Global ETD Search

1	Intrusion Detection on Distributed Attacks Cheng, Wei-Cheng 29 July 2003 (has links) The number of significant security incidents tends to increase day by day in recent years. The distributed denial of service attacks and worm attacks extensively influence the network and cause serious damages. In the thesis, we analyze these two critical distributed attacks. We propose an intrusion detection approach against this kind of attacks and implement an attack detection system based on the approach. We use anomaly detection of intrusion detecting techniques and observed the anomalous distribution of packet fields to perform the detection. The proposed approach records the characteristics of normal traffic volumes so that to make detections more flexible and more precise. Finally, we evaluated our approach by experiments. distributed denial of service attack worm intrusion detection
2	Web-based Botnet Detection Based on Flow Information Tsai, Yu-Chou 08 September 2009 (has links) Botnet is a combination of Cyber Attack, infection, and dissemination. Cross the Internet, the infected hosts might launch DDoS (Distributed Denial-of-Service) Attack, become a proxy sending SPAM according to commands from botmasters via some public services such as IRC, P2P or Web (HTTP) protocol. Among these command and control channel, Web-based Botnet is much difficult to detect because the command and control messages of Web-based Botnet are spread through HTTP protocol and hide behind normal Flows. In this research, we focus on analysis and detection of Web-based Botnet, detection by features - Timeslot, calculation of NetFlow, B2S(Bot to Server) and S2B(Server to Bot) of Web-based Botnet. The experimental result shows the proposed approach which uses the features mention above is good in many different topology designs. In addition, we also got nice detection rate in real network design. DDoS(Distributed Denial-of-Service) Web-based Botnet
3	DDoS : -Vad är det och går det att skydda sig? Eriksson, Tomas, Joelsson, Hans January 2006 (has links) <p>This paper will expose the serious phenonomen Distributed Denial of Service (DDoS). Businesses without a good security policy are easy targets for attackers. We will cover why its hard to protect yourself, present previous attacks and ways for individuals and businesses to secure themselves. We have based our paper on previous cases and done intervjues with companies who specialize in dealing with these kind of threats. Then come up with guidelines wich will be helpful for businesses when they want to strengthen there security against Distributed Denial of Service-attacks.</p> / <p>Detta arbete upplyser om hur allvarligt fenomenet Distributed Denial of Service (DDoS) är. Företag utan ett väl fungerande säkerhetstänkande kan råka riktigt illa ut vid en DDoS-attack. Vi kommer att berätta om problemet och ta upp tidigare attacker samt förslag på åtgärder för att öka säkerheten för både privatpersoner och företag. Vi kommer att utgå från tidigare Case om DDoS och intervjua säkerhetsföretag för att kunna framställa en skyddsstrategi. Därmed hoppas vi att vår uppsats kommer att vara till hjälp för företag som står inför valet att öka säkerheten mot Distributed Denial of Service.</p> Distributed Denial Of Service Belastningsattack Informatics Informatik
4	Packet Simulation of Distributed Denial of Service (DDoS) Attack and Recovery Khanal, Sandarva, Lynton, Ciara 10 1900 (has links) ITC/USA 2013 Conference Proceedings / The Forty-Ninth Annual International Telemetering Conference and Technical Exhibition / October 21-24, 2013 / Bally's Hotel & Convention Center, Las Vegas, NV / Distributed Denial of Service (DDoS) attacks have been gaining popularity in recent years. Most research developed to defend against DDoS attacks have focused on analytical studies. However, because of the inherent nature of a DDoS attack and the scale of a network involved in the attack, analytical simulations are not always the best way to study DDoS attacks. Moreover, because DDoS attacks are considered illicit, performing real attacks to study their defense mechanisms is not an alternative. For this reason, using packet/network simulators, such as OPNET Modeler, is the best option for research purposes. Detection of an ongoing DDoS attack, as well as simulation of a defense mechanism against the attack, is beyond the scope of this paper. However, this paper includes design recommendations to simulate an effective defense strategy to mitigate DDoS attacks. Finally, this paper introduces network links failure during simulation in an attempt to demonstrate how the network recovers during and following an attack. Distributed Denial of Service Network Simulation OPNET Modeler
5	DDoS detection based on traffic self-similarity Brignoli, Delio January 2008 (has links) Distributed denial of service attacks (or DDoS) are a common occurrence on the internet and are becoming more intense as the bot-nets, used to launch them, grow bigger. Preventing or stopping DDoS is not possible without radically changing the internet infrastructure; various DDoS mitigation techniques have been devised with different degrees of success. All mitigation techniques share the need for a DDoS detection mechanism. DDoS detection based on trafﬁc self-similarity estimation is a relatively new approach which is built on the notion that undis- turbed network trafﬁc displays fractal like properties. These fractal like properties are known to degrade in presence of abnormal trafﬁc conditions like DDoS. Detection is possible by observing the changes in the level of self-similarity in the trafﬁc ﬂow at the target of the attack. Existing literature assumes that DDoS trafﬁc lacks the self-similar properties of undisturbed trafﬁc. We show how existing bot- nets could be used to generate a self-similar trafﬁc ﬂow and thus break such assumptions. We then study the implications of self-similar attack trafﬁc on DDoS detection. We ﬁnd that, even when DDoS trafﬁc is self-similar, detection is still possible. We also ﬁnd that the trafﬁc ﬂow resulting from the superimposition of DDoS ﬂow and legitimate trafﬁc ﬂow possesses a level of self-similarity that depends non-linearly on both relative trafﬁc intensity and on the difference in self-similarity between the two incoming ﬂows.
6	DDoS detection based on traffic self-similarity Brignoli, Delio January 2008 (has links) Distributed denial of service attacks (or DDoS) are a common occurrence on the internet and are becoming more intense as the bot-nets, used to launch them, grow bigger. Preventing or stopping DDoS is not possible without radically changing the internet infrastructure; various DDoS mitigation techniques have been devised with different degrees of success. All mitigation techniques share the need for a DDoS detection mechanism. DDoS detection based on trafﬁc self-similarity estimation is a relatively new approach which is built on the notion that undis- turbed network trafﬁc displays fractal like properties. These fractal like properties are known to degrade in presence of abnormal trafﬁc conditions like DDoS. Detection is possible by observing the changes in the level of self-similarity in the trafﬁc ﬂow at the target of the attack. Existing literature assumes that DDoS trafﬁc lacks the self-similar properties of undisturbed trafﬁc. We show how existing bot- nets could be used to generate a self-similar trafﬁc ﬂow and thus break such assumptions. We then study the implications of self-similar attack trafﬁc on DDoS detection. We ﬁnd that, even when DDoS trafﬁc is self-similar, detection is still possible. We also ﬁnd that the trafﬁc ﬂow resulting from the superimposition of DDoS ﬂow and legitimate trafﬁc ﬂow possesses a level of self-similarity that depends non-linearly on both relative trafﬁc intensity and on the difference in self-similarity between the two incoming ﬂows.
7	DDoS : -Vad är det och går det att skydda sig? Eriksson, Tomas, Joelsson, Hans January 2006 (has links) This paper will expose the serious phenonomen Distributed Denial of Service (DDoS). Businesses without a good security policy are easy targets for attackers. We will cover why its hard to protect yourself, present previous attacks and ways for individuals and businesses to secure themselves. We have based our paper on previous cases and done intervjues with companies who specialize in dealing with these kind of threats. Then come up with guidelines wich will be helpful for businesses when they want to strengthen there security against Distributed Denial of Service-attacks. / Detta arbete upplyser om hur allvarligt fenomenet Distributed Denial of Service (DDoS) är. Företag utan ett väl fungerande säkerhetstänkande kan råka riktigt illa ut vid en DDoS-attack. Vi kommer att berätta om problemet och ta upp tidigare attacker samt förslag på åtgärder för att öka säkerheten för både privatpersoner och företag. Vi kommer att utgå från tidigare Case om DDoS och intervjua säkerhetsföretag för att kunna framställa en skyddsstrategi. Därmed hoppas vi att vår uppsats kommer att vara till hjälp för företag som står inför valet att öka säkerheten mot Distributed Denial of Service. Distributed Denial Of Service Belastningsattack Information Systems
8	A simulation study of an application layer DDoS detection mechanism Mekhitarian, Araxi, Rabiee, Amir January 2016 (has links) Over the last couple of years the rise of application layer Distributed Denial of Service (DDoS) attacks has significantly increased. Because of this, many issues have been raised on how organizations and companies can protect themselves from intrusions and damages against their systems and services. The consequences from these attacks are many, ranging from revenue losses for companies to stolen personal data. As the technologies are evolving, application layer DDoS attacks are becoming more effective and there is not a concrete solution that entirely protects against them. This thesis focuses on the available defense mechanisms and presents a general overview of different types of application layer DDoS attacks and how they are constructed. Moreover this report provides a simulation based on one of the defense mechanisms mentioned, named CALD. The simulation tested two different application layer DDoS attacks and showed that CALD can detect and differentiate between the two attacks. This report can be used as a general information source for application layer DDoS attacks, how to detect them and how to defend against them. Furthermore the simulation can be used as a basis on how well a relatively small-scaled implementation of CALD can detect DDoS attacks on the application layer. / Under de senaste åren har ökningen av Distributed Denial of Service (DDoS) attacker på applikationslagret ökat markant. På grund av detta har många frågor uppkommit om hur organisationer och företag kan skydda sig mot intrång och skador mot sina system och tjänster. Konsekvenserna av dessa attacker är många, allt från intäktsförluster för företag till stulen personlig data. Eftersom tekniken utvecklas, har DDoS attacker på applikationslagret blivit mer effektiva och det finns inte en konkret lösning för att hindra dem. Denna rapport fokuserar på de tillgängliga försvarsmekanismer och presenterar en allmän översikt över olika typer av DDoS-attacker på applikationslagret och hur de är uppbyggda. Dessutom bidrar den här rapporten med en redovisning av en simulering baserad på en av de försvarsmekanismer som nämns i rapporten, CALD. Simuleringen testade två olika attacker på applikationslagret och visar att CALD kan upptäcka och skilja mellan de två attackerna. Denna rapport kan användas som en allmän informationskälla för DDoSattacker på applikationslagret och hur man försvarar sig mot och upptäcker dessa. Vidare kan simuleringen användas som utgångspunkt på hur väl en relativt småskalig implementering av CALD kan upptäcka DDoS-attacker på applikationslagret. Distributed Denial of Service attacks DDoS application layer detection defense Distributed Denial of Service attacks DDoS application layer detection defense Communication Systems Kommunikationssystem
9	Αναγνώριση επιθέσεων DDoS σε δίκτυα υπολογιστών Δαμπολιάς, Ιωάννης 16 May 2014 (has links) Στόχος της εργασίας είναι η μελέτη των κατανεμημένων επιθέσεων άρνησης υπηρεσίας σε δίκτυα υπολογιστών καθώς και οι τρόποι αντιμετώπισής και αναγνώρισής τους με χρήση νευρωνικού δικτύου. / The aim of this work is the study of distributed denial of service attacks on computer networks. Analyze the methods of DDoS attacks as well as how to deal and recognize them by using neural network. Δίκτυα υπολογιστών 005.8 Computer networks Distributed denial of service (DDoS)
10	Προστασία συστημάτων από κατανεμημένες επιθέσεις στο Διαδίκτυο / Protecting systems from distributed attacks on the Internet Στεφανίδης, Κυριάκος 17 March 2014 (has links) Η παρούσα διατριβή πραγματεύεται το θέμα των κατανεμημένων επιθέσεων άρνησης υπηρεσιών στο Διαδίκτυο. Αναλύει τα υπάρχοντα συστήματα αντιμετώπισης και τα εργαλεία που χρησιμοποιούνται για την εξαπόλυση τέτοιου είδους επιθέσεων. Μελετά τον τρόπο που οργανώνονται οι επιθέσεις και παρουσιάζει την αρχιτεκτονική και την υλοποίηση ενός πρωτότυπου συστήματος ανίχνευσης των πηγών μιας κατανεμημένης επίθεσης άρνησης υπηρεσιών, καθώς και αντιμετώπισης των επιθέσεων αυτών. Τέλος, ασχολείται με το θέμα της ανεπιθύμητης αλληλογραφίας ως μιας διαφορετικού είδους επίθεση άρνησης υπηρεσιών και προτείνει ένα πρωτότυπο τρόπο αντιμετώπισής της. / In our thesis we deal with the issue of Distributed Denial of Service attacks on the Internet. We analyze the current defense methodologies and the tools that are used to unleash this type of attacks. We study the way that those attacks are constructed and organized and present a novel architecture, and its implementation details, of a system that is able to trace back to the true sources of such an attack as well as effectively filter such attacks in real time. Lastly we deal with the issue of spam e-mail as a different form of a distributed denial of service attack and propose a novel methodology that deals with the problem. Ασφάλεια δικτύων 005.8 Network security

Search results