Abstract

The explosive growth of the Internet and its increasingly critical role in supporting electronic commerce, transportation, and communications, have brought an equally explosive growth in attacks on Internet infrastructure and services. Some of the most difficult attacks to defend against are the Distributed Denial of Service (DDoS) attacks, in which an overwhelming flood of network packets is generated from many different sources, with the intent of preventing legitimate use of services. Typically, DDoS attacks are directed at one or more targets, such as end-users, web servers, entire networks or parts of networks, or networking infrastructure components.
DDoS attacks pose a severe threat to the nation’s ability to conduct business, defend itself, and provide vital government services to its citizens. Medium-scale DDoS attacks have been observed frequently during the past 2-3 years, and larger scale attacks are increasingly likely. For example, an amateur attacker disabled some of the world’s largest web services (eg, Yahoo!, CNN, Amazon, and Buy. com) for hours in February 2000. More recently, attacks against the CERT Coordination Center [14] and edNET [15], a Scottish ISP, caused major disruptions in service. A determined enemy could perpetrate focused attacks that disable vital services at critical times, disrupt commerce, create uncertainty and panic among the public, and effectively prevent much of the electronic communication the US Government relies on today. This serious national vulnerability can only be addressed through substantial and coordinated efforts by government and industry.

Date

July 26, 2002

Authors

Wes Hardaker, Darrell Kindred, Ron Ostrenga, Dan Sterne, Roshan Thomas

Journal

Network Associates Laboratories Report

Pages

02-052