NDLTD Global ETD Search
  • Refine Query
  • Source
  • Publication year
  • to
  • Language
  • 18
  • 4
  • 3
  • 1
  • 1
  • Tagged with
  • 28
  • 28
  • 28
  • 15
  • 11
  • 10
  • 10
  • 9
  • 9
  • 8
  • 7
  • 7
  • 5
  • 5
  • 5
  • About
  • The Global ETD Search service is a free service for researchers to find electronic theses and dissertations. This service is provided by the Networked Digital Library of Theses and Dissertations.
    Our metadata is collected from universities around the world. If you manage a university/consortium/country archive and want to be added, details can be found on the NDLTD website.

Search results

Showing 11 to 20 of 28 (0.076 seconds)

Spelling suggestions: "subject:"distributed denial Of ervice"" "subject:"distributed denial Of aservice""

11

A defense system on DDOS attacks in mobile ad hoc networks

Yu, Xuan. Hamilton, John A. January 2007 (has links) (PDF)
Dissertation (Ph.D.)--Auburn University, 2007. / Abstract. Includes bibliographic references (p.127-137).
12

The Current State of DDoS Defense

Nilsson, Sebastian January 2014 (has links)
A DDoS attack is an attempt to bring down a machine connected to the Internet. This is done by having multiple computers repeatedly sending requests to tie up a server making it unable to answer legitimate requests. DDoS attacks are currently one of the biggest security threats on the internet according to security experts. We used a qualitative interview with experts in IT security to gather data to our research. We found that most companies are lacking both in knowledge and in their protection against DDoS attacks. The best way to minimize this threat would be to build a system with redundancy, do a risk analysis and revise security policies. Most of the technologies reviewed were found ineffective because of the massive amount of data amplification attacks can generate. Ingress filtering showed promising results in preventing DDoS attacks by blocking packages with spoofed IP addresses thus preventing amplification attacks.
Information Security
Distributed denial of service attacks
Botnet
Computer Sciences
Datavetenskap (datalogi)
13

PERFORMANCE EVALUATION OF A TTL-BASED DYNAMIC MARKING SCHEME IN IP TRACEBACK

Devasundaram, Shanmuga Sundaram January 2006 (has links)
No description available.
Computer Science
IP traceback
distributed denial-of-service attacks
DDoS
DoS
dynamic packetmarking
traceback
14

Design and Analysis of Anomaly Detection and Mitigation Schemes for Distributed Denial of Service Attacks in Software Defined Network. An Investigation into the Security Vulnerabilities of Software Defined Network and the Design of Efficient Detection and Mitigation Techniques for DDoS Attack using Machine Learning Techniques

Sangodoyin, Abimbola O. January 2019 (has links)
Software Defined Networks (SDN) has created great potential and hope to overcome the need for secure, reliable and well managed next generation networks to drive effective service delivery on the go and meet the demand for high data rate and seamless connectivity expected by users. Thus, it is a network technology that is set to enhance our day-to-day activities. As network usage and reliance on computer technology are increasing and popular, users with bad intentions exploit the inherent weakness of this technology to render targeted services unavailable to legitimate users. Among the security weaknesses of SDN is Distributed Denial of Service (DDoS) attacks. Even though DDoS attack strategy is known, the number of successful DDoS attacks launched has seen an increment at an alarming rate over the last decade. Existing detection mechanisms depend on signatures of known attacks which has not been successful in detecting unknown or different shades of DDoS attacks. Therefore, a novel detection mechanism that relies on deviation from confidence interval obtained from the normal distribution of throughput polled without attack from the server. Furthermore, sensitivity analysis to determine which of the network metrics (jitter, throughput and response time) is more sensitive to attack by introducing white Gaussian noise and evaluating the local sensitivity using feed-forward artificial neural network is evaluated. All metrics are sensitive in detecting DDoS attacks. However, jitter appears to be the most sensitive to attack. As a result, the developed framework provides an avenue to make the SDN technology more robust and secure to DDoS attacks.
Software Defined Networks (SDN)
Network security
Attack detection
Attack mitigation
Controller
15

Mitigating Network-Based Denial-of-Service Attacks with Client Puzzles

McNevin, Timothy John 04 May 2005 (has links)
Over the past few years, denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks have become more of a threat than ever. These attacks are aimed at denying or degrading service for a legitimate user by any means necessary. The need to propose and research novel methods to mitigate them has become a critical research issue in network security. Recently, client puzzle protocols have received attention as a method for combating DoS and DDoS attacks. In a client puzzle protocol, the client is forced to solve a cryptographic puzzle before it can request any operation from a remote server or host. This thesis presents the framework and design of two different client puzzle protocols: Puzzle TCP and Chained Puzzles. Puzzle TCP, or pTCP, is a modification to the Transmission Control Protocol (TCP) that supports the use of client puzzles at the transport layer and is designed to help combat various DoS attacks that target TCP. In this protocol, when a server is under attack, each client is required to solve a cryptographic puzzle before the connection can be established. This thesis presents the design and implementation of pTCP, which was embedded into the Linux kernel, and demonstrates how effective it can be at defending against specific attacks on the transport layer. Chained Puzzles is an extension to the Internet Protocol (IP) that utilizes client puzzles to mitigate the crippling effects of a large-scale DDoS flooding attack by forcing each client to solve a cryptographic problem before allowing them to send packets into the network. This thesis also presents the design of Chained Puzzles and verifies its effectiveness with simulation results during large-scale DDoS flooding attacks. / Master of Science
Client puzzles
Denial-of-Service countermeasures
Distributed Denial-of-Service Attacks
Denial-of-Service Attacks
16

Security challenges within Software Defined Networks

Sund, Gabriel, Ahmed, Haroon January 2014 (has links)
A large amount of today's communication occurs within data centers where a large number of virtual servers (running one or more virtual machines) provide service providers with the infrastructure needed for their applications and services. In this thesis, we will look at the next step in the virtualization revolution, the virtualized network. Software-defined networking (SDN) is a relatively new concept that is moving the field towards a more software-based solution to networking. Today when a packet is forwarded through a network of routers, decisions are made at each router as to which router is the next hop destination for the packet. With SDN these decisions are made by a centralized SDN controller that decides upon the best path and instructs the devices along this path as to what action each should perform. Taking SDN to its extreme minimizes the physical network components and increases the number of virtualized components. The reasons behind this trend are several, although the most prominent are simplified processing and network administration, a greater degree of automation, increased flexibility, and shorter provisioning times. This in turn leads to a reduction in operating expenditures and capital expenditures for data center owners, which both drive the further development of this technology. Virtualization has been gaining ground in the last decade. However, the initial introduction of virtualization began in the 1970s with server virtualization offering the ability to create several virtual server instances on one physical server. Today we already have taken small steps towards a virtualized network by virtualization of network equipment such as switches, routers, and firewalls. Common to virtualization is that it is in early stages all of the technologies have encountered trust issues and general concerns related to whether software-based solutions are as rugged and reliable as hardware-based solutions. SDN has also encountered these issues, and discussion of these issues continues among both believers and skeptics. Concerns about trust remain a problem for the growing number of cloud-based services where multitenant deployments may lead to loss of personal integrity and other security risks. As a relatively new technology, SDN is still immature and has a number of vulnerabilities. As with most software-based solutions, the potential for security risks increases. This thesis investigates how denial-of-service (DoS) attacks affect an SDN environment and a single-threaded controller, described by text and via simulations. The results of our investigations concerning trust in a multi-tenancy environment in SDN suggest that standardization and clear service level agreements are necessary to consolidate customers’ confidence. Attracting small groups of customers to participate in user cases in the initial stages of implementation can generate valuable support for a broader implementation of SDN in the underlying infrastructure. With regard to denial-of-service attacks, our conclusion is that hackers can by target the centralized SDN controller, thus negatively affect most of the network infrastructure (because the entire infrastructure directly depends upon a functioning SDN controller). SDN introduces new vulnerabilities, which is natural as SDN is a relatively new technology. Therefore, SDN needs to be thoroughly tested and examined before making a widespread deployment. / Dagens kommunikation sker till stor del via serverhallar där till stor grad virtualiserade servermiljöer förser serviceleverantörer med infrastukturen som krävs för att driva dess applikationer och tjänster. I vårt arbete kommer vi titta på nästa steg i denna virtualiseringsrevolution, den om virtualiserade nätverk. mjukvarudefinierat nätverk (eng. Software-defined network, eller SDN) kallas detta förhållandevis nya begrepp som syftar till mjukvarubaserade nätverk. När ett paket idag transporteras genom ett nätverk tas beslut lokalt vid varje router vilken router som är nästa destination för paketet, skillnaden i ett SDN nätverk är att besluten istället tas utifrån ett fågelperspektiv där den bästa vägen beslutas i en centraliserad mjukvaruprocess med överblick över hela nätverket och inte bara tom nästa router, denna process är även kallad SDN kontroll. Drar man uttrycket SDN till sin spets handlar det om att ersätta befintlig nätverksutrustning med virtualiserade dito. Anledningen till stegen mot denna utveckling är flera, de mest framträdande torde vara; förenklade processer samt nätverksadministration, större grad av automation, ökad flexibilitet och kortare provisionstider. Detta i sin tur leder till en sänkning av löpande kostnader samt anläggningskostnader för serverhallsinnehavare, något som driver på utvecklingen. Virtualisering har sedan början på 2000-talet varit på stark frammarsch, det började med servervirtualisering och förmågan att skapa flertalet virtualiserade servrar på en fysisk server. Idag har vi virtualisering av nätverksutrustning, såsom switchar, routrar och brandväggar. Gemensamt för all denna utveckling är att den har i tidigt stadie stött på förtroendefrågor och överlag problem kopplade till huruvida mjukvarubaserade lösningar är likvärdigt robusta och pålitliga som traditionella hårdvarubaserade lösningar. Detta problem är även något som SDN stött på och det diskuteras idag flitigt bland förespråkare och skeptiker. Dessa förtroendefrågor går på tvären mot det ökande antalet molnbaserade tjänster, typiska tjänster där säkerheten och den personliga integriten är vital. Vidare räknar man med att SDN, liksom annan ny teknik medför vissa barnsjukdomar såsom kryphål i säkerheten. Vi kommer i detta arbete att undersöka hur överbelastningsattacker (eng. Denial-of-Service, eller DoS-attacker) påverkar en SDN miljö och en singel-trådig kontroller, i text och genom simulering. Resultatet av våra undersökningar i ämnet SDN i en multitenans miljö är att standardisering och tydliga servicenivåavtal behövs för att befästa förtroendet bland kunder. Att attrahera kunder för att delta i mindre användningsfall (eng. user cases) i ett inledningsskede är också värdefullt i argumenteringen för en bredare implementering av SDN i underliggande infrastruktur. Vad gäller DoS-attacker kom vi fram till att det som hackare går att manipulera en SDN infrastruktur på ett sätt som inte är möjligt med dagens lösningar. Till exempel riktade attacker mot den centraliserade SDN kontrollen, slår man denna kontroll ur funktion påverkas stora delar av infrastrukturen eftersom de är i ett direkt beroende av en fungerande SDN kontroll. I och med att SDN är en ny teknik så öppnas också upp nya möjligheter för angrepp, med det i åtanke är det viktigt att SDN genomgår rigorösa tester innan större implementation.
Software Defined Networks (SDN)
network security
denial of service
distributed denial of service
multi-tenancy
mjukvarudefinierat nätverk
nätverkssäkerhet
överbelastningsattack
distribuerad överbelastningsattack
multitenans
17

Denial-of-service attack : A realistic implementation of a DoS attack / Denial-of-service attack : En realistisk implementering

Skog Andersen, Jonas, Alderhally, Ammar January 2015 (has links)
This report describes some of the most well known denial of service attacks (DoS-attacks). This will be done in the first part of the report, the second part describes an implementation of a DoS-attack. The main purpose of its first part is to closer examine common DoS-attacks, the purpose of such attacks, the protection methods that can be deployed to mitigate these attacks and the ways that are used to measure these attacks. The second part describes a implementation of a practical attack implemented using HTTP POST requests to overwhelm a web server, so called HTTP POST attack. The attack was carried out using different number of attack nodes, up to the default maximum limit for Apache web server. The attack succeeded after several attempts with different parameters. As a result of the experiments we learnt that a successful HTTP POST attack needs to take between 15% and 100% of the maximum permitted clients to make an impact on the server’s response time. The server that was attacked had no defence mechanism to protect itself against DoS-attacks. One important thing to note is that this attack is carried out in a protected environment so as not to affect the external environment.
DOS
DDOS
Attack
Denial of Service
Distributed denial of service attack
HTTP POST
HTTP POST attack
Computer Sciences
Datavetenskap (datalogi)
18

Impact of mobile botnet on long term evolution networks: a distributed denial of service attack perspective

Kitana, Asem 31 March 2021 (has links)
In recent years, the advent of Long Term Evolution (LTE) technology as a prominent component of 4G networks and future 5G networks, has paved the way for fast and new mobile web access and application services. With these advantages come some security concerns in terms of attacks that can be launched on such networks. This thesis focuses on the impact of the mobile botnet on LTE networks by implementing a mobile botnet architecture that initiates a Distributed Denial of Service (DDoS) attack. First, in the quest of understanding the mobile botnet behavior, a correlation between the mobile botnet impact and different mobile device mobility models, is established, leading to the study of the impact of the random patterns versus the uniform patterns of movements on the mobile botnet’s behavior under a DDoS attack. Second, the impact of two base transceiver station selection mechanisms on a mobile botnet behavior launching a DDoS attack on a LTE network is studied, the goal being to derive the effect of the attack severity of the mobile botnet. Third, an epidemic SMS-based cellular botnet that uses an epidemic command and control mechanism to initiate a short message services (SMS) phishing attack, is proposed and its threat impact is studied and simulated using three random graphs models. The simulation results obtained reveal that (1) in terms of users’ mobility patterns, the impact of the mobile botnet behavior under a DDoS attack on a victim web server is more pronounced when an asymmetric mobility model is considered compared to a symmetric mobility model; (2) in terms of base transceiver station selection mechanisms, the Distance-Based Model mechanism yields a higher threat impact on the victim server compared to the Signal Power Based Model mechanism; and (3) under the Erdos-and-Reyni Topology, the proposed epidemic SMS-based cellular botnet is shown to be resistant and resilient to random and selective cellular device failures. / Graduate
Mobile Botnet
LTE
Long Term Evolution Network
Distributed Denial of Service Attack
DDoS
Cellular Botnet
Botnet
Cybersecurity
Cyber Security
Cyber Attacks
19

Security related self-protected networks: autonomous threat detection and response (ATDR)

Havenga, Wessel Johannes Jacobus January 2021 (has links)
Doctor Educationis / Cybersecurity defense tools, techniques and methodologies are constantly faced with increasing challenges including the evolution of highly intelligent and powerful new generation threats. The main challenges posed by these modern digital multi-vector attacks is their ability to adapt with machine learning. Research shows that many existing defense systems fail to provide adequate protection against these latest threats. Hence, there is an ever-growing need for self-learning technologies that can autonomously adjust according to the behaviour and patterns of the offensive actors and systems. The accuracy and effectiveness of existing methods are dependent on decision making and manual input by human expert. This dependence causes 1) administration overhead, 2) variable and potentially limited accuracy and 3) delayed response time. In this thesis, Autonomous Threat Detection and Response (ATDR) is a proposed general method aimed at contributing toward security related self-protected networks. Through a combination of unsupervised machine learning and Deep learning, ATDR is designed as an intelligent and autonomous decision-making system that uses big data processing requirements and data frame pattern identification layers to learn sequences of patterns and derive real-time data formations. This system enhances threat detection and response capabilities, accuracy and speed. Research provided a solid foundation for the proposed method around the scope of existing methods and the unanimous problem statements and findings by other authors.
(Distributed) denial of service attacks
Traffic capture and packet analysis
Queueing theory
Machine learning
Neural networking
Multi-vector attack detection
20

DDoS: Ett evolverande fenomen / DDoS: An evolving phenomenon

Andersson, Emil January 2012 (has links)
Internetfenomenet ”Distributed Denial of Service”, förkortat DDoS, beskrivs ofta som ett av destörsta hoten mot Internet idag. Genom att utnyttja den grundläggande strukturen i kommunikationmellan nätverk och datorer kan kriminella blockera och stänga ute webbplatser och -tjänster frånanvändare, samtidigt som det är mycket svårt för offret och myndigheter att någonsin identifieraden eller de skyldiga. Enorma globala nätverk av ovetande människors infekterade datorer fjärrstyrstill att utföra angrepp mot alla sorters organisationer på Internet med olika motiv, som finansiella,politiska eller för ren vandalism. Syftet med det här arbetet är att göra en dagsaktuell kartläggningöver läget kring DDoS-angrepp och titta på statistik över de mest förekommande angreppstyperna,och se om den nyare publicerade forskningen kan svara på de pågående och framträdande trendersom kan ses. Sex forskningsartiklar väljs ut att jämföra med dessa trender för att se var merforskning krävs. Resultatet visar att forskningen kring försvar mot HTTP-GET-angrepp är bristande,samt att den framträdande trenden där angreppen allt oftare använder sig av olika angreppstypersamtidigt inte har undersökts. Mer öppen forskning bör riktas mot dessa bristande områden. / The Internet phenomenon ”Distributed Denial of Service”, in short DDoS, is often said to be one ofthe greatest threats to the Internet today. By abusing the foundation of inter-network and computercommunication, criminals can block and shut out websites and services from users while making itvery hard for the victim and the authorities to ever identify who was behind it. Enormous globalnetworks made up of unknowing peoples' infected computers can be remotely controlled to conductattacks against all sorts of organisations on the Internet with different motives, from financial orpolitic to sheer vandalism. The purpose of this study is to create an up-to-date mapping of thesituation of DdoS-attacks and look at statistics of the most prevalent attack types, and to check ifnewly published research can answer the current and emerging trends that can be seen. Six researcharticles are chosen to compare with these trends to see where more research is required. The resultsshow that the research around defense against HTTP-GET-attacks is lacking, and that the emergenttrend of DDoS-attacks that make use of more than one attack type at the same time has not beenexamined. More open research should be directed to these lacking areas.
DDoS
DoS
Distributed Denial of Service
Denial of Service
HTTP-GET-DoS
TCP-SYN-Flood
Engineering and Technology
Teknik och teknologier

Page generated in 0.0816 seconds