Societal dependence on Information and Communication Technology (ICT) over the past two decades has brought with it an increased vulnerability to a large variety of cyber-attacks. One such attack is a Distributed Denial-of-Service (DDoS) attack which harnesses the power of a larger number of compromised and geographically distributed computers and other networked machines to attack information-providing services, often resulting in significant downtime and thereby causing a denial-of-service to legitimate clients. The size, frequency, and sophistication of such attacks have exponentially risen over the past decade. In order to develop a better understanding of these attacks and defense system against this ever-growing threat, it is essential to understand their modus operandi, latest trends and other most widely-used tactics. Consequently, the study of DDoS attacks and techniques to accurately and reliably detect and mitigate their impact is an important area of research. This chapter largely focuses on the current landscape of DDoS attack detection and defense mechanisms and provides detailed information about the latest modus operandi of various network and application layer DDoS attacks, and presents an extended taxonomy to accommodate the novel attack types. In addition, it provides directions for future research in DDoS attack detection and mitigation.
- DDoS Attacks
- Distributed Denial Of Service (DDoS)
- Application Layer DDoS Attacks
- DDoS Defense
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
This is a preview of subscription content, access via your institution.
Tax calculation will be finalised at checkout
Purchases are for personal use onlyLearn about institutional subscriptions
US Committee on National Security Systems, “National Information Assurance (IA) Glossary,” CNSS, Instruction 4009, 2006.
G. Linden, “Make Data Useful,” Presentation, Amazon, November, 2006.
R. Stapleton-Gray and W. Woodcock, “National Internet Defense—Small States on the Skirmish Line,” Communications of the ACM, vol. 54, no. 3, pp. 50–55, 2011.
C. M. R. Dobbins, “Worldwide Infrastructure Security Report,” Arbor Networks, Tech. Rep., 2011.
D. Moore, C. Shannon, D. Brown, G. Voelker, and S. Savage, “Inferring Internet Denial-of-Service Activity,” ACM Transactions on Computer Systems (TOCS), vol. 24, no. 2, pp. 115–139, 2006.
“Prolexic Quarterly Global DDoS Attack Report – Q4 2012,” Prolexic, Tech. Rep., 2012.
“Global ddos threat landscape q3 2017,” https://www.incapsula.com/ddos-report/ddos-report-q3-2017.html, 2017.
F. Khan, “Botnet Economy,” http://dos-attacks.com/2010/10/26/botnet-economy/, [Online; accessed 23-Sep-2012].
M. Kenney, “Ping of Death,” http://insecure.org/sploits/ping-o-death.html, Jan 1997, [Online; accessed 26-Sep-2012].
S. Suriadi, A. Clark, and D. Schmidt, “Validating Denial of Service Vulnerabilities in Web Services,” in IEEE Computer Society Proceedings of the Fourth International Conference on Network and System Security. IEEE Computer Society, 2010.
J. Mirkovic and P. Reiher, “A Taxonomy of DDoS Attack and DDoS Defense Mechanisms,” ACM SIGCOMM Computer Communication Review, vol. 34, no. 2, pp. 39–53, 2004.
S. M. Specht and R. B. Lee, “Distributed denial of service: Taxonomies of attacks, tools, and countermeasures.” in ISCA PDCS, 2004, pp. 543–550.
M. H. Bhuyan, D. K. Bhattacharyya, and J. K. Kalita, “Network anomaly detection: methods, systems and tools,” Ieee communications surveys & tutorials, vol. 16, no. 1, pp. 303–336, 2014.
Y. Xiang, K. Li, and W. Zhou, “Low-rate ddos attacks detection and traceback by using new information metrics,” IEEE Transactions on Information Forensics and Security, vol. 6, no. 2, pp. 426–437, 2011.
M. H. Bhuyan, D. Bhattacharyya, and J. K. Kalita, “E-ldat: a lightweight system for ddos flooding attack detection and ip traceback using extended entropy metric,” Security and Communication Networks, vol. 9, no. 16, pp. 3251–3270, 2016.
Imperva, “Global ddos threat landscape q4 report.” https://www.incapsula.com/ddos-report/ddos-report-q4-2016.html, 2017, [Online; accessed 25-Aug-2017].
C. Labovitz, “The Internet Goes to War,” http://asert.arbornetworks.com/2010/12/the-internet-goes-to-war/, 14 Dec 2010, [Online; accessed 23-Sep-2012].
T. Bradley, “Operation Payback: WikiLeaks Avenged by Hacktivists,” http://www.pcworld.com/businesscenter/article/212701/operation_payback_wikileaks_avenged_by_hacktivists.html, 7 Dec 2010, [Online; accessed 23-Sep-2012].
E. Addley and J. Halliday, “Operation Payback Cripples MasterCard Site in Revenge for WikiLeaks Ban,” http://www.guardian.co.uk/media/2010/dec/08/operation-payback-mastercard-website-wikileaks, Dec 2010, [Online; accessed 23-Sep-2012].
R. Singel, “Operation Payback Cripples MasterCard Site in Revenge for WikiLeaks Ban,” http://www.wired.com/threatlevel/2010/12/web20-attack-anonymous/, Dec 2010, [Online; accessed 24-Sep-2012].
V. Paxson, “An Analysis of Using Reflectors for Distributed Denial-of-service Attacks,” ACM SIGCOMM Computer Communication Review, vol. 31, no. 3, pp. 38–47, 2001.
“The DDoS that knocked Spamhaus offline,” http://blog.cloudflare.com/the-ddos-that-knocked-spamhaus-offline-and-ho, 2013, [Online; accessed 2-Apr-2013].
T. Peng, C. Leckie, and K. Ramamohanarao, “Survey of Network-based Defense Mechanisms Countering the DoS and DDoS Problems,” ACM Computing Surveys, vol. 39, no. 1, p. 3, 2007.
V. Gulisano, M. Callau-Zori, Z. Fu, R. Jiménez-Peris, M. Papatriantafilou, and M. Patiño-Martínez, “Stone: A streaming ddos defense framework,” Expert Systems with Applications, vol. 42, no. 24, pp. 9620–9633, 2015.
K. Kumar, R. Joshi, and K. Singh, “An isp level distributed approach to detect ddos attacks,” in Innovative Algorithms and Techniques in Automation, Industrial Electronics and Telecommunications. Springer, 2007, pp. 235–240.
M. Sachdeva, K. Kumar, and G. Singh, “A comprehensive approach to discriminate ddos attacks from flash events,” Journal of Information Security and Applications, vol. 26, pp. 8–22, 2016.
S. Behal and K. Kumar, “Trends in validation of ddos research,” Procedia Computer Science, vol. 85, pp. 7–15, 2016.
S. Bhatia, “Ensemble-based model for ddos attack detection and flash event separation,” in Future Technologies Conference (FTC). IEEE, 2016, pp. 958–967.
R. Saravanan, S. Shanmuganathan, and Y. Palanichamy, “Behavior-based detection of application layer distributed denial of service attacks during flash events,” Turkish Journal of Electrical Engineering & Computer Sciences, vol. 24, no. 2, pp. 510–523, 2016.
A. Bhandari, A. L. Sangal, and K. Kumar, “Characterizing flash events and distributed denial-of-service attacks: an empirical investigation,” Security and Communication Networks, 2016.
D. Senie and P. Ferguson, “Network ingress filtering: Defeating denial of service attacks which employ ip source address spoofing,” Network, 1998.
K. Park and H. Lee, “On the effectiveness of route-based packet filtering for distributed dos attack prevention in power-law internets,” in ACM SIGCOMM computer communication review, vol. 31, no. 4. ACM, 2001, pp. 15–26.
J. Li, J. Mirkovic, M. Wang, P. Reiher, and L. Zhang, “Save: Source address validity enforcement protocol,” in INFOCOM 2002. Twenty-First Annual Joint Conference of the IEEE Computer and Communications Societies. Proceedings. IEEE, vol. 3. IEEE, 2002, pp. 1557–1566.
T. Peng, C. Leckie, and K. Ramamohanarao, “Protection from Distributed Denial of Service Attacks Using History-based IP Filtering,” in IEEE International Conference on Communications, 2003. ICC’03, 2003, pp. 482–486.
Y. Kim, W. C. Lau, M. C. Chuah, and H. J. Chao, “Packetscore: a statistics-based packet filtering scheme against distributed denial-of-service attacks,” IEEE transactions on dependable and secure computing, vol. 3, no. 2, pp. 141–155, 2006.
X. Liu, X. Yang, and Y. Lu, “Stopit: Mitigating dos flooding attacks from multi-million botnets,” Technical Report 08-05, UC Irvine, Tech. Rep., 2008.
A. Saifullah, “Defending against distributed denial-of-service attacks with weight-fair router throttling,” 2009.
M. A. Saleh and A. Abdul Manaf, “A novel protective framework for defeating http-based denial of service and distributed denial of service attacks,” The Scientific World Journal, vol. 2015, 2015.
E. Y. M. Muharish, “Packet filter approach to detect denial of service attacks,” 2016.
K. Kalkan and F. Alagöz, “A distributed filtering mechanism against ddos attacks: Scoreforcore,” Computer Networks, vol. 108, pp. 199–209, 2016.
T. Gil and M. Poletto, MULTOPS: a data-structure for bandwidth attack detection. Defense Technical Information Center, 2001.
L. Feinstein, D. Schnackenberg, R. Balupari, and D. Kindred, “Statistical Approaches to DDoS Attack Detection and Response,” in DARPA Information Survivability Conference and Exposition, 2003. Proceedings, vol. 1. IEEE, 2003, pp. 303–314.
A. Akella, A. Bharambe, M. Reiter, and S. Seshan, “Detecting ddos attacks on isp networks,” in Proceedings of the Twenty-Second ACM SIGMOD/PODS Workshop on Management and Processing of Data Streams. Citeseer, 2003, pp. 1–3.
S. Jin and D. S. Yeung, “A covariance analysis model for ddos attack detection,” in Communications, 2004 IEEE International Conference on, vol. 4. IEEE, 2004, pp. 1882–1886.
J. Mirkovic and P. Reiher, “D-ward: a source-end defense against flooding denial-of-service attacks,” IEEE transactions on Dependable and Secure Computing, vol. 2, no. 3, pp. 216–232, 2005.
Y. Chen, K. Hwang, and W.-S. Ku, “Collaborative detection of ddos attacks over multiple network domains,” Parallel and Distributed Systems, IEEE Transactions on, vol. 18, no. 12, pp. 1649–1662, 2007.
K. Lu, D. Wu, J. Fan, S. Todorovic, and A. Nucci, “Robust and efficient detection of ddos attacks for large-scale internet,” Computer Networks, vol. 51, no. 18, pp. 5036–5056, 2007.
J. François, I. Aib, and R. Boutaba, “Firecol: a collaborative protection network for the detection of flooding ddos attacks,” IEEE/ACM Transactions on Networking (TON), vol. 20, no. 6, pp. 1828–1841, 2012.
G. Nychis, V. Sekar, D. G. Andersen, H. Kim, and H. Zhang, “An empirical evaluation of entropy-based traffic anomaly detection,” in Proceedings of the 8th ACM SIGCOMM conference on Internet measurement. ACM, 2008, pp. 151–156.
B. M. Tellenbach, “Detection, classification and visualization of anomalies using generalized entropy metrics,” Ph.D. dissertation, ETH ZURICH, 2012.
F. Wang, H. Wang, X. Wang, and J. Su, “A new multistage approach to detect subtle ddos attacks,” Mathematical and Computer Modelling, vol. 55, no. 1, pp. 198–213, 2012.
S. Bhatia, D. Schmidt, and G. Mohay, “Ensemble-based ddos detection and mitigation model,” in Proceedings of the Fifth International Conference on Security of Information and Networks. ACM, 2012, pp. 79–86.
X. Ma and Y. Chen, “Ddos detection method based on chaos analysis of network traffic entropy,” Communications Letters, IEEE, vol. 18, no. 1, pp. 114–117, 2014.
J.-H. Jun, D. Lee, C.-W. Ahn, and S.-H. Kim, “Ddos attack detection using flow entropy and packet sampling on huge networks,” of: ICN, pp. 185–190, 2014.
A. Spognardi, A. Villani, D. Vitali, L. V. Mancini, and R. Battistoni, “Large-scale traffic anomaly detection: Analysis of real netflow datasets,” in E-Business and Telecommunications. Springer, 2014, pp. 192–208.
I. Basicevic, S. Ocovaj, and M. Popovic, “Use of tsallis entropy in detection of syn flood dos attacks,” Security and Communication Networks, vol. 8, no. 18, pp. 3634–3640, 2015.
S. Bhatia, “Detecting distributed denial-of-service attacks and flash events,” Ph.D. dissertation, Queensland University of Technology, 2013.
P. Sangkatsanee, N. Wattanapongsakorn, and C. Charnsripinyo, “Practical real-time intrusion detection using machine learning approaches,” Computer Communications, vol. 34, no. 18, pp. 2227–2235, 2011.
O. Joldzic, Z. Djuric, and P. Vuletic, “A transparent and scalable anomaly-based dos detection method,” Computer Networks, vol. 104, pp. 27–42, 2016.
H. Beitollahi and G. Deconinck, “Tackling application-layer ddos attacks,” Procedia Computer Science, vol. 10, pp. 432–441, 2012.
H. Beitollahi, G. Deconinck, “Connectionscore: a statistical technique to resist application-layer ddos attacks,” Journal of Ambient Intelligence and Humanized Computing, vol. 5, no. 3, pp. 425–442, 2014.
T. Ni, X. Gu, H. Wang, and Y. Li, “Real-time detection of application-layer ddos attack using time series analysis,” Journal of Control Science and Engineering, vol. 2013, p. 4, 2013.
K. Lee, J. Kim, K. H. Kwon, Y. Han, and S. Kim, “Ddos attack detection method using cluster analysis,” Expert Systems with Applications, vol. 34, no. 3, pp. 1659–1665, 2008.
A. Chonka, J. Singh, and W. Zhou, “Chaos theory based detection against network mimicking ddos attacks,” IEEE Communications Letters, vol. 13, no. 9, 2009.
Z. Xia, S. Lu, J. Li, and J. Tang, “Enhancing ddos flood attack detection via intelligent fuzzy logic,” Informatica, vol. 34, no. 4, 2010.
R. Karimazad and A. Faraahi, “An anomaly-based method for ddos attacks detection using rbf neural networks,” in Proceedings of the International Conference on Network and Electronics Engineering, 2011, pp. 16–18.
D. Das, U. Sharma, and D. Bhattacharyya, “Detection of http flooding attacks in multiple scenarios,” in Proceedings of the 2011 international conference on communication, computing & security. ACM, 2011, pp. 517–522.
S. N. Shiaeles, V. Katos, A. S. Karakos, and B. K. Papadopoulos, “Real time ddos detection using fuzzy estimators,” computers & security, vol. 31, no. 6, pp. 782–790, 2012.
S. Y. Dorbala, R. Kishore, and N. Hubballi, “An experience report on scalable implementation of ddos attack detection,” in International Conference on Advanced Information Systems Engineering. Springer, 2015, pp. 518–529.
R. K. Chang, “Defending against flooding-based distributed denial-of-service attacks: a tutorial,” IEEE communications magazine, vol. 40, no. 10, pp. 42–51, 2002.
H. Burch and B. Cheswick, “Tracing anonymous packets to their approximate source,” in LISA, 2000, pp. 319–327.
S. Savage, D. Wetherall, A. Karlin, and T. Anderson, “Network support for ip traceback,” IEEE/ACM transactions on networking, vol. 9, no. 3, pp. 226–237, 2001.
D. Dean, M. Franklin, and A. Stubblefield, “An algebraic approach to ip traceback,” ACM Transactions on Information and System Security (TISSEC), vol. 5, no. 2, pp. 119–137, 2002.
B. Al-Duwairi and M. Govindarasu, “Novel hybrid schemes employing packet marking and logging for ip traceback,” IEEE Transactions on Parallel and Distributed Systems, vol. 17, no. 5, pp. 403–418, 2006.
S. Yu, W. Zhou, R. Doss, and W. Jia, “Traceback of ddos attacks using entropy variations,” IEEE Transactions on Parallel and Distributed Systems, vol. 22, no. 3, pp. 412–425, 2011.
Y.-C. Wu, H.-R. Tseng, W. Yang, and R.-H. Jan, “Ddos detection and traceback with decision tree and grey relational analysis,” International Journal of Ad Hoc and Ubiquitous Computing, vol. 7, no. 2, pp. 121–136, 2011.
V. S. Rajam, G. Selvaram, M. PradeepKumar, and S. M. Shalinie, “Autonomous system based traceback mechanism for ddos attack,” in Advanced Computing (ICoAC), 2013 Fifth International Conference on. IEEE, 2013, pp. 164–171.
K. Singh, P. Singh, and K. Kumar, “A systematic review of ip traceback schemes for denial of service attacks,” Computers & Security, vol. 56, pp. 111–139, 2016.
S. Floyd and K. Fall, “Router mechanisms to support end-to-end congestion control,” Technical report, February 1997. URL” http://wwwnrg.ee.lbl.gov/floyd/end2end-paper.html, Tech. Rep., 1997.
R. Mahajan, S. Bellovin, S. Floyd, J. Ioannidis, V. Paxson, and S. Shenker, “Controlling High Bandwidth Aggregates in the Network,” ACM SIGCOMM Computer Communication Review, vol. 32, no. 3, p. 73, 2002.
G. Zhang and M. Parashar, “Cooperative defence against ddos attacks,” Journal of Research and Practice in Information Technology, vol. 38, no. 1, pp. 69–84, 2006.
X. Wang, “Mitigation of ddos attacks through pushback and resource regulation,” in MultiMedia and Information Technology, 2008. MMIT’08. International Conference on. IEEE, 2008, pp. 225–228.
S. R. Devi and P. Yogesh, “Detection of application layer ddos attacks using information theory based metrics,” CS & IT-CSCP, vol. 10, pp. 213–223, 2012.
B. Gupta, M. Misra, and R. C. Joshi, “An isp level solution to combat ddos attacks using combined statistical based approach,” arXiv preprint arXiv:1203.2400, 2012.
W. Wei, F. Chen, Y. Xia, and G. Jin, “A rank correlation based detection against distributed reflection dos attacks,” IEEE Communications Letters, vol. 17, no. 1, pp. 173–175, 2013.
W. Zhou, W. Jia, S. Wen, Y. Xiang, and W. Zhou, “Detection and defense of application-layer ddos attacks in backbone web traffic,” Future Generation Computer Systems, vol. 38, pp. 36–46, 2014.
H. Bedi, S. Roy, and S. Shiva, “Mitigating congestion based dos attacks with an enhanced aqm technique,” Computer Communications, vol. 56, pp. 60–73, 2015.
Y. Cui, L. Yan, S. Li, H. Xing, W. Pan, J. Zhu, and X. Zheng, “Sd-anti-ddos: Fast and efficient ddos defense in software-defined networks,” Journal of Network and Computer Applications, vol. 68, pp. 65–79, 2016.
S. Behal, K. Kumar, and M. Sachdeva, “D-face: An anomaly based distributed approach for early detection of ddos attacks and flash events,” Journal of Network and Computer Applications, 2018.
S. Behal, K. Kumar, and M. Sachdeva, “D-fac: A novel ϕ-divergence based distributed ddos defense system,” Journal of King Saud University-Computer and Information Sciences, 2018.
“Twitter, Amazon, other top websites shut in cyber attack,” https://ddosattacks.net/twitter-amazon-other-top-websites-shut-in-cyber-attack/, 2016, [Online; accessed 25-Aug-2017].
Poneman, “Evaluating the cost of a ddos attack,” http://184.108.40.206/~pcninc5/wp-content/uploads/2014/06/Evaluating-The-Cost-of-A-DDoS-Attack.pdf, Dyn, Tech. Rep., 2016, [Online; accessed 25-Aug-2017].
Arbor, “Arbor network wisr report https://www.arbornetworks.com/images/documents/wisr2016enweb.pdf,” Arbor Networks, Tech. Rep., 2017. [Online]. Available: https://www.arbornetworks.com/images/documents/WISR2016ENWeb.pdf
“Ddos attacks, iot, and the future of it security,” https://medium.com/ibm-journal/ddos-attacks-iot-and-the-future-of-it-security-b57975dd1b74, 2016.
D. Kreutz, F. Ramos, and P. Verissimo, “Towards secure and dependable software-defined networks,” in Proceedings of the second ACM SIGCOMM workshop on Hot topics in software defined networking. ACM, 2013, pp. 55–60.
S. Sezer, S. Scott-Hayward, P. K. Chouhan, B. Fraser, D. Lake, J. Finnegan, N. Viljoen, M. Miller, and N. Rao, “Are we ready for sdn? implementation challenges for software-defined networks,” IEEE Communications Magazine, vol. 51, no. 7, pp. 36–43, 2013.
B. A. A. Nunes, M. Mendonca, X.-N. Nguyen, K. Obraczka, and T. Turletti, “A survey of software-defined networking: Past, present, and future of programmable networks,” IEEE Communications Surveys & Tutorials, vol. 16, no. 3, pp. 1617–1634, 2014.
W. Li, W. Meng et al., “A survey on openflow-based software defined networks: Security challenges and countermeasures,” Journal of Network and Computer Applications, vol. 68, pp. 126–139, 2016.
M. Crosby, P. Pattanayak, S. Verma, and V. Kalyanaraman, “Blockchain technology: Beyond bitcoin,” Applied Innovation, vol. 2, pp. 6–10, 2016.
I. Ahmed, V. Roussev, W. Johnson, S. Senthivel, and S. Sudhakaran, “A SCADA system testbed for cybersecurity and forensic research and pedagogy,” in Proceedings of the 2nd Annual Industrial Control System Security Workshop, ser. ICSS ‘16. New York, NY, USA: ACM, 2016, pp. 1–9. [Online]. Available: http://doi.acm.org/10.1145/3018981.3018984
I. Ahmed, S. Obermeier, M. Naedele, and G. G. R. III, “SCADA Systems: Challenges for Forensic Investigators,” Computer, vol. 45, no. 12, pp. 44–51, Dec 2012.
I. Ahmed, S. Obermeier, S. Sudhakaran, and V. Roussev, “Programmable Logic Controller Forensics,” IEEE Security Privacy, vol. 15, no. 6, pp. 18–24, November 2017.
I. Ahmed, “Supervisory Control and Data Acquisition (SCADA) Forensics: Network Traffic Analysis for Extracting a Programmable Logic Controller (PLC) System and Programming Logic Files,” in Proceedings of the 69th Annual Meeting of the American Academy of Forensic Sciences, ser. AAFS ‘17. AAFS, 2017.
N. Kush, E. Foo, E. Ahmed, I. Ahmed, and A. Clark, “Gap analysis of intrusion detection in smart grids,” in Proceedings of the 2nd International Cyber Resilience Conference, ser. ICRC ‘11. Australia: secau-Security Research Centre, 2011, pp. 38–46.
“ICS CERT Advisory (ICSA-14-303-02) on Elipse SCADA DNP3 Denial of Service,” https://ics-cert.us-cert.gov/advisories/ICSA-14-303-02, 2018.
S. Senthivel, I. Ahmed, and V. Roussev, “SCADA Network Forensics of the PCCC Protocol,” Digit. Investig., vol. 22, no. S, pp. S57–S65, Aug. 2017.
S. Senthivel, S. Dhungana, H. Yoo, I. Ahmed, and V. Roussev, “Denial of Engineering Operations Attacks in Industrial Control Systems,” in Proceedings of the 8th ACM Conference on Data and Applications Security and Privacy (CODASPY), 2018.
“ICS CERT Advisory (ICSA-16-299-01) on Siemens SICAM,” https://ics-cert.us-cert.gov/advisories/ICSA-16-299-01, 2018.
“ICS CERT Advisory (ICSA-15-202-01) on Siemens SIPROTEC Denial-of-Service Vulnerability,” https://ics-cert.us-cert.gov/advisories/ICSA-15-202-01, 2018.
S. Bhatia, N. Kush, C. Djamaludin, J. Akande, and E. Foo, “Practical modbus flooding attack and detection,” in Proceedings of the Twelfth Australasian Information Security Conference-Volume 149. Australian Computer Society, Inc., 2014, pp. 57–65.
Editors and Affiliations
© 2018 Springer Nature Switzerland AG
About this chapter
Cite this chapter
Bhatia, S., Behal, S., Ahmed, I. (2018). Distributed Denial of Service Attacks and Defense Mechanisms: Current Landscape and Future Directions. In: Conti, M., Somani, G., Poovendran, R. (eds) Versatile Cybersecurity. Advances in Information Security, vol 72. Springer, Cham. https://doi.org/10.1007/978-3-319-97643-3_3
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-97642-6
Online ISBN: 978-3-319-97643-3