The threat of malicious Internet activitiessuch as Distributed Denial of Service (DDoS) attacks, spam emailsor Internet worms/viruses has been increasing in thelast several years.The impact and frequency of these maliciousactivities are expected to grow unless they are properly addressed.In this thesis, we propose to design and evaluate a set of practical andeffective protection measures against potential maliciousactivities in current and future networks. Our research objective is twofold.First, we design the methods to defend against DDoS attacks.Our research focuses on two important issues related to DDoS attack defense mechanisms.One issue is the method to trace the sources of attacking packets, which is known asIP traceback. We propose a novel packet logging based (i.e., hash-based) tracebackscheme using only a one-bit marking field in IP header.It reduces processing and storage cost by an order of magnitude than the existinghash-based schemes, and is therefore scalable to much higher link speed (e.g., OC-768).Next, we propose an improved traceback scheme with lower storage overheadby using more marking space in IP header.Another issue in DDoS defense is to investigate protocol-independent techniques forimproving the throughput of legitimate traffic during DDoS attacks.We propose a novel technique that can effectively filter out the majority of DDoStraffic, thus improving the overall throughput of the legitimate traffic.Second, we investigate the problem of distributed network monitoring.We propose a set of novel distributed data streaming algorithmsthat allow scalable and efficient monitoring of aggregated traffic.Our algorithms target the specific network monitoring problem offinding common content in traffic traversing severalnodes/links across the Internet. These algorithms find applications innetwork-wide intrusion detection, early warning for fast propagating worms,and detection of hot objects and spam traffic.
【 预 览 】
附件列表
Files
Size
Format
View
Scalable and efficient distributed algorithms for defending against malicious Internet activity
PDF
download
878987797
028-85220240
