Denial-of-Service Attacks on Battery-Powered Mobile Computers

Krishnaswami, Jayan

19 February 2004

A Denial of Service (DoS) attack is an incident in which the user is deprived of the services of a resource he is expected to have. With the increasing reliance on mobile devices like laptops and palmtops, a new type of DoS attack is possible that attacks the batteries of these devices, called "sleep deprivation attacks". The goal of sleep deprivation attacks is to rapidly drain the battery of the mobile devices, rendering the device inoperable long before the expected battery lifetime, thus denying the service the user expects from the mobile device. The purpose of this research is to investigate these types of attacks so that proper defense mechanisms can be put in place before the attacks become a more sophisticated and potent force. This research presents three different possible methods that can be adopted by an attacker to drain the battery of a device i.e. malignant attacks, benign attacks and network service request attacks. These attacks are implemented on a variety of mobile computing platforms like palmtops and a laptop and the corresponding results are presented. Finally, a mathematical model is presented that estimates the battery life of a device based on its power consumption in various power management states and expected usage. This model can also be used to predict the impact of a DoS attack on the battery life of the device under attack. / Master of Science

battery

mobile devices

denial-of-service

Mitigating Network-Based Denial-of-Service Attacks with Client Puzzles

McNevin, Timothy John

04 May 2005

Over the past few years, denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks have become more of a threat than ever. These attacks are aimed at denying or degrading service for a legitimate user by any means necessary. The need to propose and research novel methods to mitigate them has become a critical research issue in network security. Recently, client puzzle protocols have received attention as a method for combating DoS and DDoS attacks. In a client puzzle protocol, the client is forced to solve a cryptographic puzzle before it can request any operation from a remote server or host. This thesis presents the framework and design of two different client puzzle protocols: Puzzle TCP and Chained Puzzles. Puzzle TCP, or pTCP, is a modification to the Transmission Control Protocol (TCP) that supports the use of client puzzles at the transport layer and is designed to help combat various DoS attacks that target TCP. In this protocol, when a server is under attack, each client is required to solve a cryptographic puzzle before the connection can be established. This thesis presents the design and implementation of pTCP, which was embedded into the Linux kernel, and demonstrates how effective it can be at defending against specific attacks on the transport layer. Chained Puzzles is an extension to the Internet Protocol (IP) that utilizes client puzzles to mitigate the crippling effects of a large-scale DDoS flooding attack by forcing each client to solve a cryptographic problem before allowing them to send packets into the network. This thesis also presents the design of Chained Puzzles and verifies its effectiveness with simulation results during large-scale DDoS flooding attacks. / Master of Science

Client puzzles

Denial-of-Service countermeasures

Distributed Denial-of-Service Attacks

Denial-of-Service Attacks

Banned from the Only Democracy in the Middle East: Targeted Exclusion at Israel’s External Border Crossings

Goss, Alexandra

01 January 2016

Despite seemingly discriminatory practices at the border directed towards US citizens, no formal academic work has been conducted on the subject. This study is the first of its kind, which examines the phenomenon of the denying and banning of US citizens from the external Israeli border crossings. It draws upon the cases of 110 US citizens who have been banned or denied from the external Israeli border crossings from 1987-2015. This study finds that denial is often associated with Palestinian Americans, Arab Americans, Muslim Americans, Black Americans and Americans who personally identify as activists or are considered by border officials to be so. It argues that Israel’s actions at their border crossings have become increasingly standardized over time through practices of “stealth authoritarianism” that create the veneer of due process in the execution of a denial or ban and lead to difficulties pursuing redress. Finally, this study puts forth how this practice fits within the broader context of Israeli policies regarding the subjugation of Palestinians living in the occupied Palestinian territories and Israel proper as well as individuals suspected of being activists working towards Palestinian liberation. Ultimately, this study hopes to lay a multi-disciplinary groundwork for understanding the implications of the denial and banning of US citizens at the external Israeli border crossings for those who wish to pursue the topic in the future.

Israel

Palestine

Border

Denial

Ban

International Relations

Stressed Out: an Analysis of the Acceptance or Denial of the Dominant Anxiety Discourse

Avedisian, Lindsey M.

January 2010

Thesis advisor: David Karp / The purpose of this study is to examine the way(s) that people define and perceive anxiety in light of the dominant discourses about mental illness that permeate America today. Both mental health fields, such as psychology, as well as the pharmaceutical industry have supplied the mental illness discourse that is popular today in the US. Definitions of and treatments for mental illnesses have expanded rapidly over the past several decades. The result is a mental illness discourse that allows almost anyone to be defined as mentally ill and therefore also a candidate for medication. Additionally, this dangerous discourse has been both created and embraced by the people who ordinary Americans look to as authorities on mental illness – doctors and drug companies. The research conducted in this study is intended to address two main questions: First, what are people’s ideas about anxiety? How do they define and identify it? People’s levels of awareness about the topic in general provide insight into the influence that dominant discourses have had (or not had) upon them. Second, do people’s ideas about anxiety mirror the dominant discourse that is presented by mental health fields and the pharmaceutical industry? If the language that people use and treatment options that people seek closely mirror the language and treatment options suggested in the dominant discourse, then mental health fields and the pharmaceutical industry are having a significant influence upon the ways Americans think about mental illness. / Thesis (BS) — Boston College, 2010. / Submitted to: Boston College. College of Arts and Sciences. / Discipline: Sociology Honors Program. / Discipline: Sociology.

anxiety

discourse

acceptance

denial

mental

medicalization

Mitigating Denial-of-Service Flooding Attacks with Source Authentication

Liu, Xin

January 2012

<p>Denial-of-Service (DoS) flooding attacks have become a serious threat to the reliability of the Internet. For instance, a report published by Arbor Networks reveals that the largest DoS flooding attack observed in 2010 reaches 100Gbps in attack traffic volume. The defense against DoS flooding attacks is significantly complicated by the fact that the Internet lacks accountability at the network layer: it is very difficult, if not impossible, for the receiver of an IP packet to associate the packet with its real sender, as the sender is free to craft any part of the packet.</p><p>This dissertation proposes to mitigate DoS flooding attacks with a two-step process: first to establish accountability at the network layer, and second to utilize the accountability to efficiently and scalably mitigate the attacks. It proposes Passport, a source authentication system that enables any router forwarding a packet to cryptographically verify the source Autonomous System (AS) of the packet. Passport uses symmetric key cryptography to enable high-speed verification and piggy-backs its key exchange into the inter-domain routing system for efficiency and independence from non-routing infrastructures.</p><p>On top of Passport, this dissertation proposes NetFence, a DoS flooding attack mitigation system that provides two levels of protection against the attacks: if a victim can receive and identify the attack traffic, it can throttle the attack traffic close to the attack sources; otherwise, the attack traffic cannot be eliminated, but it would not be able to consume more than the attack sources' fair shares of the capacity of any bottleneck link. NetFence achieves its goals by putting unforgeable congestion policing feedback into each packet. The feedback allows bottleneck routers to convey congestion information back to the access routers that police the traffic accordingly. A destination host can throttle unwanted traffic by not returning the feedback to the source host.</p><p>We have implemented prototypes of Passport and NetFence in both ns-2 simulator and Linux. We have also implement a prototype of Passport on a NetFPGA board. Our evaluation of the prototypes as well as our security and theoretical analysis demonstrate that both Passport and NetFence are practical for high-speed router implementation and could mitigate a wider range of attacks in a more scalable way compared to previous work.</p> / Dissertation

Computer science

Denial-of-Service

Source Authentication

The Approach To Chinese Aircraft Carrier

Jane, Pyng-Shan

20 June 2006

Abstract China imitates U.S.A. and wants to have one's own aircraft carriers to fight group in the 21st century, in order to consolidate regional power status, and by the thinking logic and military common sense, it is a essential policy for building the army to be inevitable too. The plural western military observers think that the Varyag may become the first aircraft carrier of the Chinese navy. If they match two more new-type destroyers, three convoy destroyers, two nuclear powers submarines, an oil ship, they will form an aircraft carrier battle group that has attack ability. Because of safeguarding the sovereignty, China need to have an appropriate NAVY.

Command of the Sea

Sea Denial

Sea Control

Intrusion Detection on Distributed Attacks

Cheng, Wei-Cheng

29 July 2003

The number of significant security incidents tends to increase day by day in recent years. The distributed denial of service attacks and worm attacks extensively influence the network and cause serious damages. In the thesis, we analyze these two critical distributed attacks. We propose an intrusion detection approach against this kind of attacks and implement an attack detection system based on the approach. We use anomaly detection of intrusion detecting techniques and observed the anomalous distribution of packet fields to perform the detection. The proposed approach records the characteristics of normal traffic volumes so that to make detections more flexible and more precise. Finally, we evaluated our approach by experiments.

distributed denial of service attack

worm

intrusion detection

Web-based Botnet Detection Based on Flow Information

Tsai, Yu-Chou

08 September 2009

Botnet is a combination of Cyber Attack, infection, and dissemination. Cross the Internet, the infected hosts might launch DDoS (Distributed Denial-of-Service) Attack, become a proxy sending SPAM according to commands from botmasters via some public services such as IRC, P2P or Web (HTTP) protocol. Among these command and control channel, Web-based Botnet is much difficult to detect because the command and control messages of Web-based Botnet are spread through HTTP protocol and hide behind normal Flows. In this research, we focus on analysis and detection of Web-based Botnet, detection by features - Timeslot, calculation of NetFlow, B2S(Bot to Server) and S2B(Server to Bot) of Web-based Botnet. The experimental result shows the proposed approach which uses the features mention above is good in many different topology designs. In addition, we also got nice detection rate in real network design.

DDoS(Distributed Denial-of-Service)

Web-based Botnet

DDoS : -Vad är det och går det att skydda sig?

Eriksson, Tomas, Joelsson, Hans

January 2006

<p>This paper will expose the serious phenonomen Distributed Denial of Service (DDoS). Businesses without a good security policy are easy targets for attackers. We will cover why its hard to protect yourself, present previous attacks and ways for individuals and businesses to secure themselves. We have based our paper on previous cases and done intervjues with companies who specialize in dealing with these kind of threats. Then come up with guidelines wich will be helpful for businesses when they want to strengthen there security against Distributed Denial of Service-attacks.</p> / <p>Detta arbete upplyser om hur allvarligt fenomenet Distributed Denial of Service (DDoS) är. Företag utan ett väl fungerande säkerhetstänkande kan råka riktigt illa ut vid en DDoS-attack. Vi kommer att berätta om problemet och ta upp tidigare attacker samt förslag på åtgärder för att öka säkerheten för både privatpersoner och företag. Vi kommer att utgå från tidigare Case om DDoS och intervjua säkerhetsföretag för att kunna framställa en skyddsstrategi. Därmed hoppas vi att vår uppsats kommer att vara till hjälp för företag som står inför valet att öka säkerheten mot Distributed Denial of Service.</p>

Distributed Denial Of Service

Belastningsattack

Informatics

Informatik

The web of hate: an exploratory study of holocaust denial on the net /

Di Giacomo, Daniela.

January 2005

Thesis (M.A.) - Simon Fraser University, 2005. / Theses (School of Criminology) / Simon Fraser University. Also issued in digital format and available on the World Wide Web.