Distributed Denial of Service (DDoS) attacks have become more destructive, wide-spread and harder to control over time. This book allows students to understand how these attacks are constructed, the security flaws they leverage, why they are effective, how they can be detected, and how they can be mitigated. Students use software defined networking (SDN) technology to created and execute controlled DDoS experiments. They learn how to deploy networks, analyze network performance, and create resilient systems.

This book is used for graduate level computer engineering instruction at Clemson University. It augments the traditional graduate computing curricula by integrating: Internet deployment, network security, ethics, contemporary social issues, and engineering principles into a laboratory based course of instruction.  Unique features of this book include:

• A history of DDoS attacks that includes attacker motivations
• Discussion of cyber-war, censorship, and Internet black-outs
• SDN based DDoS laboratory assignments
• Up-to-date review of current DDoS attack techniques and tools
• Review of the current laws that globally relate to DDoS
• Abuse of DNS, NTP, BGP and other parts of the global Internet infrastructure to attack networks
• Mathematics of Internet traffic measurement
• Game theory for DDoS resilience
• Construction of content distribution systems that absorb DDoS attacks

This book assumes familiarity with computing, Internet design, appropriate background in mathematics, and some programming skills. It provides analysis and reference material for networking engineers and researchers. By increasing student knowledge in security, and networking; it adds breadth and depth to advanced computing curricula.

Table of Contents

List of Figures

List of Tables

Foreword

About the Authors

Acknowledgements

Preface

Contributors

Introduction

What is DDoS?

History and Motivation

Legal Considerations

DDoS Research: Traffic

DDoS Research: Testing

DDoS Research: Evaluation

Attack Detection

Deceiving DDoS Detection

Detecting DDoS Attack Traffic

Attack Mitigation

Security and DDoS in SDN: Opportunities and Challenges

Denial of Service Attack in Control Systems

Denial of Service Attack on Phasor Measurement Unit

DDoS Lab

Conclusion

Appendix

Bibliography

Index