BKNTRDOS.RVW 20080420 "Internet Denial of Service", Jelena Mirkovic et al, 2005, 0-13-147573-8, U$39.99/C$57.99 %A Jelena Mirkovic %A Sven Dietrich %A David Dittrich dittrich@u.washington.edu %A Peter Reiher %C One Lake St., Upper Saddle River, NJ 07458 %D 2005 %G 0-13-147573-8 %I Prentice Hall %O U$39.99/C$57.99 800-576-3800 416-293-3621 201-236-7139 %O http://www.amazon.com/exec/obidos/ASIN/0131475738/robsladesinterne http://www.amazon.co.uk/exec/obidos/ASIN/0131475738/robsladesinte-21 %O http://www.amazon.ca/exec/obidos/ASIN/0131475738/robsladesin03-20 %O Audience i+ Tech 2 Writing 2 (see revfaq.htm for explanation) %P 372 p. %T "Internet Denial of Service: Attack and Defense Mechanisms" Chapter one is an introduction to the book itself, rather than the topic, asserting that the work is intended for an audience of system administrators, corporate managers, and those dealing with public policy. The topic is defined in chapter two, which notes that denial of service (DoS) is not like other security risks where intrusion or use (or misuse) of resources is the aim, but prevention of the legitimate use of a system. Much of the material concentrates on distributed denial of service (DDoS), and the text mentions the inherent risk of DoS where a service is being provided. The structure and logical flow of the content is not always obvious, but the information is reasonably clear and readable. The history of DoS attacks, starting with the early, simple assaults intended to gain status and notoriety and progressing through to the recent complex and financially motivated offensives, is covered in chapter three. There is discussion of the fact that the structure of the Internet works against many protective measures and hinders efforts to collect digital forensic evidence. Chapter four examines the process, technology, and tools of DDoS attacks. Defence is contemplated in chapter five, along with the intrinsic difficulty presented by the need for availability, the possibility of attacking either the computer-based service or the network-based communications, and a poor authentication and tracking infrastructure. The deliberation does note that defence can be attempted in many layers, from secure application development to overt reaction. A detailed analysis of some defensive approaches is provided in chapter six, which assessment is also valuable in terms of business continuity planning. Chapter seven has a listing and review of various research projects on defence. Legal issues are catalogued in chapter eight: most of the content is general, but there is a fair amount that is specific to the United States. Chapter nine summarizes major points, and speculates on future trends. This is a thorough overview of a topic that is covered poorly, if at all, in most of the security literature. Availability has come very late to add depth to the C-I-A (Confidentiality, Integrity, Availability) triad, and therefore DoS attacks are still misunderstood as mere nuisance. The problem is growing, and this material should be of greater interest to those charged with protecting both corporate assets and the public infrastructure. copyright Robert M. Slade, 2008 BKNTRDOS.RVW 20080420