摘要: This tutorial describes what Denial of Service (DOS) attacks are. how they can be carried out in IP networks, and one defend against them. Distributed DoS (DDoS) are included here as a subset attacks. A attack has two phases: deployment an phase. program must first deployed on or more compromised hosts before is possible. Mitigation requires thus defense mechanisms for both phases. Completely reliable protection is, however, not There will always vulnerable the Internet. many based ordinary use protocols, Defense depth needed to mitigate effect paper shortly proposed literature. The goal implement all possible defenses. Instead, should optimize trade-off between security costs acquired benefits handling most important risks. closely related risk management.
acm.org 
sci-hub.se 参考文章(57)
Sally Floyd, Pushback Messages for Controlling Aggregates in the Network ,(2001)
Kevin J. Houle, George M. Weaver, Trends in Denial of Service Attack Technology ,(2001)
Vern Paxson, Yin Zhang, Detecting stepping stones usenix security symposium. pp. 13- 13 ,(2000)
Greg Shipley, Patrick Mueller, Cover story: dragon claws its way to the top Network Computing archive. ,vol. 12, pp. 45- 67 ,(2001)
Christian Huitema, Routing in the Internet (2nd ed.) Prentice Hall PTR. ,(1999)
Allen Householder, Art Manion, Linda Pesante, George M. Weaver, Rob Thomas, Managing the Threat of Denial-of-Service Attacks Defense Technical Information Center. ,(2001) , 10.21236/ADA636482
Perry Wagle, Calton Pu, Steve Beattie, Crispin Cowan, Ryan Finnin Day, Erik Walthinsen, Protecting Systems from Stack Smashing Attacks with StackGuard ,(1999)
Robert Stone, Centertrack: an IP overlay network for tracking DoS floods usenix security symposium. pp. 15- 15 ,(2000)
A. C. Day, The State of Software. Association for Literary and Linguistic Computing Bulletin. ,(1975)
Timothy N. Newsham, Thomas H. Ptacek, Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection ,(1998)