Global ETD Search

91	Service Availability in Cloud Computing : Threats and Best Practices Adegoke, Adekunle, Osimosu, Emmanuel January 2013 (has links) Cloud computing provides access to on-demand computing resources and storage space, whereby applications and data are hosted with data centers managed by third parties, on a pay-per-use price model. This allows organizations to focus on core business goals instead of managing in-house IT infrastructure. However, as more business critical applications and data are moved to the cloud, service availability is becoming a growing concern. A number of recent cloud service disruptions have questioned the reliability of cloud environments to host business critical applications and data. The impact of these disruptions varies, but, in most cases, there are financial losses and damaged reputation among consumers. This thesis aims to investigate the threats to service availability in cloud computing and to provide some best practices to mitigate some of these threats. As a result, we identified eight categories of threats. They include, in no particular order: power outage, hardware failure, cyber-attack, configuration error, software bug, human error, administrative or legal dispute and network dependency. A number of systematic mitigation techniques to ensure constant availability of service by cloud providers were identified. In addition, practices that can be applied by cloud customers and users of cloud services, to improve service availability were presented. service availability high availability service failure service disruption cloud computing cloud outage denial of service security disaster recovery. Computer Sciences Datavetenskap (datalogi)
92	DNS traffic based classifiers for the automatic classification of botnet domains Stalmans, Etienne Raymond January 2014 (has links) Networks of maliciously compromised computers, known as botnets, consisting of thousands of hosts have emerged as a serious threat to Internet security in recent years. These compromised systems, under the control of an operator are used to steal data, distribute malware and spam, launch phishing attacks and in Distributed Denial-of-Service (DDoS) attacks. The operators of these botnets use Command and Control (C2) servers to communicate with the members of the botnet and send commands. The communications channels between the C2 nodes and endpoints have employed numerous detection avoidance mechanisms to prevent the shutdown of the C2 servers. Two prevalent detection avoidance techniques used by current botnets are algorithmically generated domain names and DNS Fast-Flux. The use of these mechanisms can however be observed and used to create distinct signatures that in turn can be used to detect DNS domains being used for C2 operation. This report details research conducted into the implementation of three classes of classification techniques that exploit these signatures in order to accurately detect botnet traffic. The techniques described make use of the traffic from DNS query responses created when members of a botnet try to contact the C2 servers. Traffic observation and categorisation is passive from the perspective of the communicating nodes. The first set of classifiers explored employ frequency analysis to detect the algorithmically generated domain names used by botnets. These were found to have a high degree of accuracy with a low false positive rate. The characteristics of Fast-Flux domains are used in the second set of classifiers. It is shown that using these characteristics Fast-Flux domains can be accurately identified and differentiated from legitimate domains (such as Content Distribution Networks exhibit similar behaviour). The final set of classifiers use spatial autocorrelation to detect Fast-Flux domains based on the geographic distribution of the botnet C2 servers to which the detected domains resolve. It is shown that botnet C2 servers can be detected solely based on their geographic location. This technique is shown to clearly distinguish between malicious and legitimate domains. The implemented classifiers are lightweight and use existing network traffic to detect botnets and thus do not require major architectural changes to the network. The performance impact of implementing classification of DNS traffic is examined and it is shown that the performance impact is at an acceptable level. Denial of service attacks -- Research Computer security -- Research Malware (Computer software) Spam (Electronic mail) Phishing Command and control systems
93	A Targeted Denial of Service Attack on Data Caching Networks Gouge, Jeffrey B 01 January 2015 (has links) With the rise of data exchange over the Internet, information-centric networks have become a popular research topic in computing. One major research topic on Information Centric Networks (ICN) is the use of data caching to increase network performance. However, research in the security concerns of data caching networks is lacking. One example of a data caching network can be seen using a Mobile Ad Hoc Network (MANET). Recently, a study has shown that it is possible to infer military activity through cache behavior which is used as a basis for a formulated denial of service attack (DoS) that can be used to attack networks using data caching. Current security issues with data caching networks are discussed, including possible prevention techniques and methods. A targeted data cache DoS attack is developed and tested using an ICN as a simulator. The goal of the attacker would be to fill node caches with unpopular content, thus making the cache useless. The attack would consist of a malicious node that requests unpopular content in intervals of time where the content would have been just purged from the existing cache. The goal of the attack would be to corrupt as many nodes as possible without increasing the chance of detection. The decreased network throughput and increased delay would also lead to higher power consumption on the mobile nodes, thus increasing the effects of the DoS attack. Various caching polices are evaluated in an ICN simulator program designed to show network performance using three common caching policies and various cache sizes. The ICN simulator is developed using Java and tested on a simulated network. Baseline data are collected and then compared to data collected after the attack. Other possible security concerns with data caching networks are also discussed, including possible smarter attack techniques and methods. Thesis University of North Florida UNF Security Information Centric Networks Data Caching Denial of Service DoS Computer Engineering
94	Systém pro testování odolnosti komunikační jednotky LAN dálkového sběru dat / System for testing the robustness of communication unit LAN of remote data acquisition Mlýnek, Petr January 2008 (has links) Remote data collection systems are widely used. One of the area is also data collection in energetics, where the energy consumption can be collected daily and presented to users on-line. The advantage of the remote data collection is possibility of frequent readings without a physical presence at the electrometers. The data transmission over the Internet can be subject of various attacks, which is the disadvantage. The understanding of attack method is the most important thing. The protection against the hackers is not complicated, but requires lot of attention. This master's thesis is focused on testing security of the communication unit LAN of remote data acquisition against attacks from the Internet. The next aim of this thesis is to describe algorithm of particular attack, needed recourses for their realization and method of their measurement and evaluation. Communication unit and component composition for attacks simulation is described in the first part of this thesis. The next part is focused on scanning for hosts and ports. The main part of this thesis is focused on the denial of service attacks and man in the middle attacks. In the end of my thesis is described selection of cryptographic system for remote data acquisition and is showed possibility of authentication mirroring. Problems of physical security are described too. The result of this thesis is script implementing all attacks, which are described.
95	Zabezpečení Open source PBX proti útokům / Open source PBX security against attacks Orsák, David January 2012 (has links) This master's thesis deals with open source PBX security against security attacks. In the theoretical part is detailed description of problematic about attacks that could be used on VoIP systems with high focus on the Denial of Service attack. Furthermore are in theoretical part described methods of security of initialization protocol SIP. Individual chapter is devoted to intrusion detection and prevention of IDS and IPS systems, focusing on Snort and OSSEC. In the practical part of the work was created generator of attacks against various PBX systems, which was subsequently used for detailed testing. Special tests of PBX system are then used against DoS attacks, for which was created protection in form of active elements consisting of IDS Snort & OSSEC. These are capable to provide protection in real-time. The protection was tested on particular PBX systems and in matter of comparison were measured possibilities before and after of security implementation. The output of this work is attacks generator VoIPtester and creation of configuration rules for Snort and OSSEC.
96	Analýza a demonstrace vybraných IPv6 útoků / An Analysis of Selected IPv6 Network Attacks Pivarník, Jozef January 2013 (has links) This master's thesis analyses and demonstrates selected IPv6 attacks including two Man-in-the-Middle attacks and one Denial of Service attack - Rogue Router Advertisement, Neighbor Cache Poisoning and Duplicate Address Detection DoS, respectively. In the first part the author presents necessary information related to the issue and provides detailed information on how to realize these attacks in practice using publicly available tools. The second part of the thesis presents various ways of mitigating presented attacks, analyses implementations of some of those countermeasures on Cisco and H3C devices and discussess their applicability.
97	The design of an effective extreme controller mechanism scheme for software defined cognitive radio network Sibanda, Brian January 2021 (has links) Thesis( M. A. (Computer Science)) -- University of Limpopo , 2021 / In Software Defined Cognitive Radio Network (SDCRN), network security is a significant issue. This issue arises when Software Defined Network (SDN) architecture integrates with the Cognitive Radio Network (CRN) technology. SDN is designed to improve network resource management, while CRN technology is meant at improving spectrum management. These technologies are vulnerable to several malicious attacks. These attacks include Distributed Denial of Service (DDoS) and Primary User Emulation (PUE). Both the DDoS and PUE can be disrupt services in the SDCRN. To curb these attacks, schemes which hardens the security of SDCRN need to be designed. Thus, in this study we propose a security mechanism called Extreme_Controller_Mechanism (XCM) that reduce the effects of DDoS and PUE. The proposed XCM scheme was designed and evaluated in three simulation environment, the OMNeT++, Octave, and MATLAB simulators. The SDCRN data set was generated using the Neural Network back propagation algorithms. The data set was then used in Matlab to evaluate the effectiveness of the prosed XCM scheme. XCM proved to be effective and efficient at detection and prevention of DDoS and PUE attacks in SDCRN. In terms of memory and processor utilisation, XCM proved to the best when compared to other schemes such as the Advanced Support Vector Machine (ASVM) and deep learning convolution network (CDLN). But in terms of detection time, the ASVM was found to be the best performing scheme. Regarding our test for detection rate, false positive and false negative, the XCM, ASVM and CDLM performed the same. The results of the XCM were therefore the best and superior to the ASVM and CDLM. This can be attributed to the fact that the XCM scheme is optimised for DDoS and PUE attacks. We can therefore conclude that our XCM scheme is the best performing scheme compared to the ASVM and CDLN schemes. Software defined cognitive radio network Distributed denial of service Primary user emulation Computer networks -- Security measures
98	Policy-driven autonomic cyberdefense using software-defined networking / Cyberdefense autonome pilotée par règles à l'aide d'un réseau défini par logiciel Sahay, Rishikesh 14 November 2017 (has links) Les attaques cybernétiques causent une perte importante non seulement pour les utilisateurs finaux, mais aussi pour les fournisseurs de services Internet (FAI). Récemment, les clients des FAI ont été la cible numéro un de cyber-attaques telles que les attaques par déni de service distribué (DDoS). Ces attaques sont favorisées par la disponibilité généralisée outils pour lancer les attaques. Il y a donc un besoin crucial de contrer ces attaques par des mécanismes de défense efficaces. Les chercheurs ont consacré d’énormes efforts à la protection du réseau contre les cyber-attaques. Les méthodes de défense contiennent d’abord un processus de détection, complété par l’atténuation. Le manque d’automatisation dans tout le cycle de détection à l’atténuation augmente les dégâts causés par les cyber-attaques. Cela provoque des configurations manuelles de périphériques l’administrateur pour atténuer les attaques affectent la disponibilité du réseau. Par conséquent, il est nécessaire de compléter la boucle de sécurité avec un mécanisme efficace pour automatiser l’atténuation. Dans cette thèse, nous proposons un cadre d’atténuation autonome pour atténuer les attaques réseau qui visent les ressources du réseau, comme par les attaques exemple DDoS. Notre cadre fournit une atténuation collaborative entre le FAI et ses clients. Nous utilisons la technologie SDN (Software-Defined Networking) pour déployer le cadre d’atténuation. Le but de notre cadre peut se résumer comme suit : d’abord, les clients détectent les attaques et partagent les informations sur les menaces avec son fournisseur de services Internet pour effectuer l’atténuation à la demande. Nous développons davantage le système pour améliorer l’aspect gestion du cadre au niveau l’ISP. Ce système effectue l’extraction d’alertes, l’adaptation et les configurations d’appareils. Nous développons un langage de politique pour définir la politique de haut niveau qui se traduit par des règles OpenFlow. Enfin, nous montrons l’applicabilité du cadre par la simulation ainsi que la validation des tests. Nous avons évalué différentes métriques QoS et QoE (qualité de l’expérience utilisateur) dans les réseaux SDN. L’application du cadre démontre son efficacité non seulement en atténuant les attaques pour la victime, mais aussi en réduisant les dommages causés au trafic autres clients du FAI / Cyber attacks cause significant loss not only to end-users, but also Internet Service Providers (ISP). Recently, customers of the ISP have been the number one target of the cyber attacks such as Distributed Denial of Service attacks (DDoS). These attacks are encouraged by the widespread availability of tools to launch the attacks. So, there is a crucial need to counter these attacks (DDoS, botnet attacks, etc.) by effective defense mechanisms. Researchers have devoted huge efforts on protecting the network from cyber attacks. Defense methodologies first contains a detection process, completed by mitigation. Lack of automation in the whole cycle of detection to mitigation increase the damage caused by cyber attacks. It requires manual configurations of devices by the administrator to mitigate the attacks which cause the network downtime. Therefore, it is necessary to close the security loop with an efficient mechanism to automate the mitigation process. In this thesis, we propose an autonomic mitigation framework to mitigate attacks that target the network resources. Our framework provides a collaborative mitigation strategy between the ISP and its customers. The implementation relies on Software-Defined Networking (SDN) technology to deploy the mitigation framework. The contribution of our framework can be summarized as follows: first the customers detect the attacks and share the threat information with its ISP to perform the on-demand mitigation. We further develop the system to improve the management aspect of the framework at the ISP side. This system performs the alert extraction, adaptation and device configurations. We develop a policy language to define the high level policy which is translated into OpenFlow rules. Finally, we show the applicability of the framework through simulation as well as testbed validation. We evaluate different QoS and QoE (quality of user experience) metrics in SDN networks. The application of the framework demonstrates its effectiveness in not only mitigating attacks for the victim, but also reducing the damage caused to traffic of other customers of the ISP Cyberdéfense autonome Réseau défini par logiciel Attaques par déni de service Gestion de réseau à base de règles OpenFlow Autonomic cyberdefense Software defined networking Denial of service attacks Policy based network management OpenFlow
99	Threats and Mitigation of DDoS Cyberattacks Against the U.S. Power Grid via EV Charging Morrison, Glenn Sean 30 August 2018 (has links) No description available. Computer Engineering Computer Science DDoS Distributed Denial of Service DDoS Cyberattacks United States power grid electric vehicle EV EV Charging cyberattack cyber threat
100	Adaptive Counteraction Against Denial of Service Attack / Adaptiv Motverkan mot Denial of Service Attack Atiiq, Syafiq Al January 2017 (has links) The Internet of Things (IoT) is the next generation of networked society where billions of, everyday-life, devices are directly connected to the Internet and able to communicate with each other. In particular, the Constrained Application Protocol (CoAP) has become the de-facto IoT standard for communication at the application layer, as a lightweight web transfer protocol affordable also for resource-constrained platforms. However, as IoT devices are directly connected to the Internet, they are especially vulnerable to a number of security attacks including Denial of Service (DoS), which can seriously worsen their performance and responsiveness, and even make them totally unavailable to serve legitimate requests. In this Master's Thesis project, we have developed a cross-layer and context-aware approach that adaptively counteracts DoS attacks against CoAP server devices, by dynamically adjusting their operative state according to the attack intensity. This considerably limits the impact of DoS attacks and preserves service availability of victim devices to the best possible extent. The proposed approach leverages a trusted Proxy that adaptively shields victim devices, while effectively forwarding and caching messages if needed. We have made a proof-of-concept implementation of our solution for the Californium framework and the CoAP protocol, and experimentally evaluated its effectiveness in counteracting DoS and preserving availability of devices under attack. This Master's Thesis project has been conducted in collaboration with RISE SICS, a research institute for applied information and communication technology in Sweden. / Sakernas Internet (IoT) är nästa generations nätverkssamhälle där miljarder av, vardagliga, enheter är direkt anslutna till Internet och har möjlighet att kommunicera med varandra. Särskilt har CoAP, ett lättviktsprotokoll för webbtrafik som även fungerar för plattformar med begränsade resurser, blivit Sakernas Internets standard för kommunikation på applikationslagret. Men eftersom IoT-enheter är direkt anslutna till Internet så är de också speciellt utsatta för ett antal säkerhetsattacker, inklusive DoS, som kan försämra deras prestanda och mottaglighet avsevärt och i värsta fall göra dem helt otillgängliga för legitima förfrågningar. I detta examensarbete har vi utvecklat en lageröverskridande och kontextmedveten metod som adaptivt motverkar DoS attacker mot CoAP serverenheter genom att dynamiskt anpassa enhetens operativa tillstånd i enlighet med attackintensiteten. Detta begränsar DoS-attackers påverkan på enheterna avsevärt samtidigt som det bibehåller tillgänglighet för tjänster på utsatta enheter till största möjliga utsträckning. Den föreslagna metoden utnyttjar en betrodd proxy som adaptivt skyddar utsatta enheter, samtidigt som den effektivt vidarebefordrar och sparar meddelanden om så behövs. I detta arbete har vi skapat en proof of concept-implementation av vår lösning för Californium-ramverket och CoAP protokollet. Arbetet har utvärderats experimentellt för att undersöka lösningens effektivitet när det gäller att motarbeta DoS-attacker samt hur den bibehåller enheters tillgänglighet under attacker. Detta uppsatsprojekt har utförts i samarbete med RISE SICS som är ett forskningsinstitut för tillämpad informations- och kommunikationsteknik i Sverige. Security Denial of Service Adaptive Counteraction Cross-Layer CoAP Internet of Things. Säkerhet Överbelastningsattacker Adaptiv Motverkan Lageröverskridande CoAP Sakernas Internet Communication Systems Kommunikationssystem Telecommunications Telekommunikation

Search results