The Internet currently plays a critical role in society, and it thus requires careful protection from malicious activities such as dental of service (DoS) attacks. DoS attacks can consume memory, CPU, and network bandwidth of a victim site, and they could hinder its operation or temporarily shut it down. The first part of this chapter is devoted to studying different types of DoS attacks and the of mechanisms proposed in the literature to defend against them. The second part of the chapter focuses on attacks on quality of service (QoS) enabled networks, which offer different levels of service. Attacks on QoS-enabled networks include stealing network resources, e.g., bandwidth, and degrading the service perceived by other users. We present network monitoring techniques to detect service violations and to infer DoS attacks in early stages. The last part of the chapter provides a quantitative comparison among all defense schemes for DoS and QoS attacks. The comparison highlights the merits of each scheme and estimates the overhead (both processing and communication) introduced by it. The comparison also provides guidelines for selecting the appropriate defense scheme, or a combination of schemes, based on the requirements and how much overhead can be tolerated.
|Title of host publication||Handbook of Security and Networks|
|Publisher||World Scientific Publishing Co.|
|Number of pages||30|
|ISBN (Print)||9789814273046, 9789814273039|
|Publication status||Published - 1 Jan 2011|
ASJC Scopus subject areas
- Computer Science(all)