Skip to main content
Fachgebiete
Automobil + Motoren Bauwesen + Immobilien Business IT + Informatik Elektrotechnik + Elektronik Energie + Nachhaltigkeit Finance + Banking Management + Führung Marketing + Vertrieb Maschinenbau + Werkstoffe Versicherung + Risiko
DE
EN
Bücher
Zeitschriften
Themenseiten
Organisationspsychologie Projektmanagement Marketing Smart Manufacturing
Weitere Formate
Podcasts Webinare Technik Webinare Wirtschaft Kongresse Veranstaltungskalender Awards
Jetzt Einzelzugang starten
Zugang für Unternehmen
Referenzkunden
SLX-Digitalkonferenz: Zukunftswerkstatt 2024

Mehr Umsatz mit Top-Kontakten

Am 7. Mai erfahren Sie, wie Vertriebsteams Leadgenerierung, Leadnurturing und Leadstrategien effizient steuern können.
Erweiterte Suche
Anmelden
nach oben

2011 | Buch

Introduction Kapitel lesen Erstes Kapitel lesen

An Investigation into the Detection and Mitigation of Denial of Service (DoS) Attacks

Critical Information Infrastructure Protection

herausgegeben von: S.V. Raghavan, E Dawson

Verlag: Springer India

Enthalten in: Springer Professional "Wirtschaft+Technik" , Springer Professional "Technik" , Springer Professional "Wirtschaft"

Einloggen, um Zugang zu erhalten
insite
SUCHEN

Über dieses Buch

Around the globe, nations face the problem of protecting their Critical Information Infrastructure, normally referred to as Cyber Space. In this monograph, we capture FIVE different aspects of the problem; High speed packet capture, Protection through authentication, Technology Transition, Test Bed Simulation, and Policy and Legal Environment. The monograph is the outcome of over three years of cooperation between India and Australia.

Inhaltsverzeichnis

Frontmatter
Chapter 1. Introduction
Abstract
Contemporary society has grown increasingly reliant on information and the systems used to store, process, and communicate that information. Consequently very few aspects of modern-day life would continue to operate smoothly in the absence of functioning information and communications systems. This increasing societal dependence on information and communications technologies in general and communications networks in particular is most obvious when the delivery of services via these systems and networks is disrupted even for relatively short periods. Such situations in which access to networked services by legitimate customers or clients is deliberately disrupted are collectively categorised as ‘denial of service’ or DoS attacks. These are the subject of the ensuing discussion.
S. V. Raghavan, E. Dawson
Chapter 2. Background
Abstract
In Chap.​ 1, we have introduced the serious consequences that a Denial of Service (DoS) attack could pose on our society which is increasingly reliant on information and the systems used to store, process, and communicate that information. However, the DoS problem has various dimensions and definitions.
A. B. Tickle, E. Ahmed, S. M. Bhaskar, G. Mohay, S. Panichprecha, S. V. Raghavan, B. Ravindran, D. Schmidt, S. Suriadi
Chapter 3. Policy and Law: Denial of Service Threat
Abstract
A set of relevant quotes could ‘set the scene’ for research into and discussion of the policy and law aspects of DoS/DDoS against global, national and defence information infrastructures (GII, NII, DII), national critical infrastructure (CNI) and the nation state itself (Information Warfare, Cyber-warfare, Electronic Warfare).
W. J. Caelli, S. V. Raghavan, S. M. Bhaskar, J. Georgiades
Chapter 4. DDoS Testbed
Abstract
Testing for denial of service vulnerabilities, the effects of attacks and mitigation strategies all require the construction of a dedicated testbed facility. Although the tools for launching such attacks are widely available, for example the Stacheldraht, Trinoo and Phatbot tools [15, p. 87], and although the attacks themselves are well understood, the simulation on a small scale in the laboratory of a large and complex system (the Internet) is fraught with difficulty.
D. Schmidt, S. M. Shalinie
Chapter 5. Detection and Mitigation of High-Rate Flooding Attacks
Abstract
Because high-rate flooding attacks constitute such a potent threat to the delivery of Internet-based services, the early and reliable detection of the onset of such an attack together with the formulation and implementation of an effective mitigation strategy are key security goals. However, the continuously evolving nature of such attacks means that they remain an area of active research and investigation. This chapter focuses largely on our research into attack detection, with some discussion of mitigation through IP address filtering. The chapter outlines leading-edge work on developing detection techniques that have the potential to identify a high-rate flooding attack reliably and in real time or, at least, in near real time. In addition, it formulates an architecture for a DoS Mitigation Module (DMM) to provide a vehicle for integrating the elements of the solution.
G. Mohay, E. Ahmed, S. Bhatia, A. Nadarajan, B. Ravindran, A. B. Tickle, R. Vijayasarathy
Chapter 6. Cryptographic Approaches to Denial-of-Service Resistance
Abstract
Authentication is a promising way to treat denial-of-service (DoS) threats against nonpublic services because it allows servers to restrict connections only to authorised users. However, there is a catch with this argument since authentication itself is typically a computationally intensive rocess that is necessarily exposed to unauthenticated entities. This means that the authentication protocol can become a source of denial-of-service vulnerability itself, thereby causing the same problem it is aimed at solving.
C. Boyd, J. Gonzalez-Nieto, L. Kuppusamy, H. Narasimhan, C. Pandu Rangan, J. Rangasamy, J. Smith, D. Stebila, V. Varadarajan
Chapter 7. Denial of Service Defence Appliance for Web Services
Abstract
Service-oriented architectures (SOAs), implemented using web services, seek to use open and interoperable standards to facilitate easier enterprise application integration, provide application flexibility and facilitate the dynamic composition of applications from component services. As with traditional distributed computing environments such as common object request broker architecture (CORBA), remote procedure call (RPC) and remote method invocation (RMI), the exposure of information resources via computer networks to remote users and applications requires that those resources be adequately protected.
S. Suriadi, A. Clark, H. Liu, D. Schmidt, J. Smith, D. Stebila
Chapter 8. DoS Vulnerabilities in IPv6
Abstract
Central to the functioning of the Internet itself as well as most corporate and organisational intranets is the TCP/IP suite of protocols. Within the TCP/IP suite, the transmission control protocol (TCP) offers a robust delivery mechanism for all kinds of data across a network of arbitrary complexity. The other key protocol component, the Internet protocol (IP), primarily manages the routing of messages (aka packets or datagrams) between communicating entities. The Internet protocol (IP) also deals with issues related to network and computer addresses, that is so-called IP addresses. The current version of the Internet protocol (IP) is IPv4. As has been discussed in the previous chapters, the vulnerabilities of IPv4 have been exploited in denial-of-service (DoS) attacks. IPv4 also has a number of design limitations of which the impending exhaustion of available IPv4 addresses is one of the more critical. Development of IPv6, the designated successor to IPv4, has been underway since 1998. IPv6 attempts to address some of the security limitations of IPv4 but, importantly, also solves the address shortage problem by using 128-bit addresses compared to the 32-bit addresses adopted in IPv4. This creates a potential address space within IPv6 that is more than 20 orders of magnitude larger than IPv4’s address space.
J. Smith, E. Ahmed, C. Chellappan, S. P. Meenakshi, S. V. Raghavan, S. Suriadi, A. B. Tickle
Backmatter
Metadaten
Titel
An Investigation into the Detection and Mitigation of Denial of Service (DoS) Attacks
herausgegeben von
S.V. Raghavan
E Dawson
Copyright-Jahr
2011
Verlag
Springer India
Electronic ISBN
978-81-322-0277-6
Print ISBN
978-81-322-0276-9
DOI
https://doi.org/10.1007/978-81-322-0277-6

Neuer Inhalt

    Bildnachweise