Acknowledgments


The authors wish to thank Radia Perlman from Sun Microsystem Laboratories, and Mary Franz and her colleagues at Prentice Hall for their support and assistance in producing this book. Radia and Mary were instrumental in encouraging us to write the book and getting Prentice Hall to commit to its publication.

The authors also wish to thank distinguished researchers and practitioners in the network security community who reviewed this book: Steven M. Bellovin from AT&T Labs, Angelos D. Keromytis from Columbia University, Giovanni Vigna from the University of California at Santa Barbara, Cat Okita from Earthworks, Kevin Fu from MIT, Warwick Ford from Wyltan, Inc., Harlan Carvey, and Howard Lipson from the CERT Coordination Center. Their reviews have been instrumental to us in improving the technical content and the readability of this book.

The authors would like to thank the CERT Coordination Center, for permitting us to reproduce some of their copyrighted figures and other material in this book. We also thank the companies that have granted us the permission to use their products' copyrighted material in preparation of Appendix B. These are: Mazu Networks, Arbor Networks, WebScreen Technologies, Captus Networks, CS3, Riverhead Networks (now part of Cisco Systems), and Lancope.

David Dittrich

I wish to thank the following people: my parents, Carol and William Dittrich (I wish he were still here to read this), for raising me to consider how I can best contribute to the good of society; my cousin Dan and uncle Richard Kegel, for being early inspirations to me to explore computing; my extended family and friends (especially Ali Ritter) for putting up with me working through two plus years' holidays analyzing DDoS malware; my coworkers at the University of Washington who have assisted or inspired me to find better ways to deal with an ever-growing number of compromised computers (e.g., Corey Satten; Aaron Racine; my former assistant director Oren Sreebny and his wonderful Client Services group; Sandy Moy, Mike Hornung, Eliot Lim, Alexander Howard, and Daniel Schwalbe, who continue to deal with compromised hosts on campus; Terry Gray and his Network Engineering and Network Operations crews; and the many others in C&C and MCIS who deal with computer security incident response); Lance Spitzner and all of the members of the Honeynet Project and Research Alliance for sharing my curiosity about how computer attack tools function and how to detect and counter them; Kirk Bailey and members of the Agora, who form connections with others in government and industry to deal with issues like DDoS, incident response, forensics, identity theft, and online privacy; Ivan Orton, John Christiansen, Alisha Ritter, James Vasquez, Jennifer Granick, Richard Salgado, Dario Forte, Steve Schroeder, Ken Himma, Marc Lampson, and the many participants at the 3rd Agora Active Defense Workshop for their guidance through the varied and complex landscape of the Law; Dean Michael Eisenberg, David Notkin, Harry Bruce, Alpha Delap, Ed Lazowska, and all in the Information School and Center for Information Assurance and Cybersecurity for supporting and encouraging me to publish, develop research, teach, and consult in this fascinating field; the staff of the CERT Coordination Center and attendees at the Distributed Intruder Tools Workshop with whom I have maintained contact and worked over the years; to the many former and current members of the federal government, military, and intelligence community, who share a desire to protect our critical cyberinfrastructure from attack, and who have involved me in this effort over the years in ways that make me and my family proud.

Sven Dietrich

Sven Dietrich would like to thank the following for their dedication, integrity, and support: Aghadi Shraim, Karen Petraska, Frank Ottens, Bill Farrell, Andy Schain, and Neil Long. Without their help the early DDoS analysis work could not have been completed.

Sven would also like to thank Howard Lipson, Eric Hayes, Sheila Rosenthal, Tom Longstaff, John McHugh, Nancy Mead, Carrie Gates, Mike Collins, Sarah Strauss, Mindi McDowell, David Biber, Jason Rafail, Chad Dougherty, Art Manion, Allen Householder, and many others from the CERT Coordination Center and the Software Engineering Institute for their support, scrutiny, and contributions. Sven is grateful for the environment at CERT Research that allowed him to continue and extend his DDoS research, both in the context of the Survivable Systems Engineering Team and the Carnegie Mellon CyLab, and to eventually write this book.

Finally, Sven would like to thank his friends and family for their patience and support during the writing of this book.

Jelena Mirkovic

Jelena Mirkovic and Peter Reiher are very grateful to the Defense Advanced Research Project Agency (DARPA) for supporting their research in DDoS defense, through the Fault Tolerant Networking (FTN) program led by Dr. Douglas Maughan, program manager. The FTN program funded a large number of cybersecurity research projects, with an aim of improving Internet robustness in face of attacks. Many of these projects were focused on DDoS defenses, and they greatly affected the DDoS research community by both advancing the knowledge of the threat and by proposing innovative defense measures (some of which evolved into full-fledged commercial products). Dr. Maughan stepped outside the conventional funding paradigm, which fosters individual projects developed in isolation and with no relation to one another, by encouraging partnerships between projects. This enabled both combinations of defense approaches and their independent evaluation, and resulted in a higher quality of research.

Jelena is very grateful to the Computer and Information Sciences Department at the University of Delaware, for supporting her DDoS research and her book-writing efforts. Friendly and supporting colleagues, bright students, and helpful and capable staff make this department an enjoyable and inspiring place to work.

Jelena would like to extend profound thanks to the faculty, students, and staff associated with the University of Utah Emulab testbed, a shared testbed resource that enables researchers to acquire multiple machines, load them with their code, and test to their hearts' content. The people at Emulab did a superb job creating and maintaining this facility; they were very forthcoming in meeting the special needs of various projects she has worked on, and they heroically coped with occassional mishaps in these projects (such as escaped scans, overloaded disks, and excessive traffic that brought down the NFS server) without revoking her account. Testing DDoS defenses in a (as much as possible) realistic setting requires multiple machines usually many more than an average university lab can acquire. Those machines must further be recombined into various topologies, and doing this in an ordinary lab environment is painful and includes a lot of cable reconnecting, manual reconfiguration, and anguish when packets just don't flow. In Emulab, the act of acquiring a hundred machines, organizing them in a desired topology and installing the code one needs to run takes about 10 minutes. Imagine how this advances research! Jelena has used Emulab resources and found them invaluable both in her Ph.D. work, her current research at the University of Delaware, and in teaching network security classes.

Jelena is especially grateful to her husband, Nikola, and numerous friends and family members, who lent her their patience, advice, and energy in the challenging process of writing this book.

Peter Reiher

Peter Reiher would like to thank several students who have worked on research projects related to distributed denial of service problems with him. These students have been instrumental in helping him develop a better understanding of the problems caused by DDoS attacks and the advantages and disadvantages of various possible solutions to those problems. These students include (in addition to Jelena Mirkovic) Gregory Prier, Max Robinson, Matthew Schnaider, B. Scott Michel, and Jun Li. Peter would also like to thank Dr. Gerald Popek and Dr. Geoff Kuenning for their contributions to his research group's work on distributed denial of service attacks.

Peter would also like to thank Raj Yavatkar and the Intel Corporation for support they've provided to allow him to pursue the use of programmable routers for combating DDoS attacks. This support helped develop ideas and approaches to DDoS defense discussed in this book.

Peter would also like to thank his wife, Cathleen, for her understanding, support, and patience through the long process of producing this book.



Internet Denial of Service. Attack and Defense Mechanisms
Internet Denial of Service: Attack and Defense Mechanisms
ISBN: 0131475738
EAN: 2147483647
Year: 2003
Pages: 126

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net