web analytics

DISTRIBUTED DENIAL OF SERVICE (DDOS) ATTACKS – Classification, Attacks, Challenges and Countermeasures – CRC Press Book

Rate this post

Distributed Denial of Service (DDoS) Attacks

Classification, Attacks, Challenges, and Countermeasures

by Brij B. Gupta & Amrita Dahiya

Preface

Massive technological breakthroughs have pioneered the complexity, scale, and magnitude of DDoS attacks from a very simple Trinoo platform to the Mirai botnet. The days are gone when DDoS attacks were bound to run iterations for vandalism in the small-scale network. Nowadays, DDoS attacks are a major concern for e-companies, as most businesses rely on online access and the Internet for delivering services, since the Internet was developed for applicability and not security. In addition, enormous development in vulnerable and insecure IoT applications, amplification, and reflective techniques has worsened the situation. Progressively, attackers are always driven by large incentives as compared to the legitimate users or defenders. Consequently, the frequency and intensity of the DDoS attacks is rising at an exponential pace resulting in unparalleled levels of damage. There is no denying the fact that researchers have tried to keep the momentum of proposing defensive mechanisms apace with the massive modernisation of attacking techniques. However, we still lack in a comprehensive and robust DDoS defensive mechanism. Thus, it is very important to analyse the recent trends and different DDoS attack mitigation solutions to explore new research directions.

Distributed Denial of Service (DDoS) Attacks: Classification, Attacks, Challenges, and Countermeasures provides an overview of the basic concepts of DDoS attacks, its different types, modes of attack, and examines the various countermeasures that have been proposed so far. In this book, we discuss the importance of incentives, liabilities, and cyber insurance in any technical solution and have provided a detailed taxonomy of technical and economical defensive solutions against DDoS attacks. Further, the book covers various issues and challenges encountered by different platforms like cloud computing and IoT in dealing with the DDoS attacks. In addition, we discuss SDN and blockchain as the new emerging solutions to DDoS attacks due to their unique and unparalleled features. Features like decoupling of data and control plane in SDN and decentralisation of blockchain can provide promising solutions in this particular domain. The book emphasises the idea of moving from only technical solutions to a proper blend of technical and economical solutions against DDoS attacks. It also outlines the existing challenges and provides an insight into future research directions.

This book is designed for the readers with an interest in the cybersecurity domain, including researchers who are exploring different dimensions associated with the DDoS attacks, developers and security professionals who are focusing on developing defensive schemes and applications for detecting or mitigating DDoS attacks, industrialists who are keen of promoting their security measures or their cyber insurance policies and services with new features, and faculty members across different universities.

The book contains six chapters, with each chapter focusing on bringing an understanding and knowledge of DDoS attacks and their taxonomy along with their defensive mechanisms to the readers. The following list provides a detailed overview of the topics covered in each chapter:

Chapter 1: Fundamentals of DDoS attack: Evolution and Challenges –
This chapter introduces the concept of DDoS attacks as a starting point for newcomers to the technology and illuminates some major recent trends and statistics unveiled by well-known organisations across the world showcasing the exponential rise in magnitude, severity, and complexity of DDoS attacks. Further, this chapter discusses the evolution of DDoS attacks and their detailed taxonomy based on various parameters.

Chapter 2: Role of Incentives, Liabilities, and Cyber Insurance – This chapter illuminates the importance of incentives and liabilities in any DDoS defensive mechanism. It highlights cyber insurance and its conceptualisation in the risk assessment process. It discusses the fact that weak defense mechanisms, fragile cryptographic protocols, and loose access control policies are not the only reasons, but the lack of incentives and liabilities also contribute significantly to security breaches.

Chapter 3: Taxonomy of DDoS Defence Mechanisms – This chapter highlights the detailed taxonomy of DDoS defense mechanisms. Apart from this, it also covers open research challenges and issues in any trivial DDoS defense mechanism.

Chapter 4: Taxonomy of Economical Solutions – This chapter discusses the classification of economic defensive mechanisms against DDoS attacks. Various payment schemes, resource allocation schemes, negotiation-based solutions, and Internet pricing schemes are discussed in this chapter. Pros and cons of economic solutions are also discussed.

Chapter 5: DDoS Attacks on Various Platforms – This chapter illustrates DDoS attacks on platforms like cloud computing and IoT. It covers vulnerabilities, issues, and challenges associated with these platforms with regard to DDoS attack. Apart from this, this chapter also highlights taxonomy of DDoS attacks and some significant defensive solutions on cloud computing and IoT.

Chapter 6: Emerging Solutions for DDoS attacks: Based on SDN and Blockchain Technologies – This chapter illustrates some new emerging solutions for handling DDoS attacks, i.e., Software Defined Networking (SDN) and blockchain-based solutions. It also covers advantages of these technologies in mitigating DDoS attacks.

DDoS_Attacks_1666633952Download

Views: 0

LinkedIn
Twitter
Facebook
WhatsApp
Email

advisor pick´S post

Nathalie Cole
How Much 10 Companies Paid Their Virtual CISO Service in 2022 Benchmark by Nathaniel Cole
How Much 10 Companies Paid...
Tushar Subhra Dutta
Top 10 Cyber Attack Maps to See Digital Threats 2022 by Tushar Subhra Dutta – Cyber Security News.
Top 10 Cyber Attack Maps...
Microsoft
Microsoft Zero Trust Maturity Model
Microsoft Zero Trust Maturity Model
US Deparment of Defense
DevSecOps Fundamentals Guidebook – Tools & Activities by American Deparment of Defense
DevSecOps Fundamentals Guidebook – Tools...
Microsoft
Microsoft 365 and the NIST Cybersecurity Framework
Microsoft 365 and the NIST...
ACSC Australia
Cyber Incident Response Plan Template by ACSC & Australian Goverment
Cyber Incident Response Plan Template...
Marcos Jaimovich
The Silent Spectre Haunting Your Network: QPhishing, the CISO’s Unspoken Nightmare.
The Silent Spectre Haunting Your...
Marcos Jaimovich
Goodbye to Traditional: Why Conventional Cybersecurity Tools are No Longer Sufficient for the Future of Digital Threats ?
Goodbye to Traditional: Why Conventional...
Marcos Jaimovich
Why do we compare a SOC (Security Operations Center) with the cockpit of a commercial airplane? by Marcos Jaimovich
Why do we compare a...
Joas Antonio
Security Operations Center (SOC) – Tools for Operations Development by Joas Antonio
Security Operations Center (SOC) –...
IZZMIER
Incident Response Playbooks & Workflows Ready for use in your SOC & Redteams
Incident Response Playbooks & Workflows...
LOGPOINT
396 Use Cases & Siem Rules Code ready for use for Mitre Attacks Events Detection in Your SOC by Logpoint
396 Use Cases & Siem...

LASTEST PUBLISHED POSTS

CASOS DE USO APLICABLES EN UN SIEM
CASOS DE USO APLICABLES EN...
IGNITE Technologies
Burp Suite for Pentester
Burp Suite for Pentester
The Institute of Internal auditors
Auditing Risk Culture
Auditing Risk Culture
DevSecOps Guide
ATTACKING PHP APPLICATIONS
ATTACKING PHP APPLICATIONS
DevSecOps Guide
ATTACKING KUBERNETES WITH SECURITY BEST PRACTICE
ATTACKING KUBERNETES WITH SECURITY BEST...
CLTC WHITE PAPER SERIES
Guidance for the Development of AI Risk and Impact Assessments
Guidance for the Development of...
Active Directory
Active Directory IT AuditChecklist
Active Directory IT AuditChecklist
A guide to business continuity planning
A guide to business continuity...
LOG RHYTHM
Using MITRE ATT&CK™ in Threat Huntingand Detection
Using MITRE ATT&CK™ in Threat...
Kaspersky
H2 2023 – A brief overviewof main incidentsin industrial cybersecurity
H2 2023 – A brief...
Andrey Prozorov
24 Great Cybersecurity Frameworks
24 Great Cybersecurity Frameworks
ENISA-EUROPA
SEGURIDAD DE TELECOMUNICACIONES
SEGURIDAD DE TELECOMUNICACIONES

More Latest Published Posts

SF-ISAC
Digital Operational Resilience Act
Digital Operational Resilience Act
SYNGRESS
DIGITAL FORENSICS WITH Open Source TOOLS
DIGITAL FORENSICS WITH Open Source TOOLS
IT REVOLUTION DEVOPS ENTERPRISE FORUM
DevOps Automated Governance Reference Architecture
DevOps Automated Governance Reference Architecture
SANS GIAC CERTIFICATIONS
Detecting Attacks on Web Applications from Log Files
Detecting Attacks on Web Applications from Log Files
EUROPEAN DATA PROTECTION SUPERVISOR
ANNUAL REPORT 2023
ANNUAL REPORT 2023
TechTarget
IT Disaster Recovery Plan Template
IT Disaster Recovery Plan Template
Opstune
IOC Scan Framework v2.0
IOC Scan Framework v2.0
Federal Office for Information Security
Indirect Prompt Injections
Indirect Prompt Injections
the Department of the Environment Climate and Communications
Guidelines on CyberSecurity Specifications
Guidelines on CyberSecurity Specifications
Edelman
INCIDENT RESPONSE REFERENCE GUIDE
INCIDENT RESPONSE REFERENCE GUIDE
Security METRICS
Security Metrics Guide to PCI DSS Compliance
Security Metrics Guide to PCI DSS Compliance
SOC TIPS Cybersecurity
Guia de Resposta a Incidentes de Segurança para LGPD
Guia de Resposta a Incidentes de Segurança para LGPD
CDCP
FIREWALL Audit CHECKLIST
FIREWALL Audit CHECKLIST
GitGuardian
Secrets Management Maturity Model
Secrets Management Maturity Model
MegaCorp One
Sample Penetration Test Report
Sample Penetration Test Report
FORTINET
Routing in FortiGate
Routing in FortiGate
FUTURE OF PRIVACY FORUM
Risk Framework Body Related Data (PD) Immersive Tech
Risk Framework Body Related Data (PD) Immersive Tech
ENISA
Remote ID Proofing Good Practices
Remote ID Proofing Good Practices
Google
Why Red TeamsPlay a Central Rolein Helping OrganizationsSecure AI Systems
Why Red TeamsPlay a Central Rolein Helping OrganizationsSecure AI Systems
Red Canary
Threat Detection Report 2024
Threat Detection Report 2024
HADESS
Pwning the Domain Persistence
Pwning the Domain Persistence
Australian Goverment
PROTECTIVE SECURITYPOLICY FRAMEWORKSecuring government business:Protective security guidance for executive
PROTECTIVE SECURITYPOLICY FRAMEWORKSecuring government business:Protective security guidance for executive
CISC (Comité Internacional Sobre Ciberseguridad)
Política Nacional de Ciberseguridad 2023-2028
Política Nacional de Ciberseguridad 2023-2028
Google
Perspectiveson Securityfor the Board
Perspectiveson Securityfor the Board
HADESS
OSINT Method for Map Investigations
OSINT Method for Map Investigations
CCN-CERT
Observatorio Riesgos Ciberseguridad 2024
Observatorio Riesgos Ciberseguridad 2024
CYBERTHEORY
The ISMG Cybersecurity Pulse Report 2024 is a treasure trove of insights from the RSA Conference, revealing the dynamic landscape of cybersecurity. From AI to Zero Trust: A comprosive guide to the key themes and expert opinions from RSA CONFERENCE 2024 – #RSAC2024
The ISMG Cybersecurity Pulse Report 2024 is a treasure trove of insights from the RSA Conference, revealing the dynamic landscape of cybersecurity. From AI to Zero Trust: A comprosive guide to the key themes and expert opinions from RSA CONFERENCE 2024 – #RSAC2024
FORTINET
Bloking Malware Through Antivirus Security Profile in FortiGate
Bloking Malware Through Antivirus Security Profile in FortiGate