Global ETD Search

21	DDoS : -Vad är det och går det att skydda sig? Eriksson, Tomas, Joelsson, Hans January 2006 (has links) This paper will expose the serious phenonomen Distributed Denial of Service (DDoS). Businesses without a good security policy are easy targets for attackers. We will cover why its hard to protect yourself, present previous attacks and ways for individuals and businesses to secure themselves. We have based our paper on previous cases and done intervjues with companies who specialize in dealing with these kind of threats. Then come up with guidelines wich will be helpful for businesses when they want to strengthen there security against Distributed Denial of Service-attacks. / Detta arbete upplyser om hur allvarligt fenomenet Distributed Denial of Service (DDoS) är. Företag utan ett väl fungerande säkerhetstänkande kan råka riktigt illa ut vid en DDoS-attack. Vi kommer att berätta om problemet och ta upp tidigare attacker samt förslag på åtgärder för att öka säkerheten för både privatpersoner och företag. Vi kommer att utgå från tidigare Case om DDoS och intervjua säkerhetsföretag för att kunna framställa en skyddsstrategi. Därmed hoppas vi att vår uppsats kommer att vara till hjälp för företag som står inför valet att öka säkerheten mot Distributed Denial of Service. Distributed Denial Of Service Belastningsattack Information Systems
22	Denial of Service on SIP VoIP infrastructures using DNS flooding Zhang, Ge January 2007 (has links) A simple yet effective Denial of Service (DoS) attack on SIP servers is to flood the server with requests addressed at irresolvable domain names. In this paper we evaluate different possibilities to mitigate these effects and show that over-provisioning is not sufficient to handle such attacks. As a more effective approach we present a solution called the DNS Attack Detection and Prevention (DADP) scheme based on the usage of a non-blocking DNS cache. Based on various measurements conducted over the Internet we investigate the efficiency of the DADP scheme and compare its performance with different caching strategies applied. / nickchang918@hotmail.com SIP VoIP Denial of Service Computer Sciences Datavetenskap (datalogi)
23	On the Impact and Defeat of Regular Expression Denial of Service Davis, James Collins 28 May 2020 (has links) Regular expressions (regexes) are a widely-used yet little-studied software component. Engineers use regexes to match domain-specific languages of strings. Unfortunately, many regex engine implementations perform these matches with worst-case polynomial or exponential time complexity in the length of the string. Because they are commonly used in user-facing contexts, super-linear regexes are a potential denial of service vector known as Regular expression Denial of Service (ReDoS). Part I gives the necessary background to understand this problem. In Part II of this dissertation, I present the first large-scale empirical studies of super-linear regex use. Guided by case studies of ReDoS issues in practice (Chapter 3), I report that the risk of ReDoS affects up to 10% of the regexes used in practice (Chapter 4), and that these findings generalize to software written in eight popular programming languages (Chapter 5). ReDoS appears to be a widespread vulnerability, motivating the consideration of defenses. In Part III I present the first systematic comparison of ReDoS defenses. Based on the necessary conditions for ReDoS, a ReDoS defense can be erected at the application level, the regex engine level, or the framework/runtime level. In my experiments I report that application-level defenses are difficult and error prone to implement (Chapter 6), that finding a compatible higher-performing regex engine is unlikely (Chapter 7), that optimizing an existing regex engine using memoization incurs (perhaps acceptable) space overheads (Chapter 8), and that incorporating resource caps into the framework or runtime is feasible but faces barriers to adoption (Chapter 9). In Part IV of this dissertation, we reflect on our findings. By leveraging empirical software engineering techniques, we have exposed the scope of potential ReDoS vulnerabilities, and given strong motivation for a solution. To assist practitioners, we have conducted a systematic evaluation of the solution space. We hope that our findings assist in the elimination of ReDoS, and more generally that we have provided a case study in the value of data-driven software engineering. / Doctor of Philosophy / Software commonly performs pattern-matching tasks on strings. For example, when validating input in a Web form, software commonly tests whether an input fits the pattern of a credit card number or an email address. Software engineers often implement such string-based pattern matching using a tool called regular expressions (regexes). Regexes permit software engineers to succinctly describe the sequences of characters that make up common "languages" like the set of valid Visa credit card numbers (16 digits, starting with a 4) or the set of valid emails (some characters, an '@', and more characters including at least one'.'). Using regexes on untrusted user input in this manner may be a dangerous decision because some regexes take a long time to evaluate. These slow regexes can be exploited by attackers in order to carry out a denial of service attack known as Regular expression Denial of Service (ReDoS). To date, ReDoS has led to outages affecting hundreds of websites and tens of thousands of users. While the risk of ReDoS is well known in theory, in this dissertation I present the first large-scale empirical studies measuring the extent to which slow regular expressions are used in practice. I found that about 10% of real regular expressions extracted from hundreds of thousands of software projects can exhibit longer-than-expected worst-case behavior in popular programming languages including JavaScript, Python, and Ruby. Motivated by these findings, I then consider a range of ReDoS solution approaches: application refactoring, regex engine replacement, regex engine optimization, and resource caps. I report that application refactoring is error-prone, and that regex engine replacement seems unlikely due to incompatibilities between regex engines. Some resource caps are more successful than others, but all resource cap approaches struggle with adoption. My novel regex engine optimizations seem the most promising approach for protecting existing regex engines, offering significant time reductions with acceptable space overheads. Regular expressions denial of service ReDoS empirical software engineering software security
24	Selective Dropping of Rate Limiting Against Denial of Service Attacks Xia, Yu 18 May 2016 (has links) No description available. Computer Science rate limiting denial of service DoS selective dropping attack
25	Protecting Controllers against Denial-of-Service Attacks in Software-Defined Networks Li, Jingrui 07 November 2016 (has links) Connection setup in software-defined networks (SDN) requires considerable amounts of processing, communication, and memory resources. Attackers can target SDN controllers defense mechanism based on a proof-of-work protocol. This thesis proposes a new protocol to protect controllers against such attacks, shows implementation of the system and analyze the its performance. The key characteristics of this protocol, namely its one-way operation, its requirement for freshness in proofs of work, its adjustable difficulty, its ability to work withmultiple network providers, and its use of existing TCP/IP header fields, ensure that this approach can be used in practice. security denial-of-service attack defense Internet Digital Communications and Networking
26	Data-driven Estimation of Low-Power Long-Range Signal Parameters by an Unauthenticated Agent using Software Radio Keshabhoina, Tarun Rao 28 August 2023 (has links) Many large-scale distributed Multi-Agent Systems (MAS) exchange information over low- power communication networks. In such scenarios, agents communicate intermittently with each other, often with limited power and over unlicensed spectrum bands that are susceptible to interference, eavesdropping, and Denial-of-Service (DoS) attacks. In this work, we consider a popular low-power, long-range communication protocol known as LoRa. Despite LoRa's high tolerance for noise and interference, it was found vulnerable to interference from particular chirp-type signals. State-of-the-art signal jamming techniques that exploit this property require the knowledge of two sensitive parameters - Bandwidth (BW) and Spreading Factor (SF). However, such information is available only to authenticated parties on the network and not to an eavesdropping adversary. We expose LoRa's vulnerability to DoS attacks by designing an intelligent jammer that surpasses the need for prior knowledge of these parameters. Exploiting a structural pattern in LoRa signals, we propose a Neural Network (NN) implementation for jointly inferring the two parameters by eavesdropping. Through simulation and experimentation, we analyze the detection vulnerability of LoRa for each combination of these parameters at various Signal to Noise Ratio (SNR) values. This work also presents a Radio Frequency (RF) dataset of LoRa signals, which is used to validate our inference model through experimentation. / Master of Science / When many independent devices (or agents) work together in a large system, they often need to communicate with each other. They do so using low-powered networks and often in an intermittent manner. These networks operate on unlicensed radio frequencies, which are open to interference, unwanted snooping, and 'denial-of-service' attacks that could shut down communication. In our study, we focus on a popular low-power, long-distance communication protocol called LoRa. Despite being designed to handle interference and noise well, related literature revealed that LoRa is vulnerable to a specific type of interference caused by 'chirp' signals. Current techniques to jam these signals and disrupt communication require the knowledge of two important factors - bandwidth and spreading factor. Normally, only authorized parties in the network would know these details, not any outsiders looking to interfere. However, we exploit LoRa's vulnerability without knowing these two parameters. By identifying a pattern in LoRa signals, we designed an artificial intelligence model that can determine these two parameters just by listening in. We then ran simulations and conducted experiments to understand how susceptible LoRa is to being detected under various levels of signal strength and noise. We also prepared a dataset of LoRa signals and used this data to confirm the effectiveness of our model. Neural Networks Jamming LoRa Denial-of-Service Software Radio
27	Denial of service detection using dynamic time warping Diab, D.M., AsSadhan, B., Binsalleeh, H., Lambotharan, S., Kyriakopoulos, K.G., Ghafir, Ibrahim 18 April 2021 (has links) Yes / With the rapid growth of security threats in computer networks, the need for developing efficient security‐warning systems is substantially increasing. Distributed denial‐of‐service (DDoS) and DoS attacks are still among the most effective and dreadful attacks that require robust detection. In this work, we propose a new method to detect TCP DoS/DDoS attacks. Since analyzing network traffic is a promising approach, our proposed method utilizes network traffic by decomposing the TCP traffic into control and data planes and exploiting the dynamic time warping (DTW) algorithm for aligning these two planes with respect to the minimum Euclidean distance. By demonstrating that the distance between the control and data planes is considerably small for benign traffic, we exploit this characteristic for detecting attacks as outliers. An adaptive thresholding scheme is implemented by adjusting the value of the threshold in accordance with the local statistics of the median absolute deviation (MAD) of the distances between the two planes. We demonstrate the efficacy of the proposed method for detecting DoS/DDoS attacks by analyzing traffic data obtained from publicly available datasets. / The Deanship of Scientific Research, King Saud University. The Gulf Science, Innovation, and Knowledge Economy Programme of the U.K. Government Denial of Service Computer networks DoS attacks Dynamic time warping
28	Security challenges within Software Defined Networks Sund, Gabriel, Ahmed, Haroon January 2014 (has links) A large amount of today's communication occurs within data centers where a large number of virtual servers (running one or more virtual machines) provide service providers with the infrastructure needed for their applications and services. In this thesis, we will look at the next step in the virtualization revolution, the virtualized network. Software-defined networking (SDN) is a relatively new concept that is moving the field towards a more software-based solution to networking. Today when a packet is forwarded through a network of routers, decisions are made at each router as to which router is the next hop destination for the packet. With SDN these decisions are made by a centralized SDN controller that decides upon the best path and instructs the devices along this path as to what action each should perform. Taking SDN to its extreme minimizes the physical network components and increases the number of virtualized components. The reasons behind this trend are several, although the most prominent are simplified processing and network administration, a greater degree of automation, increased flexibility, and shorter provisioning times. This in turn leads to a reduction in operating expenditures and capital expenditures for data center owners, which both drive the further development of this technology. Virtualization has been gaining ground in the last decade. However, the initial introduction of virtualization began in the 1970s with server virtualization offering the ability to create several virtual server instances on one physical server. Today we already have taken small steps towards a virtualized network by virtualization of network equipment such as switches, routers, and firewalls. Common to virtualization is that it is in early stages all of the technologies have encountered trust issues and general concerns related to whether software-based solutions are as rugged and reliable as hardware-based solutions. SDN has also encountered these issues, and discussion of these issues continues among both believers and skeptics. Concerns about trust remain a problem for the growing number of cloud-based services where multitenant deployments may lead to loss of personal integrity and other security risks. As a relatively new technology, SDN is still immature and has a number of vulnerabilities. As with most software-based solutions, the potential for security risks increases. This thesis investigates how denial-of-service (DoS) attacks affect an SDN environment and a single-threaded controller, described by text and via simulations. The results of our investigations concerning trust in a multi-tenancy environment in SDN suggest that standardization and clear service level agreements are necessary to consolidate customers’ confidence. Attracting small groups of customers to participate in user cases in the initial stages of implementation can generate valuable support for a broader implementation of SDN in the underlying infrastructure. With regard to denial-of-service attacks, our conclusion is that hackers can by target the centralized SDN controller, thus negatively affect most of the network infrastructure (because the entire infrastructure directly depends upon a functioning SDN controller). SDN introduces new vulnerabilities, which is natural as SDN is a relatively new technology. Therefore, SDN needs to be thoroughly tested and examined before making a widespread deployment. / Dagens kommunikation sker till stor del via serverhallar där till stor grad virtualiserade servermiljöer förser serviceleverantörer med infrastukturen som krävs för att driva dess applikationer och tjänster. I vårt arbete kommer vi titta på nästa steg i denna virtualiseringsrevolution, den om virtualiserade nätverk. mjukvarudefinierat nätverk (eng. Software-defined network, eller SDN) kallas detta förhållandevis nya begrepp som syftar till mjukvarubaserade nätverk. När ett paket idag transporteras genom ett nätverk tas beslut lokalt vid varje router vilken router som är nästa destination för paketet, skillnaden i ett SDN nätverk är att besluten istället tas utifrån ett fågelperspektiv där den bästa vägen beslutas i en centraliserad mjukvaruprocess med överblick över hela nätverket och inte bara tom nästa router, denna process är även kallad SDN kontroll. Drar man uttrycket SDN till sin spets handlar det om att ersätta befintlig nätverksutrustning med virtualiserade dito. Anledningen till stegen mot denna utveckling är flera, de mest framträdande torde vara; förenklade processer samt nätverksadministration, större grad av automation, ökad flexibilitet och kortare provisionstider. Detta i sin tur leder till en sänkning av löpande kostnader samt anläggningskostnader för serverhallsinnehavare, något som driver på utvecklingen. Virtualisering har sedan början på 2000-talet varit på stark frammarsch, det började med servervirtualisering och förmågan att skapa flertalet virtualiserade servrar på en fysisk server. Idag har vi virtualisering av nätverksutrustning, såsom switchar, routrar och brandväggar. Gemensamt för all denna utveckling är att den har i tidigt stadie stött på förtroendefrågor och överlag problem kopplade till huruvida mjukvarubaserade lösningar är likvärdigt robusta och pålitliga som traditionella hårdvarubaserade lösningar. Detta problem är även något som SDN stött på och det diskuteras idag flitigt bland förespråkare och skeptiker. Dessa förtroendefrågor går på tvären mot det ökande antalet molnbaserade tjänster, typiska tjänster där säkerheten och den personliga integriten är vital. Vidare räknar man med att SDN, liksom annan ny teknik medför vissa barnsjukdomar såsom kryphål i säkerheten. Vi kommer i detta arbete att undersöka hur överbelastningsattacker (eng. Denial-of-Service, eller DoS-attacker) påverkar en SDN miljö och en singel-trådig kontroller, i text och genom simulering. Resultatet av våra undersökningar i ämnet SDN i en multitenans miljö är att standardisering och tydliga servicenivåavtal behövs för att befästa förtroendet bland kunder. Att attrahera kunder för att delta i mindre användningsfall (eng. user cases) i ett inledningsskede är också värdefullt i argumenteringen för en bredare implementering av SDN i underliggande infrastruktur. Vad gäller DoS-attacker kom vi fram till att det som hackare går att manipulera en SDN infrastruktur på ett sätt som inte är möjligt med dagens lösningar. Till exempel riktade attacker mot den centraliserade SDN kontrollen, slår man denna kontroll ur funktion påverkas stora delar av infrastrukturen eftersom de är i ett direkt beroende av en fungerande SDN kontroll. I och med att SDN är en ny teknik så öppnas också upp nya möjligheter för angrepp, med det i åtanke är det viktigt att SDN genomgår rigorösa tester innan större implementation. Software Defined Networks (SDN) network security denial of service distributed denial of service multi-tenancy mjukvarudefinierat nätverk nätverkssäkerhet överbelastningsattack distribuerad överbelastningsattack multitenans
29	Denial-of-service attack : A realistic implementation of a DoS attack / Denial-of-service attack : En realistisk implementering Skog Andersen, Jonas, Alderhally, Ammar January 2015 (has links) This report describes some of the most well known denial of service attacks (DoS-attacks). This will be done in the first part of the report, the second part describes an implementation of a DoS-attack. The main purpose of its first part is to closer examine common DoS-attacks, the purpose of such attacks, the protection methods that can be deployed to mitigate these attacks and the ways that are used to measure these attacks. The second part describes a implementation of a practical attack implemented using HTTP POST requests to overwhelm a web server, so called HTTP POST attack. The attack was carried out using different number of attack nodes, up to the default maximum limit for Apache web server. The attack succeeded after several attempts with different parameters. As a result of the experiments we learnt that a successful HTTP POST attack needs to take between 15% and 100% of the maximum permitted clients to make an impact on the server’s response time. The server that was attacked had no defence mechanism to protect itself against DoS-attacks. One important thing to note is that this attack is carried out in a protected environment so as not to affect the external environment. DOS DDOS Attack Denial of Service Distributed denial of service attack HTTP POST HTTP POST attack Computer Sciences Datavetenskap (datalogi)
30	DDoS: Ett evolverande fenomen / DDoS: An evolving phenomenon Andersson, Emil January 2012 (has links) Internetfenomenet ”Distributed Denial of Service”, förkortat DDoS, beskrivs ofta som ett av destörsta hoten mot Internet idag. Genom att utnyttja den grundläggande strukturen i kommunikationmellan nätverk och datorer kan kriminella blockera och stänga ute webbplatser och -tjänster frånanvändare, samtidigt som det är mycket svårt för offret och myndigheter att någonsin identifieraden eller de skyldiga. Enorma globala nätverk av ovetande människors infekterade datorer fjärrstyrstill att utföra angrepp mot alla sorters organisationer på Internet med olika motiv, som finansiella,politiska eller för ren vandalism. Syftet med det här arbetet är att göra en dagsaktuell kartläggningöver läget kring DDoS-angrepp och titta på statistik över de mest förekommande angreppstyperna,och se om den nyare publicerade forskningen kan svara på de pågående och framträdande trendersom kan ses. Sex forskningsartiklar väljs ut att jämföra med dessa trender för att se var merforskning krävs. Resultatet visar att forskningen kring försvar mot HTTP-GET-angrepp är bristande,samt att den framträdande trenden där angreppen allt oftare använder sig av olika angreppstypersamtidigt inte har undersökts. Mer öppen forskning bör riktas mot dessa bristande områden. / The Internet phenomenon ”Distributed Denial of Service”, in short DDoS, is often said to be one ofthe greatest threats to the Internet today. By abusing the foundation of inter-network and computercommunication, criminals can block and shut out websites and services from users while making itvery hard for the victim and the authorities to ever identify who was behind it. Enormous globalnetworks made up of unknowing peoples' infected computers can be remotely controlled to conductattacks against all sorts of organisations on the Internet with different motives, from financial orpolitic to sheer vandalism. The purpose of this study is to create an up-to-date mapping of thesituation of DdoS-attacks and look at statistics of the most prevalent attack types, and to check ifnewly published research can answer the current and emerging trends that can be seen. Six researcharticles are chosen to compare with these trends to see where more research is required. The resultsshow that the research around defense against HTTP-GET-attacks is lacking, and that the emergenttrend of DDoS-attacks that make use of more than one attack type at the same time has not beenexamined. More open research should be directed to these lacking areas. DDoS DoS Distributed Denial of Service Denial of Service HTTP-GET-DoS TCP-SYN-Flood Engineering and Technology Teknik och teknologier

Search results