Global ETD Search

31	Contributions to the Resilience of Peer-To-Peer Video Streaming against Denial-of-Service Attacks Nguyen, Giang T. 31 January 2017 (has links) (PDF) Um die ständig wachsenden Anforderungen zur Übertragung von Live Video Streams im Internet zu erfüllen werden kosteneffektive und resourceneffiziente Lösungen benötigt. Eine adäquate Lösung bietet die Peer-to-Peer (P2P) Streaming Architektur an, welche bereits heute in unterschiedlichsten Systemen zum Einsatz kommt. Solche Systeme erfordern von der Streaming Quelle nur moderate Bandbreiten, da die Nutzer (bzw. Peers) ihre eigene Bandbreite zur Verbreitung des Streams einbringen. Dazu werden die Peers oberhalb der Internetarchitektur zu einem Overlay verbunden. Das geplante Verlassen, sowie der ungewollte Absturz von Peers (genannt Churn) kann das Overlay schädigen und den Empfang einiger Peers unterbrechen. Weitaus kritischer sind Angriffe auf die Verfügbarkeit des Systems indem relevante Knoten des Overlays von Angreifern attackiert werden, um die Verteilung des Streams gezielt zu stören. Um Overlays zu konstruieren, die robust gegenüber Churn sind, nutzen so genannte pull-basierte P2P Streaming Systeme eine Mesh Topologie um jeden Peer über mehrere Pfade mit der Quelle zu verbinden. Peers fordern regelmäßig Teile des Videos, sog. Chunks, von ihren Partnern im Overlay an. Selbst wenn einige Partner plötzlich nicht mehr im System verfügbar sind kann ein Peer alle Chunks von den verbleibenden Nachbarn beziehen. Um dies zu ermöglichen tauschen Peers regelmäßig sog. Buffer Maps aus. Diese kleinen Pakete enthalten Informationen über die Verfügbarkeit von Chunks im Puffer eines Peers. Um dadurch entstehende Latenzen und den zusätzlichen Mehraufwand zu reduzieren wurden hybride Systeme entwickelt. Ein solches System beginnt pull-basiert und formt mit der Zeit einen Baum aus einer kleinen Untermenge aller Peers um Chunks ohne explizite Anfrage weiterzuleiten. Unglücklicherweise sind sowohl pull-basierte, als auch hybride Systeme anfällig gegenüber Denial-of-Service Angriffen (DoS). Insbesondere fehlen Maßnahmen zur Abschwächung von DoS Angriffen auf die Partner der Quelle. Die genannten Angriffe werden weiterhin dadurch erleichtert, dass die Identität der Quelle-nahen Knoten akkurat aus den ausgetauschten Buffer Maps extrahiert werden kann. Hybride Systeme sind außerdem anfällig für Angriffe auf den zugrundeliegenden Baum. Aufgrund der schwerwiegenden Auswirkungen von DoS Angriffen auf pull-basierte, sowie hybride Systeme stellen wir drei Gegenmaßnahmen vor. Zuerst entwickeln wir das Striping Schema zur Abschwächung von DoS Angriffen auf die Partner der Quelle. Hierbei werden Peers dazu angeregt ihre Chunk-Anfragen an unterschiedliche Partner zu senden. Als zweites entwickeln wir das SWAP Schema, welches Peers dazu bringt proaktiv ihre Partner zu wechseln um Angreifer daran zu hindern die Quellenahe zu identifizieren. Als drittes entwickeln wir RBCS, einen widerstandsfähigen Baum zur Abschwächung von DoS Angriffen auf hybride Systeme. Da bisher kein Simulator für die faire Evaluation von P2P-basierten Live Video Streaming Algorithmen verfügbar war, entwickeln wir OSSim, ein generalisiertes Simulations-Framework für P2P-basiertes Video Streaming. Des weiteren entwickeln wir etliche Angreifermodelle sowie neuartige Resilienzmetriken on OSSim. Ausgiebige Simulationsstudien zeigen, dass die entwickelten Schemata signifikant die Widerstandsfähigkeit von pull-basierten und hybriden Systemen gegenüber Churn und DoS Angriffen erhöhen. / The constantly growing demand to watch live videos over the Internet requires streaming systems to be cost-effective and resource-efficient. The Peer-to-Peer (P2P) streaming architecture has been a viable solution with various deployed systems to date. The system only requires a modest amount of bandwidth from the streaming source, since users (or peers) contribute their bandwidth to disseminate video streams. To enable this, the system interconnects peers into an overlay. However, churn–meaning the leaving and failing of peers–can break the overlay, making peers unable to receive the stream. More severely, an adversary aiming to sabotage the system can attack relevant nodes on the overlay, disrupting the stream delivery. To construct an overlay robust to churn, pull-based P2P streaming systems use a mesh topology to provide each peer with multiple paths to the source. Peers regularly request video chunks from their partners in the overlay. Therefore, even if some partners are suddenly absent, due to churn, a peer still can request chunks from its remaining partners. To enable this, peers periodically exchange buffer maps, small packets containing the availability information of peers’ video buffers. To reduce latency and overhead caused by the periodic buffer map exchange and chunk requests, hybrid systems have been proposed. A hybrid system bootstraps from a pull-based one and gradually forms a tree backbone consisting of a small subset of peers to deliver chunks without requests. Unfortunately, both pull-based and hybrid systems lack measures to mitigate Denial-of-Service (DoS) attacks on head nodes (or the source’s partners). More critically, they can be identified accurately by inferring exchanged buffer maps. Furthermore, hybrid systems are vulnerable to DoS attacks on their backbones. Since DoS attacks can badly affect both pull-based and hybrid systems, we introduce three countermeasures. First, we develop the striping scheme to mitigate DoS attacks targeting head nodes. The scheme enforces peers to diversify their chunk requests. Second, to prevent attackers from identifying head nodes, we develop the SWAP scheme, which enforces peers to proactively change their partners. Third, we develop RBCS, a resilient backbone, to mitigate DoS attacks on hybrid systems. Since a simulator for a fair evaluation is unavailable so far, we develop OSSim, a general-purpose simulation framework for P2P video streaming. Furthermore, we develop several attacker models and novel resilience metrics in OSSim. Extensive simulation studies show that the developed schemes significantly improve the resilient of pull-based and hybrid systems to both churn and DoS attacks. Denial-of-Service Angriffen Peer-To-Peer Video Streaming Widerstandsfähigkeit Denial-of-Service Attacks Peer-To-Peer Video Streaming Resilience ddc:004 rvk:ST 276
32	A simulation study of an application layer DDoS detection mechanism Mekhitarian, Araxi, Rabiee, Amir January 2016 (has links) Over the last couple of years the rise of application layer Distributed Denial of Service (DDoS) attacks has significantly increased. Because of this, many issues have been raised on how organizations and companies can protect themselves from intrusions and damages against their systems and services. The consequences from these attacks are many, ranging from revenue losses for companies to stolen personal data. As the technologies are evolving, application layer DDoS attacks are becoming more effective and there is not a concrete solution that entirely protects against them. This thesis focuses on the available defense mechanisms and presents a general overview of different types of application layer DDoS attacks and how they are constructed. Moreover this report provides a simulation based on one of the defense mechanisms mentioned, named CALD. The simulation tested two different application layer DDoS attacks and showed that CALD can detect and differentiate between the two attacks. This report can be used as a general information source for application layer DDoS attacks, how to detect them and how to defend against them. Furthermore the simulation can be used as a basis on how well a relatively small-scaled implementation of CALD can detect DDoS attacks on the application layer. / Under de senaste åren har ökningen av Distributed Denial of Service (DDoS) attacker på applikationslagret ökat markant. På grund av detta har många frågor uppkommit om hur organisationer och företag kan skydda sig mot intrång och skador mot sina system och tjänster. Konsekvenserna av dessa attacker är många, allt från intäktsförluster för företag till stulen personlig data. Eftersom tekniken utvecklas, har DDoS attacker på applikationslagret blivit mer effektiva och det finns inte en konkret lösning för att hindra dem. Denna rapport fokuserar på de tillgängliga försvarsmekanismer och presenterar en allmän översikt över olika typer av DDoS-attacker på applikationslagret och hur de är uppbyggda. Dessutom bidrar den här rapporten med en redovisning av en simulering baserad på en av de försvarsmekanismer som nämns i rapporten, CALD. Simuleringen testade två olika attacker på applikationslagret och visar att CALD kan upptäcka och skilja mellan de två attackerna. Denna rapport kan användas som en allmän informationskälla för DDoSattacker på applikationslagret och hur man försvarar sig mot och upptäcker dessa. Vidare kan simuleringen användas som utgångspunkt på hur väl en relativt småskalig implementering av CALD kan upptäcka DDoS-attacker på applikationslagret. Distributed Denial of Service attacks DDoS application layer detection defense Distributed Denial of Service attacks DDoS application layer detection defense Communication Systems Kommunikationssystem
33	Contributions to the Resilience of Peer-To-Peer Video Streaming against Denial-of-Service Attacks Nguyen, Giang T. 02 March 2016 (has links) Um die ständig wachsenden Anforderungen zur Übertragung von Live Video Streams im Internet zu erfüllen werden kosteneffektive und resourceneffiziente Lösungen benötigt. Eine adäquate Lösung bietet die Peer-to-Peer (P2P) Streaming Architektur an, welche bereits heute in unterschiedlichsten Systemen zum Einsatz kommt. Solche Systeme erfordern von der Streaming Quelle nur moderate Bandbreiten, da die Nutzer (bzw. Peers) ihre eigene Bandbreite zur Verbreitung des Streams einbringen. Dazu werden die Peers oberhalb der Internetarchitektur zu einem Overlay verbunden. Das geplante Verlassen, sowie der ungewollte Absturz von Peers (genannt Churn) kann das Overlay schädigen und den Empfang einiger Peers unterbrechen. Weitaus kritischer sind Angriffe auf die Verfügbarkeit des Systems indem relevante Knoten des Overlays von Angreifern attackiert werden, um die Verteilung des Streams gezielt zu stören. Um Overlays zu konstruieren, die robust gegenüber Churn sind, nutzen so genannte pull-basierte P2P Streaming Systeme eine Mesh Topologie um jeden Peer über mehrere Pfade mit der Quelle zu verbinden. Peers fordern regelmäßig Teile des Videos, sog. Chunks, von ihren Partnern im Overlay an. Selbst wenn einige Partner plötzlich nicht mehr im System verfügbar sind kann ein Peer alle Chunks von den verbleibenden Nachbarn beziehen. Um dies zu ermöglichen tauschen Peers regelmäßig sog. Buffer Maps aus. Diese kleinen Pakete enthalten Informationen über die Verfügbarkeit von Chunks im Puffer eines Peers. Um dadurch entstehende Latenzen und den zusätzlichen Mehraufwand zu reduzieren wurden hybride Systeme entwickelt. Ein solches System beginnt pull-basiert und formt mit der Zeit einen Baum aus einer kleinen Untermenge aller Peers um Chunks ohne explizite Anfrage weiterzuleiten. Unglücklicherweise sind sowohl pull-basierte, als auch hybride Systeme anfällig gegenüber Denial-of-Service Angriffen (DoS). Insbesondere fehlen Maßnahmen zur Abschwächung von DoS Angriffen auf die Partner der Quelle. Die genannten Angriffe werden weiterhin dadurch erleichtert, dass die Identität der Quelle-nahen Knoten akkurat aus den ausgetauschten Buffer Maps extrahiert werden kann. Hybride Systeme sind außerdem anfällig für Angriffe auf den zugrundeliegenden Baum. Aufgrund der schwerwiegenden Auswirkungen von DoS Angriffen auf pull-basierte, sowie hybride Systeme stellen wir drei Gegenmaßnahmen vor. Zuerst entwickeln wir das Striping Schema zur Abschwächung von DoS Angriffen auf die Partner der Quelle. Hierbei werden Peers dazu angeregt ihre Chunk-Anfragen an unterschiedliche Partner zu senden. Als zweites entwickeln wir das SWAP Schema, welches Peers dazu bringt proaktiv ihre Partner zu wechseln um Angreifer daran zu hindern die Quellenahe zu identifizieren. Als drittes entwickeln wir RBCS, einen widerstandsfähigen Baum zur Abschwächung von DoS Angriffen auf hybride Systeme. Da bisher kein Simulator für die faire Evaluation von P2P-basierten Live Video Streaming Algorithmen verfügbar war, entwickeln wir OSSim, ein generalisiertes Simulations-Framework für P2P-basiertes Video Streaming. Des weiteren entwickeln wir etliche Angreifermodelle sowie neuartige Resilienzmetriken on OSSim. Ausgiebige Simulationsstudien zeigen, dass die entwickelten Schemata signifikant die Widerstandsfähigkeit von pull-basierten und hybriden Systemen gegenüber Churn und DoS Angriffen erhöhen. / The constantly growing demand to watch live videos over the Internet requires streaming systems to be cost-effective and resource-efficient. The Peer-to-Peer (P2P) streaming architecture has been a viable solution with various deployed systems to date. The system only requires a modest amount of bandwidth from the streaming source, since users (or peers) contribute their bandwidth to disseminate video streams. To enable this, the system interconnects peers into an overlay. However, churn–meaning the leaving and failing of peers–can break the overlay, making peers unable to receive the stream. More severely, an adversary aiming to sabotage the system can attack relevant nodes on the overlay, disrupting the stream delivery. To construct an overlay robust to churn, pull-based P2P streaming systems use a mesh topology to provide each peer with multiple paths to the source. Peers regularly request video chunks from their partners in the overlay. Therefore, even if some partners are suddenly absent, due to churn, a peer still can request chunks from its remaining partners. To enable this, peers periodically exchange buffer maps, small packets containing the availability information of peers’ video buffers. To reduce latency and overhead caused by the periodic buffer map exchange and chunk requests, hybrid systems have been proposed. A hybrid system bootstraps from a pull-based one and gradually forms a tree backbone consisting of a small subset of peers to deliver chunks without requests. Unfortunately, both pull-based and hybrid systems lack measures to mitigate Denial-of-Service (DoS) attacks on head nodes (or the source’s partners). More critically, they can be identified accurately by inferring exchanged buffer maps. Furthermore, hybrid systems are vulnerable to DoS attacks on their backbones. Since DoS attacks can badly affect both pull-based and hybrid systems, we introduce three countermeasures. First, we develop the striping scheme to mitigate DoS attacks targeting head nodes. The scheme enforces peers to diversify their chunk requests. Second, to prevent attackers from identifying head nodes, we develop the SWAP scheme, which enforces peers to proactively change their partners. Third, we develop RBCS, a resilient backbone, to mitigate DoS attacks on hybrid systems. Since a simulator for a fair evaluation is unavailable so far, we develop OSSim, a general-purpose simulation framework for P2P video streaming. Furthermore, we develop several attacker models and novel resilience metrics in OSSim. Extensive simulation studies show that the developed schemes significantly improve the resilient of pull-based and hybrid systems to both churn and DoS attacks. info:eu-repo/classification/ddc/004 ddc:004
34	Security challenges within Software Defined Networks Ahmed, Haroon, Sund, Gabriel January 2014 (has links) A large amount of today's communication occurs within data centers where a large number of virtual servers (running one or more virtual machines) provide service providers with the infrastructure needed for their applications and services. In this thesis, we will look at the next step in the virtualization revolution, the virtualized network. Software-defined networking (SDN) is a relatively new concept that is moving the field towards a more software-based solution to networking. Today when a packet is forwarded through a network of routers, decisions are made at each router as to which router is the next hop destination for the packet. With SDN these decisions are made by a centralized SDN controller that decides upon the best path and instructs the devices along this path as to what action each should perform. Taking SDN to its extreme minimizes the physical network components and increases the number of virtualized components. The reasons behind this trend are several, although the most prominent are simplified processing and network administration, a greater degree of automation, increased flexibility, and shorter provisioning times. This in turn leads to a reduction in operating expenditures and capital expenditures for data center owners, which both drive the further development of this technology. Virtualization has been gaining ground in the last decade. However, the initial introduction of virtualization began in the 1970s with server virtualization offering the ability to create several virtual server instances on one physical server. Today we already have taken small steps towards a virtualized network by virtualization of network equipment such as switches, routers, and firewalls. Common to virtualization is that it is in early stages all of the technologies have encountered trust issues and general concerns related to whether software-based solutions are as rugged and reliable as hardwarebased solutions. SDN has also encountered these issues, and discussion of these issues continues among both believers and skeptics. Concerns about trust remain a problem for the growing number of cloud-based services where multitenant deployments may lead to loss of personal integrity and other security risks. As a relatively new technology, SDN is still immature and has a number of vulnerabilities. As with most software-based solutions, the potential for security risks increases. This thesis investigates how denial-of-service (DoS) attacks affect an SDN environment and a singlethreaded controller, described by text and via simulations. The results of our investigations concerning trust in a multi-tenancy environment in SDN suggest that standardization and clear service level agreements are necessary to consolidate customers’ confidence. Attracting small groups of customers to participate in user cases in the initial stages of implementation can generate valuable support for a broader implementation of SDN in the underlying infrastructure. With regard to denial-of-service attacks, our conclusion is that hackers can by target the centralized SDN controller, thus negatively affect most of the network infrastructure (because the entire infrastructure directly depends upon a functioning SDN controller). SDN introduces new vulnerabilities, which is natural as SDN is a relatively new technology. Therefore, SDN needs to be thoroughly tested and examined before making a widespread deployment. / Dagens kommunikation sker till stor del via serverhallar där till stor grad virtualiserade servermiljöer förser serviceleverantörer med infrastukturen som krävs för att driva dess applikationer och tjänster. I vårt arbete kommer vi titta på nästa steg i denna virtualiseringsrevolution, den om virtualiserade nätverk. mjukvarudefinierat nätverk (eng. Software-defined network, eller SDN) kallas detta förhållandevis nya begrepp som syftar till mjukvarubaserade nätverk. När ett paket idag transporteras genom ett nätverk tas beslut lokalt vid varje router vilken router som är nästa destination för paketet, skillnaden i ett SDN nätverk är att besluten istället tas utifrån ett fågelperspektiv där den bästa vägen beslutas i en centraliserad mjukvaruprocess med överblick över hela nätverket och inte bara tom nästa router, denna process är även kallad SDN kontroll. Drar man uttrycket SDN till sin spets handlar det om att ersätta befintlig nätverksutrustning med virtualiserade dito. Anledningen till stegen mot denna utveckling är flera, de mest framträdande torde vara; förenklade processer samt nätverksadministration, större grad av automation, ökad flexibilitet och kortare provisionstider. Detta i sin tur leder till en sänkning av löpande kostnader samt anläggningskostnader för serverhallsinnehavare, något som driver på utvecklingen. Virtualisering har sedan början på 2000-talet varit på stark frammarsch, det började med servervirtualisering och förmågan att skapa flertalet virtualiserade servrar på en fysisk server. Idag har vi virtualisering av nätverksutrustning, såsom switchar, routrar och brandväggar. Gemensamt för all denna utveckling är att den har i tidigt stadie stött på förtroendefrågor och överlag problem kopplade till huruvida mjukvarubaserade lösningar är likvärdigt robusta och pålitliga som traditionella hårdvarubaserade lösningar. Detta problem är även något som SDN stött på och det diskuteras idag flitigt bland förespråkare och skeptiker. Dessa förtroendefrågor går på tvären mot det ökande antalet molnbaserade tjänster, typiska tjänster där säkerheten och den personliga integriten är vital. Vidare räknar man med att SDN, liksom annan ny teknik medför vissa barnsjukdomar såsom kryphål i säkerheten. Vi kommer i detta arbete att undersöka hur överbelastningsattacker (eng. Denial-of-Service, eller DoS-attacker) påverkar en SDN miljö och en singel-trådig kontroller, i text och genom simulering. Resultatet av våra undersökningar i ämnet SDN i en multitenans miljö är att standardisering och tydliga servicenivåavtal behövs för att befästa förtroendet bland kunder. Att attrahera kunder för att delta i mindre användningsfall (eng. user cases) i ett inledningsskede är också värdefullt i argumenteringen för en bredare implementering av SDN i underliggande infrastruktur. Vad gäller DoS-attacker kom vi fram till att det som hackare går att manipulera en SDN infrastruktur på ett sätt som inte är möjligt med dagens lösningar. Till exempel riktade attacker mot den centraliserade SDN kontrollen, slår man denna kontroll ur funktion påverkas stora delar av infrastrukturen eftersom de är i ett direkt beroende av en fungerande SDN kontroll. I och med att SDN är en ny teknik så öppnas också upp nya möjligheter för angrepp, med det i åtanke är det viktigt att SDN genomgår rigorösa tester innan större implementation. Software Defined Networks (SDN) network security denial of service distributed denial of service multi-tenancy mjukvarudefinierat nätverk nätverkssäkerhet överbelastningsattack distribuerad överbelastningsattack multitenans Computer and Information Sciences Data- och informationsvetenskap
35	Distributed Denial of Service : Svenska bankers uppfattning om hotbilden av DDoS-attacker Macchiavello, Sabrina, Wulkan, Linnea January 2023 (has links) As the financial sector has become increasingly digitized, its vulnerability to cyberattacks has increased. Distributed Denial of Service attacks are one of the biggest threats on the internet today and has been growing steadily for the last few years. The increase applies to both the size and frequency of the attacks. DDoS-attacks have been a threat especially towards banks and therefore it is important to have a well functional cyber security strategy to withstand the attacks. This thesis investigates Swedish banks perception regarding the threat picture of DDoS-attacks against banks. As a result of a qualitative case study, Swedish banks opinion has been investigated through interviews with IT security managers at Swedish banks. The banks are considered to have effective strategies to prevent and manage DDoS-attacks but the threat of cyber attacks continues to increase. The participants mention various factors that show an increase in DDoS-attacks and the media can be an influence. The empirical material is analyzed using the National Cybersecurity Strategy (NCSS) framework developed by the European Union Agency for Cybersecurity (ENISA). Distributed Denial of Service attack Denial of Service attack överbelastningsattack finansiell sektor bank cybersäkerhet cyberhot cyberattack National Cybersecurity Strategy NCSS Information Systems
36	Enhancing the security of wireless sensor network based home automation systems Gill, Khusvinder January 2009 (has links) Home automation systems (HASs)seek to improve the quality of life for individuals through the automation of household devices. Recently, there has been a trend, in academia and industry, to research and develop low-cost Wireless Sensor Network (WSN) based HASs (Varchola et al. 2007). WSNs are designed to achieve a low-cost wireless networking solution, through the incorporation of limited processing, memory, and power resources. Consequently, providing secure and reliable remote access for resource limited WSNs, such as WSN based HASs, poses a significant challenge (Perrig et al. 2004). This thesis introduces the development of a hybrid communications approach to increase the resistance of WSN based HASs to remote DoS flooding attacks targeted against a third party. The approach is benchmarked against the dominant GHS remote access approach for WSN based HASs (Bergstrom et al. 2001), on a WSN based HAS test-bed, and shown to provide a minimum of a 58.28%, on average 59.85%, and a maximum of 61.45% increase in remote service availability during a DoS attack. Additionally, a virtual home incorporating a cryptographic based DoS detection algorithm, is developed to increase resistance to remote DoS flooding attacks targeted directly at WSN based HASs. The approach is benchmarked against D-WARD (Mirkovic 2003), the most effective DoS defence identified from the research, and shown to provide a minimum 84.70%, an average 91.13% and a maximum 95.6% reduction in packets loss on a WSN based HAS during a DoS flooding attack. Moreover, the approach is extended with the integration of a virtual home, hybrid communication approach, and a distributed denial of defence server to increase resistance to remote DoS attacks targeting the home gateway. The approach is again benchmarked against the D-WARD defence and shown to decrease the connection latency experienced by remote users by a minimum of 90.14%, an average 90.90%, and a maximum 91.88%. 621.382
37	AplicaÃÃo da anÃlise matemÃtica no rastreamento reverso do nÃmero IP para o uso em redes TCP/IP sob ataque de negaÃÃo-de-serviÃo / Application of mathematical analysis in IP number backtracking to use in TCP/IP networks under denial-of-servicfe attack. Mateus Mosca Viana 17 July 2007 (has links) O ataque por negaÃÃo de serviÃo ficou conhecido a partir do ano de 1988, tendo se tornado uma grave ameaÃa ao funcionamento das redes de computadores em todo o mundo. Quando essa modalidade de ataque estÃ em curso a vÃtima recebe um incremento tÃo intenso na demanda pelos seus recursos computacionais, que os mesmos podem se tornar indisponÃveis aos usuÃrios. A despeito de existirem outras formas de ataques a redes de computadores, a negaÃÃo-de-serviÃo tem sido alvo de particular interesse da comunidade cientÃfica dedicada no estudo da seguranÃa de redes de computadores. Isto se deve Ã simplicidade com que este ataque pode ser desferido, aliada ao seu efeito devastador. AlÃm disso, a dificuldade que a vÃtima terÃ em se defender, dependerÃ da forma como o ataque se processa, sendo as formas de ataque caracterizadas como âdiretaâ, âindiretaâ, ou âdistribuÃdaâ. Na literatura especializada em seguranÃa existem trabalhos com variadas propostas para a abordagem deste problema, sendo predominante nas mesmas o carÃter de estado-da-arte. A tendÃncia que se acentua nas propostas Ã a da uniÃo de argumentos computacionais e matemÃticos. Nesta tese sÃo analisados alguns trabalhos que apresentam contribuiÃÃes relevantes para a resoluÃÃo do problema em estudo. Junta-se a esta anÃlise a apresentaÃÃo de uma idÃia original para o tratamento do problema, utilizando conceitos e ferramentas da Teoria das VariÃveis Complexas. Com efeito, atravÃs de um mapeamento do ambiente de taque no espaÃo das variÃveis complexas, desenvolve-se um mÃtodo para a identificaÃÃo do nÃmero IP de um atacante por meio do uso do conceito de ânÃmero de rotaÃÃo de uma trajetÃria ao redor de um pontoâ. Este conceito Ã uma conseqÃÃncia do âTeorema Integral de Cauchyâ, um dos mais importantes resultados da Teoria das VariÃveis Complexas. / The denial-of-service attack was unveiled in the year of 1988 and became a serious threat to the computer networks to carry on properly, around the world. When this kind of attack is going on the victim suffers so high increment in demanding computational resources, that they may become unavailable to the true users. Despite the fact that there exist other kind of computers network attacks, the denial-of-service attack is the target of a special interest by the scientific community, dedicated to computers network security. This is due to the simplicity in starting the attack, associated with its destructive effect. The difficulty in defending against this attack grows according to it is in a form âdirectâ, âindirectâ, or âdistributedâ. In the specialized literature dealing with security there are papers with varied approaches to this problem and the main feature is the predominant state-ofart. The stressed trend in the arised proposes is the joining of mathematical and computational arguments. In this thesis some papers are analysed with considerable contributions to the problem under study. An original idea dealing with this problem, based in concepts and tools of the Theory of Complex variables, is joined to this analysis. The mapping between the attack environment and the complex variables space is the form by which one may construct a method to determine an attacker IP number, through the use of the âwindind number of a path around a pointâ. This concept is a consequence of the âCauchyâs Integral Theoremâ, one the the most important results in the Theory of complex Variables. SeguranÃa de sistemas rastreamento reverso de IP negaÃÃo-de-serviÃo. Security of systems Ip number backtracking denial-of-service. TELEINFORMATICA
38	Securing Vehicular Networks Against Denial of Service Attacks / Sécurité des réseaux VANET contre les attaques de déni de services Mejri, Mohamed Nidhal 19 May 2016 (has links) Dans cette thèse nous nous sommes intéressés à sécuriser les réseaux véhiculaires ad hoc (VANETs) contre les attaques de déni de service (DoS) jugées comme étant les plus dangereuses pour ces réseaux. Notre travail peut être subdivisé en trois grandes parties.Dans un premier temps, nous avons étudié les différentes vulnérabilités auxquelles sont exposés les VANETs, spécialement les attaques DoS. Vu notre expertise en matière de la cryptographie, nous avons exploré, dégagé et classifié des solutions possibles à une grande panoplie de brèches de sécurité VANETs. En effet, nous avons montré que la cryptographie permet de résoudre divers problèmes de sécurité VANETs. Notre première contribution dans ce sens est un algorithme de génération de clés de groupe pour les convois de véhicules. Dans notre deuxième contribution nous avons conçu deux nouvelles méthodes de détection d’attaques DoS. Dans ce contexte, notre premier algorithme de détection est basé sur la régression linéaire, la logique floue ainsi que la définition de trois nouvelles métriques spécifiques VANETs. Dans notre deuxième algorithme de détection nous avons défini une nouvelle métrique à base de l'entropie de Shannon que nous avons introduite pour la première fois pour détecter tel type d’attaques. Notre troisième contribution a été consacrée à la réaction contre les attaques une fois détectées. Pour cela, nous avons eu recourt à l'utilisation des techniques offertes par la théorie des jeux. Nous avons proposé deux jeux non-coopératifs de réaction sous forme stratégique et extensive. Pour chacune des phases de détection et de réaction, les expérimentations ont été faites essentiellement pour les attaques greedy et jamming. Nos algorithmes proposés présentent l'avantage de la rapidité, d'être exécutés par n'importe quel nœud du réseau et ne nécessitent aucune modification du protocole IEEE 802.11p utilisée comme standard de la couche MAC et PHY des réseaux véhiculaires.Au cours de ce travail, nous avons pu participer à la sécurisation des réseaux VANETs. Cependant nous jugeons qu'il reste beaucoup à faire. A savoir par exemple, l'étude des solutions cryptographiques que nous avons menée nous a permis de découvrir à quel point l'usage de la cryptographie pour la sécurité des VANETs est un sujet assez vaste et qui nécessite d'être encore mieux exploré. Ceci constituera pour nous une ouverture assez prometteuse. / In this thesis we interested in securing Vehicular Ad hoc Networks (VANETs) against Denial of Service attacks (DoS) judged to be the most dangerous attacks to such networks. Our work can be divided into three main parts. First, we studied all the various possible existing vulnerabilities to which are exposed VANETs, we focused especially on denial of service attacks. Based on our expertise in cryptography, we explored, identified and classified the possible solutions to a wide range of VANET security breaches from a cryptographic point of view. Indeed, we showed that cryptography with its primitives and fairly powerful tools solves many VANET security problems. Our first contribution in this direction is a secure group key generation algorithm for VANET platoons. In our second contribution, we have developed two new techniques to detect denial of service attacks in VANET networks mainly characterized by the high mobility and frequent disconnections which considerably complicate the detection. Our first detection algorithm is based on the linear regression mathematical concept, fuzzy logic and three newly defined VANET appropriate metrics. In our second algorithm we define a new Shannon Entropy based metric that we introduced for the first time to detect DoS attacks in VANET. Our third contribution was devoted to the reaction against the detected attacks. For that, we used the techniques offered by game theory. We have proposed two non-cooperative reaction games in strategic and extensive forms. For both detection and reaction proposed schemes, experiments were made essentially for the greedy behavior and jamming attacks. All our proposed algorithms present the advantage of rapidity, to be executed by any node of the network and do not require any modification of the 802.11p MAC layer protocol used as a standard for VANETs. In this work, we have participated in securing VANETs, however we believe that much remains to be done. Namely, for example the study of cryptographic solutions we have conducted, allowed us to discover how the use of cryptography for VANET security is a fairly broad topic which needs to be better explored. This will be for us a very promising subject. Réseaux véhiculaires Ad hoc (VANETs) Deni de service (DoS) Cryptographie Securing Vehicular Denial of Service Cryptographiy
39	Transparently Improving Quality of Service of Modern Applications Yang, Yudong January 2019 (has links) Improving end-to-end Quality of Service (QoS) in existing network systems is a fundamental problem, as it can be affected by many factors, including congestion, packet scheduling, attacks, and air-time allocation. This dissertation addresses QoS in two critical environments: home WiFi and cloud networks. In home networks, we focus on improving QoS over WiFi networks, the dominant means for home Internet access. Three major reasons for end-to-end QoS efforts fail in WiFi networks are its: 1) inherent wireless channel characteristics, 2) approach to access control of the shared broadcast channel, and 3) impact on transport layer protocols, such as TCP, that operate end-to-end, and over-react to the loss or delay caused by the single WiFi link. We present our cross-layer design, Virtual Wire, leveraging the philosophy of centralization in modern networking to address the problem at the point of entry/egress into the WiFi network. Based on network conditions measured from buffer sizes, airtime, and throughput, flows are scheduled to the optimal utility. Unlike most existing WiFi QoS approaches, our design only relies on transparent modifications, requiring no changes to the network (including link layer) protocols, applications, or user intervention. Through extensive experimental investigation, we show that our design significantly enhances the reliability and predictability of WiFi performance, providing a ``virtual wire''-like link to the targeted application. In cloud networks, we explore mechanisms to improve availability during DDoS attacks. The availability of cloud servers is impacted when excessive loads induced by DDoS attacks cause the servers to crash or respond too slowly to legitimate session requests. We model and analyze the effectiveness of a shuffling mechanism: the periodic, randomized re-assignment of users to servers. This shuffling mechanism not only complicates malicious users’ abilities to target specific servers but also, over time, allows a system to identify who the malicious users are. We design and evaluate improved classifiers which can, with statistical accuracy and well-defined levels of confidence, identify malicious users. We also propose and explore the effectiveness of a two-tiered system in which servers are partitioned in two, where one partition serves only ”filtered” users who have demonstrated non-malicious behavior. Our results show how shuffling with these novel classifiers can improve the QoS of the system, which is evaluated by the survival probability, the probability of a legitimate session not being affected by attacks. Computer science Quality of service (Computer networks) Cloud computing Wireless Internet Denial of service attacks
40	An Ontological Approach to SIP DoS Detection Fischer, Anja, Blacher, Zak January 2010 (has links) <p>Traditional public switched telephone networks (PSTN) are replaced more and more by VoIP services these days. Although it is good for saving costs, the disadvantage of this development is that VoIP networks are less secure than the traditional way of transmitting voice. Because VoIP networks are being deployed in open environments and rely on other network services, the VoIP service itself becomes vulnerable to potential attacks against its infrastructure or other services it relies on.</p><p>This thesis will present a discussion of security issues of the Session Initiation Protocol (SIP), the signalling protocol for VoIP services. The main focus is on active attacks against the protocol that aim to reduce the service's availability -- so called Denial of Service (DoS) attacks.</p><p>Existing countermeasures and detection schemes do not adequately differentiate between DoS attacks. However, the differentiation is important with respect to performance loss, as various protection schemes involve more computationally intensive processes.</p><p>Based on that discussion, this thesis attempts to provide an ontological approach to describing, and eventually preventing attacks from having their intended effects.</p> SIP VoIP DoS Denial of Service Ontology Computer science Datalogi Telecommunication Telekommunikation

Search results