An aggregative approach for scalable detection of DoS attacks

Simple item page
dc.contributor.authorHamidi, Alireza
dc.contributor.supervisorGanti, Sudhakar
dc.date.accessioned2008-08-22T18:21:05Z
dc.date.available2008-08-22T18:21:05Z
dc.date.copyright2008en_US
dc.date.issued2008-08-22T18:21:05Z
dc.degree.departmentDepartment of Computer Science
dc.degree.levelMaster of Science M.Sc.en_US
dc.description.abstractIf not the most, one of the serious threats to data networks, particularly pervasive commercial networks such as Voice-over-IP (VoIP) providers is Denial-of-Service (DoS) attack. Currently, majority of solutions for these attacks focus on observing detailed server state changes due to any or some of the incoming messages. This approach however requires significant amount of server’s memory and processing time. This results in detectors not being able to scale up to the network edge points that receive millions of connections (requests) per second. To solve this problem, it is desirable to design stateless detection mechanisms. One approach is to aggregate transactions into groups. This research focuses on stateless scalable DoS intrusion detection mechanisms to obviate keeping detailed state for connections while maintaining acceptable efficiency. To this end, we adopt a two-layer aggregation scheme termed Advanced Partial Completion Filters (APCF), an intrusion detection model that defends against DoS attacks without tracking state information of each individual connection. Analytical as well as simulation analysis is performed on the proposed APCF. A simulation test bed has been implemented in OMNET++ and through simulations it is observed that APCF gained notable detection rates in terms of false positive and true positive detections, as opposed to its predecessor PCF. Although further study is needed to relate APCF adjustments to a certain network situation, this research shows invaluable gain to mitigate intrusion detection from not so scalable state-full mechanisms to aggregate scalable approach.en_US
dc.identifier.urihttp://hdl.handle.net/1828/1084
dc.languageEnglisheng
dc.language.isoenen_US
dc.rightsAvailable to the World Wide Weben_US
dc.subjectVoice over IPen_US
dc.subjectIntrusion detection systemsen_US
dc.subjectDenial of Service Attacksen_US
dc.subjectScalabilityen_US
dc.subjectPartial completion attacksen_US
dc.subject.lcshUVic Subject Index::Sciences and Engineering::Applied Sciences::Computer scienceen_US
dc.titleAn aggregative approach for scalable detection of DoS attacksen_US
dc.typeThesisen_US

Files

Original bundle
Now showing 1 - 1 of 1
Thumbnail Image
Name:
thesis_final.pdf
Size:
628.07 KB
Format:
Adobe Portable Document Format
Download
License bundle
Now showing 1 - 1 of 1
No Thumbnail Available
Name:
license.txt
Size:
1.94 KB
Format:
Item-specific license agreed upon to submission
Description:
Download

Collections

Electronic Theses and Dissertations (ETD)
 
University of Victoria Libraries

We acknowledge and respect the Lək̓ʷəŋən (Songhees and Esquimalt) Peoples on whose territory the university stands, and the Lək̓ʷəŋən and W̱SÁNEĆ Peoples whose historical relationships with the land continue to this day.