Weitere Kapitel dieses Buchs durch Wischen aufrufen
Even though Internet appears to be one of the successful phenomena of globalization today, web applications, services, and servers are being challenged by multiple vulnerabilities due to multiple penetrations. These security flaws can easily be exploited by malicious actors who will use malware to launch DDoS to damage critical infrastructures in small and large businesses putting their productivity and trust at risk. This paper offers methods that public and private sectors can consider to lessen damages cause by DDoS. The detective techniques will help uncover some early signs of malicious activities in the organization’s network. The preventive ones will ensure all methods have been implemented to stop the intrusion from happening. Findings have demonstrated that mitigation mechanism can only be effective with detective and preventive methods. It is vital to keep in mind that attackers are busy developing sophisticated tools to disrupt services and damage systems making traditional security tools ineffective. They need to be replaced by robust security technologies to protect networked systems efficiently as presented in this research. Security awareness as an important network security practice, will educate non-IT professionals, serve as a reminder to IT professionals and result in thwarting insider threats. When all these are successfully implemented, an attacker’s chances of launching a successful distributed denial-of-service attack are reduced by 2%.
Bitte loggen Sie sich ein, um Zugang zu diesem Inhalt zu erhalten
Sie möchten Zugang zu diesem Inhalt erhalten? Dann informieren Sie sich jetzt über unsere Produkte:
Beuchelt, G. (2013). Chapter 8. Securing web applications, services and servers. In J. Vacca (Ed.), Computer and information security handbook (2nd ed.). Boston: Morgan Kaufmann Publishers.
Day, C. (2013). Chapter 26. Intrusion detection and prevention systems. In J. Vacca (Ed.), Computer information security handbook. San Francisco: Morgan Kaufmann Publishers.
Douligeris, C., & Mitrokotsa, A. (2004). DDoS attacks and defense mechanisms: Classification and state of the art. Computer Journal of Networks, 44(5), 643–666. CrossRef
Gertz, M. (2011). Database security. In H. Bidgoli (Ed.), Handbook of information security, Volume 3. Database security mechanisms and models. New York: Wiley.
Gupta, B., Joshi, C., & Misra, M. (2010). Distributed denial of service prevention techniques. International Journal of Computer and Electrical Engineering, 2, 1793–8163.
IBM Global Technology Services (2013, August). Managed distributed denial of service (DDoS) protection. Retrieved from http://www-01.ibm.com/common/ssi/cgi-bin/ssialias?htmlfid=SED03135USEN.
Imperva (2016). DDoS protection strategies. Retrieved from https://www.incapsula.com/web-application-ddos-protection-services.html.
McMillan, J., & VandenBrink, R. (2009, September 14). GIAC enterprises: Where your fortune is our business. Malware Infection Tiger Team final report. Retrieved from http://www.sans.edu/studentfiles/projects/200909_.
Meyer, R. (2008, Jan 26). Detecting attacks on web applications from Log Files. Retrieved from https://www.sans.org/reading-room/whitepapers/logging/detecting-attacks-web.
Mirkovic, J. (n.d.). A taxonomy of DDoS attack and DDoS defense mechanisms. Retrieved from https://www.researchgate.net/profile/Peter_Reiher/publication/2879658_A_taxonomy_of_DDoS_.
Shokri, R., Varshovi, A., H. Mohammadi, Yazdani, N., & Sadeghian, B. (2006, September 13–15). DDPM: Dynamic deterministic packet marking for IP traceback. IEEE International Conference on Networks (pp. 1–6). Singapore: IEEE.
UMUC (2011). Module 9. Virtualization and cloud computing. Retrieved from https://leoprdws.umuc.edu/cgi-bin/id/FlashSubmit/fs_link.pl?fs_project_id=385&.
Zeltser, L. (2009). Introduction to malware analysis. Retrieved from http://zeltser.com/reversemalware/intro_to_malware_analysis_201208.pdf.
- Techniques for Detecting, Preventing and Mitigating Distributed Denial of Service (DDoS) Attacks
Judith Clarisse Essome Epoh
Neuer Inhalt/© ITandMEDIA