Ddos Defense Against Botnets in the Mobile Cloud

Jensen, David

05 1900

Mobile phone advancements and ubiquitous internet connectivity are resulting in ever expanding possibilities in the application of smart phones. Users of mobile phones are now capable of hosting server applications from their personal devices. Whether providing services individually or in an ad hoc network setting the devices are currently not configured for defending against distributed denial of service (DDoS) attacks. These attacks, often launched from a botnet, have existed in the space of personal computing for decades but recently have begun showing up on mobile devices. Research is done first into the required steps to develop a potential botnet on the Android platform. This includes testing for the amount of malicious traffic an Android phone would be capable of generating for a DDoS attack. On the other end of the spectrum is the need of mobile devices running networked applications to develop security against DDoS attacks. For this mobile, phones are setup, with web servers running Apache to simulate users running internet connected applications for either local ad hoc networks or serving to the internet. Testing is done for the viability of using commonly available modules developed for Apache and intended for servers as well as finding baseline capabilities of mobiles to handle higher traffic volumes. Given the unique challenge of the limited resources a mobile phone can dedicate to Apache when compared to a dedicated hosting server a new method was needed. A proposed defense algorithm is developed for mitigating DDoS attacks against the mobile server that takes into account the limited resources available on the mobile device. The algorithm is tested against TCP socket flooding for effectiveness and shown to perform better than the common Apache module installations on a mobile device.

Denial of service

Botnet

mobile

AMERICAN PERCEPTIONS OF CHINA¡¦S ANTI-ACCESS AND AREA-DENIAL CAPABILITIES: IMPLICATIONS FOR U.S. MILITARY OPERATIONS IN THE WESTERN PACIFIC

J. Sampson, Gary

08 September 2011

The post-Cold War world has created a number of important new challenges to the United States¡¦ power projection capabilities. The worldwide network of bases and stations that enabled the U.S. to contain the Soviet Union have, in many cases, been made into liabilities. U.S. dependence on fixed, vulnerable ports and airfields for the buildup of combat power, as seen in the 1990-91 Gulf War and 2003 Iraq War, have shown potential foes like China and Iran that it doesn¡¦t pay to allow penalty-free access and freedom of action in maritime, air, and space commons. In the Western Pacific, China has pursued an anti-access and area-denial (A2/AD) strategy, developing capabilities designed to deny U.S. freedom of movement in the region. This study examines U.S. perceptions of China¡¦s growing A2/AD capabilities and their implications for U.S. military operations in the Western Pacific through the analysis of authoritative official and unofficial U.S. documents and studies. This work establishes a comprehensive, up-to-date picture of Chinese A2/AD capabilities through American eyes, updating previous comprehensive works in key areas such as the status of China¡¦s anti-ship ballistic missile, conventional ballistic and cruise missile capabilities and their implications for key U.S. facilities in the region, and new technology and platforms like China¡¦s first aircraft carrier and stealth aircraft. The thesis concludes that the U.S. has been slow in reacting to Chinese A2/AD developments and that it is unlikely that continued Chinese military modernization (including the refinement and development of additional A2/AD capabilities) will end in the near future. For the U.S., this means that development and implementation of a truly joint concept for counter-A2/AD operations, as well as the right mix of military capabilities to carry out such operations, cannot be delayed any longer.

area-denial

military operations

Honour as a foundation for self-denial in the gospels

Rochester, Stuart Thomas.

January 2000

Thesis (Th. M.)--Regent College, 2000. / Abstract and vita. Includes bibliographical references (leaves 144-153).

Self-denial Honor

The twentieth century evangelical interpretation of cross-bearing in discipleship

Hamilton, Aida M.

January 1990

Thesis (M.A.)--Western Conservative Baptist Seminary, 1990. / Abstract. Includes bibliographical references (leaves 63-68).

Discipling (Christianity) Self-denial

When prejudice is suspected, but denied understanding psychological reactions to modern prejudice /

Binning, Kevin Ray,

January 2008

Thesis (Ph. D.)--UCLA, 2008. / Vita. Description based on print version record. Includes bibliographical references (leaves 81-95).

Racism. Denial (Psychology)

Without a self to deny called to discipleship while we were yet un-persons /

Majewski, Jean Anne.

January 1984

Thesis (M.T.S.)--Catholic Theological Union, 1984. / Includes bibliographical references (leaves 38-40).

Self-denial Women and religion.

Intelligent Approaches for Communication Denial

Amuru, SaiDhiraj

05 October 2015

Spectrum supremacy is a vital part of security in the modern era. In the past 50 years, a great deal of work has been devoted to designing defenses against attacks from malicious nodes (e.g., anti-jamming), while significantly less work has been devoted to the equally important task of designing effective strategies for denying communication between enemy nodes/radios within an area (e.g., jamming). Such denial techniques are especially useful in military applications and intrusion detection systems where untrusted communication must be stopped. In this dissertation, we study these offensive attack procedures, collectively termed as communication denial. The communication denial strategies studied in this dissertation are not only useful in undermining the communication between enemy nodes, but also help in analyzing the vulnerabilities of existing systems. A majority of the works which address communication denial assume that knowledge about the enemy nodes is available a priori. However, recent advances in communication systems creates the potential for dynamic environmental conditions where it is difficult and most likely not even possible to obtain a priori information regarding the environment and the nodes that are present in it. Therefore, it is necessary to have cognitive capabilities that enable the attacker to learn the environment and prevent enemy nodes from accessing valuable spectrum, thereby denying communication. In this regard, we ask the following question in this dissertation ``Can an intelligent attacker learn and adapt to unknown environments in an electronic warfare-type scenario?" Fundamentally speaking, we explore whether existing machine learning techniques can be used to address such cognitive scenarios and, if not, what are the missing pieces that will enable an attacker to achieve spectrum supremacy by denying an enemy the ability to communicate? The first task in achieving spectrum supremacy is to identify the signal of interest before it can be attacked. Thus, we first address signal identification, specifically modulation classification, in practical wireless environments where the interference is often non-Gaussian. Upon identifying the signal of interest, the next step is to effectively attack the victim signals in order to deny communication. We present a rigorous fundamental analysis regarding the attackers performance, in terms of achieving communication denial, in practical communication settings. Furthermore, we develop intelligent approaches for communication denial that employ novel machine learning techniques to attack the victim either at the physical layer, the MAC layer, or the network layer. We rigorously investigate whether or not these learning techniques enable the attacker to approach the fundamental performance limits achievable when an attacker has complete knowledge of the environment. As a result of our work, we debunk several myths about communication denial strategies that were believed to be true mainly because incorrect system models were previously considered and thus the wrong questions were answered. / Ph. D.

Communication

Denial

Jamming

Learning

Theory and Patterns for Avoiding Regex Denial of Service

Hassan, Sk Adnan

01 June 2022

Regular expressions are ubiquitous. They are used for diverse purposes, including input validation and firewalls. Unfortunately, they can also lead to a security vulnerability called ReDoS(Regular Expression Denial of Service), caused by a super-linear worst-case execution time during regex matching. ReDoS has a serious and wide impact: since applications written in most programming languages can be vulnerable to it, ReDoS has caused outages at prominent web services including Cloudflare and Stack Overflow. Due to the severity and prevalence of ReDoS, past work proposed mechanisms to identify and repair regexes. In this work, we set a different goal: helping developers avoid introducing regexes that could trigger ReDoS in the first place. A necessary condition for a regex to trigger ReDoS is to be infinitely ambiguous (IA). We propose a theory and a collection of anti-patterns to characterize infinitely ambiguous (IA) regexes. We evaluate our proposed anti-patterns in two complementary ways: quantitatively, over a dataset of 209,188 regexes from open- source software; and qualitatively, by observing humans using them in practice. In our large-scale evaluation, our anti-patterns characterized IA regexes with 100% precision and 99% recall, showing that they can capture the large majority of IA regexes, even when they are a simplified version of our theory. In our human experiment, practitioners applying our anti-patterns correctly assessed whether the regex that they were composing was IA or not in all of our studied regex-composition tasks. / Master of Science / Regular expressions are used by developers for different purposes, including input validation and firewalls. Unfortunately, they can also lead to a security vulnerability called ReDoS(Regular Expression Denial of Service), caused by a super-linear worst-case execution time during regex matching. ReDoS has caused outages at prominent web services including Cloudflare and Stack Overflow. ReDoS has a serious and wide impact: since applications written in most programming languages can be vulnerable to it. With this work, we wanted to help developers avoid introducing regexes that could trigger ReDoS in the first place. A necessary condition for a regex to trigger ReDoS is to be infinitely ambiguous (IA). We propose a theory and a collection of anti-patterns to characterize infinitely ambiguous (IA) regexes

security

denial of service

redos

Assessing denial among sex offenders

Jung, Sandy

10 April 2008

No description available.

Sex offenders -- Psychology

Denial (Psychology)

The Effectiveness of Substance use Measures in the Detection of Denial and Partial Denial

Wooley, Chelsea Nichole

05 1900

Many substance users deny their substance use to avoid negative consequences, thus diluting the accuracy of assessment. To address this issue, indirect items are often included on substance use measures to identify those who deny their use. The purpose of this study was to examine the effect of complete denial and partial denial on substance use measures. Partial denial, also termed denial of effects, is the denial of substance use interfering in multiple domains of a person's functioning. The study used a mixed within- and between-subjects design with participants from a dual diagnosis inpatient unit. Each participant completed the study under two different conditions which include an honest condition and an experimental condition (either complete denial or partial denial). Results show that partial denial is distinctly different from complete denial across three self-report substance use measures. Importantly, substance users engaging in these denial conditions were often undetected by these measures.

Substance use

SASSI-3

denial