Distributed Denial of Service
(DDoS) attacks have become more destructive, wide-spread and harder to control over time. This book allows students to understand how these attacks are constructed, the security flaws they leverage, why they are effective, how they can be detected, and how they can be mitigated. Students use software defined networking (SDN) technology to created and execute controlled DDoS experiments. They learn how to deploy networks, analyze network performance, and create resilient systems.
This book is used for graduate level computer engineering instruction at Clemson University. It augments the traditional graduate computing curricula by integrating: Internet deployment, network security, ethics, contemporary social issues, and engineering principles into a laboratory based course of instruction. Unique features of this book include:
A history of DDoS attacks that includes attacker motivations
Discussion of cyber-war, censorship, and Internet black-outs
SDN based DDoS laboratory assignments
Up-to-date review of current DDoS attack techniques and tools
Review of the current laws that globally relate to DDoS
Abuse of DNS, NTP, BGP and other parts of the global Internet infrastructure to attack networks
Mathematics of Internet traffic measurement
Game theory for DDoS resilience
Construction of content distribution systems that absorb DDoS attacks
This book assumes familiarity with computing, Internet design, appropriate background in mathematics, and some programming skills. It provides analysis and reference material for networking engineers and researchers. By increasing student knowledge in security, and networking; it adds breadth and depth to advanced computing curricula.