Abstract
For electronic commerce (E-commerce) entities, security incidents continue to be the most significant risk (in terms of costs) associated with their businesses. Distributed denial-of-service (DDoS) attacks have a debilitating effect on commercial transactions because commerce entities cannot do any legitimate business. Although it is impossible to completely stop all DDoS attacks, there are some tools to assist auditors and security professionals in the management of this critical threat. This article attempts to provide information, tools, and techniques that can minimize the DDoS risk, to the degree possible.