Abstract/Details

Mitigation and traceback countermeasures for DoS attacks


2005 2005

Other formats: Order a copy

Abstract (summary)

Denial of service (DoS) attacks impose an imminent threat to the availability of Internet services. The alarming increase of such attacks coupled with the emergence of sophisticated DoS attack techniques, call for efficient defense mechanisms to counter these attacks. Although there has been ongoing research in this area—focusing on DoS prevention, mitigation, and traceback—the existing countermeasures lack in several qualitative and quantitative metrics. In this context, this dissertation makes two key contributions in the design and analysis of efficient, scalable schemes for DoS mitigation and traceback.

First, efficient perimeter mitigation schemes based on novel concepts, such as “protocol-determinism” and “victim-assistance” are proposed. The proposed schemes enable ISP edge routers to perform timely mitigation of both end-host and network exhaustion attacks. The proposed mitigation schemes have been evaluated through analytical studies for classical and advanced attacks quantifying security metrics, such as false positive and false negative rates, and performance metrics, such as effective attack rate and connection establishment latency increase. Our analysis shows that the proposed schemes offer very low false positive and false negative rates, and reduce attacker's effective attack rate significantly with an acceptable increase in connection establishment latency.

Second, hybrid IP traceback schemes that integrate the concepts of packet marking and packet logging in a novel manner are proposed. The goal is to achieve a drastic reduction in the number of attack packets required to conduct the traceback process. The proposed traceback schemes have been evaluated through a combination of analytical and simulation studies quantifying performance metrics, such as number of attack packets, storage overhead, and attack localization distance. Our studies show that the proposed traceback schemes are superior in comparison to the well known PPM scheme.

This dissertation opens up several directions for future research which includes (1) designing efficient mitigation schemes in the context of inter-domain network, (2) designing efficient mitigation schemes that employ traceback, and (3) designing a comprehensive DoS defense mechanism that integrates DoS prevention, mitigation, and traceback in an efficient manner.

Indexing (details)


Subject
Computer science
Classification
0984: Computer science
Identifier / keyword
Applied sciences; Denial-of-service; IP traceback; Mitigation; Traceback countermeasures
Title
Mitigation and traceback countermeasures for DoS attacks
Author
Al-Duwairi, Basheer Nayef
Number of pages
146
Publication year
2005
Degree date
2005
School code
0097
Source
DAI-B 66/04, Dissertation Abstracts International
Place of publication
Ann Arbor
Country of publication
United States
ISBN
9780542092305, 0542092301
Advisor
Govindarasu, Manimaran; Daniels, Thomas E.
University/institution
Iowa State University
University location
United States -- Iowa
Degree
Ph.D.
Source type
Dissertations & Theses
Language
English
Document type
Dissertation/Thesis
Dissertation/thesis number
3172196
ProQuest document ID
304992306
Copyright
Database copyright ProQuest LLC; ProQuest does not claim copyright in the individual underlying works.
Document URL
http://search.proquest.com/docview/304992306
Access the complete full text

You can get the full text of this document if it is part of your institution's ProQuest subscription.

Try one of the following:

  • Connect to ProQuest through your library network and search for the document from there.
  • Request the document from your library.
  • Go to the ProQuest login page and enter a ProQuest or My Research username / password.