Internet Denial of Service: Attack and Defense Mechanisms

2017-07-07 02:10:07

Index

[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [R] [S] [T] [U] [V] [W] [Y] [Z]

D-WARDDaemons. [See agents, handlers, stepping stones.]

Damages. [See also cost of attacks.]

aggregating cost-estimation model

estimating

hidden costs

ICAMP (Incident Cost Analysis and Modeling Project)

IRC (Internet Relay Chat)

loss, definition 2nd

trigger for federal statutes

United States v. Middleton Data, as property

Datagrams. [See packets.]

DDoS (distributed denial of service). [See also attacks, DoS.]

benefits for the attacker definition extortion trend

goals

history of. [See evolution of DoS attacks.] postal analogy prognosis

DefCOM

Defense approaches. [See also tools.]

attack detection. [See attack detection.]

attack response. [See attack response.] building secure systems

characterization

charges for packet sending collateral damage

complete deployment

completeness contiguous deployment costs deployment at specified points

deployment patterns

effectiveness

false negatives firewalls

false positives

general strategy

goals

hardening

incident response life cycle

large scale, widespread deployment

modification of protocols

NAT (Network Address Translation) box

obstacles

ongoing attacks as a source as a target

backscatter traceback

BGP-speaking routers black hole routes

filtering

hardcoded IP addresses

liability issues

sinkhole networks

overview 2nd

post-mortem analysis

preparation attack response

automatic response

closing unneeded ports

compartmentalizing your network costs critical versus non-critical services

custom defense systems

disabling unneeded services discovering active services disk I/O performance

end host vulnerability

estimating damage costs

fault-tolerance

filtering incoming traffic hiding

identifying bottlenecks

incident response life cycle ingress/egress filtering

insurance coverage

ISP agreements 2nd MAC (mandatory access control) manual response memory utilization

network I/O performance

network risk assessment

number of server processes

overprovisioning 2nd

processor utilization

risk assessment

scalability

securing end hosts

segregated services

swapping/paging activity

system tuning

protection

attack prevention endurance approach host vulnerabilities

hygiene

network organization packet filtering

reaction 2nd

research

ACC (aggregate congestion control)

Bloom filters

client legitimacy

congestion signatures

connection depletion attacks COSSACK (COordinated Suppression of Simultaneous AttaCKs)

D-WARD

DefCOM

detection and control of attacks entropy principle flash crowds

flooding-style attacks 2nd

hash-based traceback HCF (Hop-Count Filtering) locality principle

NetBouncer

Pi filtering

PPM (probabilistic packet marking)

prognosis proof of work

pushback

rate limiting 2nd SIFF

SOS (Secure Overlay Services)

source-based defense SPIE (source path isolation engine) SPIEDER target-based defense

target-resident DoS filters

traceback

serving legitimate traffic

social challenges

source validation

hiding

one-way functions

proof of work

resource allocation

reverse Turing test

TCP SYN cookie approach

trapdoor functions

technical challenges throttling packet flow wide deployment, requirements

Defense locations

in the middle multiple locations

near the attacker

near the target

tragedy of the commons

Defense strategies. [See defense approaches, prevention, detection, reaction.]

Degradation of service

Deloder worm

DeMilitarized Zone (DMZ). [See DMZ.]Denial of service (DoS). [See DoS (denial of service).]

"Denial-of-Service Developments," (CA-2000 01)

"Denial-of-Service Tools," (CA-1999 17)

Department of Justice Cybercrime Web site Deployment patterns Detection. [See also attack detection.]

anomalies

definition description general defense strategy

misbehavior

of DoS tools

signatures

"Developing an Effective Incident Cost Analysis Mechanism,"Dietrich, Sven

DDoS analysis

history of DoS mstream analysis 2nd 3rd 4th 5th 6th

Shaft analysis 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th

Stacheldraht analysis 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th tool analysis Direct commands Disabling unneeded services

Disclosure versus nondisclosure

Discovering active services

Disk I/O performance

Distributed computing, evolution of

Distributed denial of service (DDoS). [See DDoS (distributed denial of service), DoS.]

"Distributed Denial of Service Tools" (IN-99 04)

"Distributed Denial of Service Tools" (Sun Bulletin #00193)

Distributed System Intruder Tools (DSIT) Workshop 2nd 3rd 4th 5th

Dittrich, David

"Active Response to Computer Intrusions,"

"Basic Steps in Forensic Analysis of UNIX Systems,"

DDoS analysis

DDoS Web page "Developing an Effective Incident Costs Analysis Mechanism," host-and-network-oriented scanners

IDS signatures

mstream analysis 2nd 3rd 4th 5th 6th "Power bot" analysis

rootkit FAQ

Shaft analysis 2nd 3rd 4th 5th 6th 7th

Stacheldraht analysis 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th

tcpdstat modifications

TFN analysis

tool analysis 2nd

trinoo analysisDMZ (DeMilitarized Zone)

description

filtering 2nd

traffic captureDNS (Domain Name Service) definition

false requests, evolution of

Don't Panic DoS (denial of service). [See also attacks.] definition

goals

history of. [See Internet; evolution.]

postal analogy

DoS programs Dropping legitimate packets

Dshield

DSIT (Distributed System Intruder Tools) Workshop 2nd 3rd 4th Dual criminality

Index

Категории