Electronic Theses and Dissertations

Identifier

958

Date

2013

Date of Award

11-11-2013

Document Type

Dissertation (Access Restricted)

Degree Name

Doctor of Philosophy

Major

Computer Science

Committee Chair

Sajjan Shiva

Committee Member

Dipankar Dasgupta

Committee Member

Qishi Wu

Committee Member

Vasile Rus

Abstract

Denial of service (DoS) attacks are currently one of the biggest risks any organization connected to the Internet can face. Launched primarily by sending floods of traffic across a bottleneck network link or a target router, such attacks overwhelm the limited resources available at a victim organization. This causes a DoS for legitimate users that are behaving in a fair manner. In this dissertation we develop a series of independent defense mechanisms to mitigate and defend against such congestion-based DoS attacks. These mechanisms are categorized based on the kind of TCP/IP layer (application or network) they can be implemented in. At the application layer, we use game theoretic mechanisms to model such attacks as games played between an attacker and a defender. The widely accepted concept of Nash equilibrium is used to determine the optimal strategy for players participating in the game. These strategies can be executed by application layer tools like firewalls and/or intrusion detection systems (IDS). We build a comprehensive defense architecture called Game Inspired Defense Architecture (GIDA) using open source tools (Bro IDS, IPFW and Dummynet) and evaluate its performance on public testbeds like DeterLab. Similarly at the network layer, we develop an active queue management (AQM) technique that can be implemented by network layer tools like edge router(s). Our proposed technique provides router buffer stability and fairness among flows while defending against congestion-based DoS attacks. We compare its performance against various other prominent AQM techniques. Proposing defense mechanisms at different layers gives us the opportunity to observe the behavior of such DoS attacks from different perspectives as well as validate the applicability of various tools like firewalls, IDSs and techniques like AQM towards mitigating them is diverse real world scenarios. Our proposed defense techniques work independently towards handling congestion-based DoS attacks. One of the future directions of research can be towards building a holistic defense architecture that can use the defense mechanisms proposed in this dissertation in conjunction to handle other kinds of complex DoS attacks that target both the application and network layers of a victim’s organization simultaneously.

Comments

Data is provided by the student.

Library Comment

Dissertation or thesis originally submitted to the local University of Memphis Electronic Theses & dissertation (ETD) Repository.

Share

COinS