Format: eBook
  • Edition number: 1
  • Pages: 400
  • File size: 7 MB

Meet the Author

Jelena Mirkovic has been an assistant professor at the University of Delaware since 2003. She holds a Ph.D. in computer science from the University of California, Los Angeles, where she developed effective defenses against distributed denial-of-service attacks.

Sven Dietrich is a member of the technical staff at the CERT Coordination Center, part of the Software Engineering Institute at Carnegie Mellon University, and is affiliated with Carnegie Mellon CyLab, a university-wide cyber security research and education initiative. He has worked and published on DDoS since 1999.

David Dittrich is a senior security engineer at the University of Washington s Center for Information Assurance and Cybersecurity and a founding member of the Honeynet Project. He published the first detailed technical analyses of DDoS tools in 1999, and maintains the largest Web page on the subject.

Peter Reiher is an adjunct associate professor at the University of California, Los Angeles. His research includes defenses against denial-of-service attacks.

Read More Show Less

Table of Contents



About the Authors.

1. Introduction.

DoS and DdoS

Why Should We Care?

What Is This Book?

Who Is This Book For?

What Can This Book Help You Do?

Outline of the Remaining Chapters

2. Understanding Denial of Service.

The Ulterior Motive

Meet the Attackers

Behind the Scenes

Distribution Effects

DDoS: Hype or Reality?

How Vulnerable Are You to DDoS?

3. History of DoS and DDoS.


Design Principles of the Internet

DoS and DDoS Evolution

4. How Attacks Are Waged.

Recruitment of the Agent Network

Controlling the DDoS Agent Network

Semantic Levels of DDoS Attacks

Attack Toolkits

What Is IP Spoofing?

DDoS Attack Trends

5. An Overview of DDoS Defenses.

Why DDoS Is a Hard Problem

DDoS Defense Challenges

Prevention versus Protection and Reaction

DDoS Defense Goals

DDoS Defense Locations

Defense Approaches

6. Detailed Defense Approaches.

Thinking about Defenses

General Strategy for DDoS Defense

Preparing to Handle a DDoS Attack

Handling an Ongoing DDoS Attack as a Target

Handling an Ongoing DDoS Attack as a Source

Agreements/Understandings with Your ISP

Analyzing DDoS tools

7. Survey of Research Defense Approaches.





Secure Overlay Services (SOS)

Proof of Work




SIFF: An End-Host Capability Mechanism to Mitigate DDoS Flooding Attacks

Hop-Count Filtering (HCF)

Locality and Entropy Principles

An Empirical Analysis of Target-Resident DoS Filters

Research Prognosis

8. Legal Issues.

Basics of the U.S. Legal System

Laws That May Apply to DDoS Attacks

Who Are the Victims of DDoS?

How Often Is Legal Assistance Sought in DDoS Cases?

Initiating Legal Proceedings as a Victim of DdoS

Evidence Collection and Incident Response Procedures

Estimating Damages

Jurisdictional Issues

Domestic Legal Issues

International Legal Issues

Self-Help Options

A Few Words on Ethics

Current Trends in International Cyber Law

9. Conclusions.

Prognosis for DdoS

Social, Moral, and Legal Issues

Resources for Learning More


Appendix A. Glossary.

Appendix B. Survey of Commercial Defense Approaches.

Mazu Enforcer by Mazu Networks

Peakflow by Arbor Networks

WS Series Appliances by Webscreen Technologies

Captus IPS by Captus Networks

MANAnet Shield by CS3

Cisco Traffic Anomaly Detector XT and Cisco Guard XT

StealthWatch by Lancope


Appendix C. DDoS Data.

2004 CSI/FBI Computer Crime and Security Survey

Inferring Internet Denial-of-Service Activity

A Framework for Classifying Denial-of- Service Attacks

Observations and Experiences Tracking Denial-of-Service Attacks across a Regional ISP

Report on the DDoS Attack on the DNS Root Servers




Read More Show Less

Customer Reviews

Be the first to write a review
( 0 )
Rating Distribution

5 Star


4 Star


3 Star


2 Star


1 Star


Your Rating:

Your Name: Create a Pen Name or

Barnes & Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation


  • - By submitting a review, you grant to Barnes & and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Terms of Use.
  • - Barnes & reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously
Sort by: Showing 1 Customer Reviews
  • Anonymous

    Posted January 23, 2005

    DDoS is unsolved

    Your take on this book really depends on where you are sitting. The authors lucidly describe what a Denial of Service attack is. More to the point, the book then goes into an explanation of its more dangerous variant - the Distributed Denial of Service [DDoS] attack. The book is really about the latter; not the simple DoS. We see how DDoS evolved rapidly from 1999 to 2005, with the number of computers hijacked to become agents for an attack expanding from hundreds to over a hundred thousand. And how it no longer seems to be done by joyriding hackers just seeking a thrill. Now, it may actually be a business; a major branch of malware. You should have a reasonable background in understanding TCP/IP, to appreciate the book's technical discussions. For example, if you see mention of the TTL field in a header, you should already know what it means. The book explains several postulated countermeasures to DDoS. Nifty ideas like traceback and pushback. Or perhaps doing an entropy count of good and bad packets, to help distinguish between them. The problem is that none of these are truly effective. DDoS is an unsolved problem. So if you are a cracker, this is good news. Not so for sysadmins. But there is something else. Perhaps DDoS is fundamentally insolvable, under the current IPv4 and current router capabilities. But maybe this field is still young. What is a problem for many could be a chance for you, as a researcher or inventor.

    Was this review helpful? Yes  No   Report this review
Sort by: Showing 1 Customer Reviews

If you find inappropriate content, please report it to Barnes & Noble
Why is this product inappropriate?
Comments (optional)