• Refine Query
  • Source
  • Publication year
  • to
  • Language
  • 71
  • 6
  • 6
  • 5
  • 5
  • 4
  • 3
  • 2
  • 1
  • 1
  • 1
  • 1
  • Tagged with
  • 124
  • 124
  • 52
  • 45
  • 38
  • 35
  • 30
  • 30
  • 27
  • 26
  • 26
  • 20
  • 18
  • 17
  • 15
  • About
  • The Global ETD Search service is a free service for researchers to find electronic theses and dissertations. This service is provided by the Networked Digital Library of Theses and Dissertations.
    Our metadata is collected from universities around the world. If you manage a university/consortium/country archive and want to be added, details can be found on the NDLTD website.
1

Ddos Defense Against Botnets in the Mobile Cloud

Jensen, David 05 1900 (has links)
Mobile phone advancements and ubiquitous internet connectivity are resulting in ever expanding possibilities in the application of smart phones. Users of mobile phones are now capable of hosting server applications from their personal devices. Whether providing services individually or in an ad hoc network setting the devices are currently not configured for defending against distributed denial of service (DDoS) attacks. These attacks, often launched from a botnet, have existed in the space of personal computing for decades but recently have begun showing up on mobile devices. Research is done first into the required steps to develop a potential botnet on the Android platform. This includes testing for the amount of malicious traffic an Android phone would be capable of generating for a DDoS attack. On the other end of the spectrum is the need of mobile devices running networked applications to develop security against DDoS attacks. For this mobile, phones are setup, with web servers running Apache to simulate users running internet connected applications for either local ad hoc networks or serving to the internet. Testing is done for the viability of using commonly available modules developed for Apache and intended for servers as well as finding baseline capabilities of mobiles to handle higher traffic volumes. Given the unique challenge of the limited resources a mobile phone can dedicate to Apache when compared to a dedicated hosting server a new method was needed. A proposed defense algorithm is developed for mitigating DDoS attacks against the mobile server that takes into account the limited resources available on the mobile device. The algorithm is tested against TCP socket flooding for effectiveness and shown to perform better than the common Apache module installations on a mobile device.
2

Theory and Patterns for Avoiding Regex Denial of Service

Hassan, Sk Adnan 01 June 2022 (has links)
Regular expressions are ubiquitous. They are used for diverse purposes, including input validation and firewalls. Unfortunately, they can also lead to a security vulnerability called ReDoS(Regular Expression Denial of Service), caused by a super-linear worst-case execution time during regex matching. ReDoS has a serious and wide impact: since applications written in most programming languages can be vulnerable to it, ReDoS has caused outages at prominent web services including Cloudflare and Stack Overflow. Due to the severity and prevalence of ReDoS, past work proposed mechanisms to identify and repair regexes. In this work, we set a different goal: helping developers avoid introducing regexes that could trigger ReDoS in the first place. A necessary condition for a regex to trigger ReDoS is to be infinitely ambiguous (IA). We propose a theory and a collection of anti-patterns to characterize infinitely ambiguous (IA) regexes. We evaluate our proposed anti-patterns in two complementary ways: quantitatively, over a dataset of 209,188 regexes from open- source software; and qualitatively, by observing humans using them in practice. In our large-scale evaluation, our anti-patterns characterized IA regexes with 100% precision and 99% recall, showing that they can capture the large majority of IA regexes, even when they are a simplified version of our theory. In our human experiment, practitioners applying our anti-patterns correctly assessed whether the regex that they were composing was IA or not in all of our studied regex-composition tasks. / Master of Science / Regular expressions are used by developers for different purposes, including input validation and firewalls. Unfortunately, they can also lead to a security vulnerability called ReDoS(Regular Expression Denial of Service), caused by a super-linear worst-case execution time during regex matching. ReDoS has caused outages at prominent web services including Cloudflare and Stack Overflow. ReDoS has a serious and wide impact: since applications written in most programming languages can be vulnerable to it. With this work, we wanted to help developers avoid introducing regexes that could trigger ReDoS in the first place. A necessary condition for a regex to trigger ReDoS is to be infinitely ambiguous (IA). We propose a theory and a collection of anti-patterns to characterize infinitely ambiguous (IA) regexes
3

Denial-of-Service Attacks on Battery-Powered Mobile Computers

Krishnaswami, Jayan 19 February 2004 (has links)
A Denial of Service (DoS) attack is an incident in which the user is deprived of the services of a resource he is expected to have. With the increasing reliance on mobile devices like laptops and palmtops, a new type of DoS attack is possible that attacks the batteries of these devices, called "sleep deprivation attacks". The goal of sleep deprivation attacks is to rapidly drain the battery of the mobile devices, rendering the device inoperable long before the expected battery lifetime, thus denying the service the user expects from the mobile device. The purpose of this research is to investigate these types of attacks so that proper defense mechanisms can be put in place before the attacks become a more sophisticated and potent force. This research presents three different possible methods that can be adopted by an attacker to drain the battery of a device i.e. malignant attacks, benign attacks and network service request attacks. These attacks are implemented on a variety of mobile computing platforms like palmtops and a laptop and the corresponding results are presented. Finally, a mathematical model is presented that estimates the battery life of a device based on its power consumption in various power management states and expected usage. This model can also be used to predict the impact of a DoS attack on the battery life of the device under attack. / Master of Science
4

Mitigating Network-Based Denial-of-Service Attacks with Client Puzzles

McNevin, Timothy John 04 May 2005 (has links)
Over the past few years, denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks have become more of a threat than ever. These attacks are aimed at denying or degrading service for a legitimate user by any means necessary. The need to propose and research novel methods to mitigate them has become a critical research issue in network security. Recently, client puzzle protocols have received attention as a method for combating DoS and DDoS attacks. In a client puzzle protocol, the client is forced to solve a cryptographic puzzle before it can request any operation from a remote server or host. This thesis presents the framework and design of two different client puzzle protocols: Puzzle TCP and Chained Puzzles. Puzzle TCP, or pTCP, is a modification to the Transmission Control Protocol (TCP) that supports the use of client puzzles at the transport layer and is designed to help combat various DoS attacks that target TCP. In this protocol, when a server is under attack, each client is required to solve a cryptographic puzzle before the connection can be established. This thesis presents the design and implementation of pTCP, which was embedded into the Linux kernel, and demonstrates how effective it can be at defending against specific attacks on the transport layer. Chained Puzzles is an extension to the Internet Protocol (IP) that utilizes client puzzles to mitigate the crippling effects of a large-scale DDoS flooding attack by forcing each client to solve a cryptographic problem before allowing them to send packets into the network. This thesis also presents the design of Chained Puzzles and verifies its effectiveness with simulation results during large-scale DDoS flooding attacks. / Master of Science
5

Mitigating Denial-of-Service Flooding Attacks with Source Authentication

Liu, Xin January 2012 (has links)
<p>Denial-of-Service (DoS) flooding attacks have become a serious threat to the reliability of the Internet. For instance, a report published by Arbor Networks reveals that the largest DoS flooding attack observed in 2010 reaches 100Gbps in attack traffic volume. The defense against DoS flooding attacks is significantly complicated by the fact that the Internet lacks accountability at the network layer: it is very difficult, if not impossible, for the receiver of an IP packet to associate the packet with its real sender, as the sender is free to craft any part of the packet.</p><p>This dissertation proposes to mitigate DoS flooding attacks with a two-step process: first to establish accountability at the network layer, and second to utilize the accountability to efficiently and scalably mitigate the attacks. It proposes Passport, a source authentication system that enables any router forwarding a packet to cryptographically verify the source Autonomous System (AS) of the packet. Passport uses symmetric key cryptography to enable high-speed verification and piggy-backs its key exchange into the inter-domain routing system for efficiency and independence from non-routing infrastructures.</p><p>On top of Passport, this dissertation proposes NetFence, a DoS flooding attack mitigation system that provides two levels of protection against the attacks: if a victim can receive and identify the attack traffic, it can throttle the attack traffic close to the attack sources; otherwise, the attack traffic cannot be eliminated, but it would not be able to consume more than the attack sources' fair shares of the capacity of any bottleneck link. NetFence achieves its goals by putting unforgeable congestion policing feedback into each packet. The feedback allows bottleneck routers to convey congestion information back to the access routers that police the traffic accordingly. A destination host can throttle unwanted traffic by not returning the feedback to the source host.</p><p>We have implemented prototypes of Passport and NetFence in both ns-2 simulator and Linux. We have also implement a prototype of Passport on a NetFPGA board. Our evaluation of the prototypes as well as our security and theoretical analysis demonstrate that both Passport and NetFence are practical for high-speed router implementation and could mitigate a wider range of attacks in a more scalable way compared to previous work.</p> / Dissertation
6

Intrusion Detection on Distributed Attacks

Cheng, Wei-Cheng 29 July 2003 (has links)
The number of significant security incidents tends to increase day by day in recent years. The distributed denial of service attacks and worm attacks extensively influence the network and cause serious damages. In the thesis, we analyze these two critical distributed attacks. We propose an intrusion detection approach against this kind of attacks and implement an attack detection system based on the approach. We use anomaly detection of intrusion detecting techniques and observed the anomalous distribution of packet fields to perform the detection. The proposed approach records the characteristics of normal traffic volumes so that to make detections more flexible and more precise. Finally, we evaluated our approach by experiments.
7

Web-based Botnet Detection Based on Flow Information

Tsai, Yu-Chou 08 September 2009 (has links)
Botnet is a combination of Cyber Attack, infection, and dissemination. Cross the Internet, the infected hosts might launch DDoS (Distributed Denial-of-Service) Attack, become a proxy sending SPAM according to commands from botmasters via some public services such as IRC, P2P or Web (HTTP) protocol. Among these command and control channel, Web-based Botnet is much difficult to detect because the command and control messages of Web-based Botnet are spread through HTTP protocol and hide behind normal Flows. In this research, we focus on analysis and detection of Web-based Botnet, detection by features - Timeslot, calculation of NetFlow, B2S(Bot to Server) and S2B(Server to Bot) of Web-based Botnet. The experimental result shows the proposed approach which uses the features mention above is good in many different topology designs. In addition, we also got nice detection rate in real network design.
8

DDoS : -Vad är det och går det att skydda sig?

Eriksson, Tomas, Joelsson, Hans January 2006 (has links)
<p>This paper will expose the serious phenonomen Distributed Denial of Service (DDoS). Businesses without a good security policy are easy targets for attackers. We will cover why its hard to protect yourself, present previous attacks and ways for individuals and businesses to secure themselves. We have based our paper on previous cases and done intervjues with companies who specialize in dealing with these kind of threats. Then come up with guidelines wich will be helpful for businesses when they want to strengthen there security against Distributed Denial of Service-attacks.</p> / <p>Detta arbete upplyser om hur allvarligt fenomenet Distributed Denial of Service (DDoS) är. Företag utan ett väl fungerande säkerhetstänkande kan råka riktigt illa ut vid en DDoS-attack. Vi kommer att berätta om problemet och ta upp tidigare attacker samt förslag på åtgärder för att öka säkerheten för både privatpersoner och företag. Vi kommer att utgå från tidigare Case om DDoS och intervjua säkerhetsföretag för att kunna framställa en skyddsstrategi. Därmed hoppas vi att vår uppsats kommer att vara till hjälp för företag som står inför valet att öka säkerheten mot Distributed Denial of Service.</p>
9

Packet Simulation of Distributed Denial of Service (DDoS) Attack and Recovery

Khanal, Sandarva, Lynton, Ciara 10 1900 (has links)
ITC/USA 2013 Conference Proceedings / The Forty-Ninth Annual International Telemetering Conference and Technical Exhibition / October 21-24, 2013 / Bally's Hotel & Convention Center, Las Vegas, NV / Distributed Denial of Service (DDoS) attacks have been gaining popularity in recent years. Most research developed to defend against DDoS attacks have focused on analytical studies. However, because of the inherent nature of a DDoS attack and the scale of a network involved in the attack, analytical simulations are not always the best way to study DDoS attacks. Moreover, because DDoS attacks are considered illicit, performing real attacks to study their defense mechanisms is not an alternative. For this reason, using packet/network simulators, such as OPNET Modeler, is the best option for research purposes. Detection of an ongoing DDoS attack, as well as simulation of a defense mechanism against the attack, is beyond the scope of this paper. However, this paper includes design recommendations to simulate an effective defense strategy to mitigate DDoS attacks. Finally, this paper introduces network links failure during simulation in an attempt to demonstrate how the network recovers during and following an attack.
10

DDoS detection based on traffic self-similarity

Brignoli, Delio January 2008 (has links)
Distributed denial of service attacks (or DDoS) are a common occurrence on the internet and are becoming more intense as the bot-nets, used to launch them, grow bigger. Preventing or stopping DDoS is not possible without radically changing the internet infrastructure; various DDoS mitigation techniques have been devised with different degrees of success. All mitigation techniques share the need for a DDoS detection mechanism. DDoS detection based on traffic self-similarity estimation is a relatively new approach which is built on the notion that undis- turbed network traffic displays fractal like properties. These fractal like properties are known to degrade in presence of abnormal traffic conditions like DDoS. Detection is possible by observing the changes in the level of self-similarity in the traffic flow at the target of the attack. Existing literature assumes that DDoS traffic lacks the self-similar properties of undisturbed traffic. We show how existing bot- nets could be used to generate a self-similar traffic flow and thus break such assumptions. We then study the implications of self-similar attack traffic on DDoS detection. We find that, even when DDoS traffic is self-similar, detection is still possible. We also find that the traffic flow resulting from the superimposition of DDoS flow and legitimate traffic flow possesses a level of self-similarity that depends non-linearly on both relative traffic intensity and on the difference in self-similarity between the two incoming flows.

Page generated in 0.1663 seconds