Title page for ETD etd-06142005-152111


Type of Document Master's Thesis
Author Nanduri, Kishori
Author's Email Address knandu1@lsu.edu
URN etd-06142005-152111
Title Scalable Schemes against Distributed Denial of Service Attacks
Degree Master of Science in Electrical Engineering (M.S.E.E.)
Department Electrical & Computer Engineering
Advisory Committee
Advisor Name Title
Ahmed A. El-Amawy Committee Chair
Arjan Durresi Committee Co-Chair
Hsiao-Chun Wu Committee Member
Keywords
  • DDoS attacks
  • traceback
Date of Defense 2005-05-18
Availability unrestricted
Abstract
Defense against Distributed Denial of Service (DDoS) attacks is one of the primary

concerns on the Internet today. DDoS attacks are difficult to prevent because of the open,

interconnected nature of the Internet and its underlying protocols, which can be used in several

ways to deny service. Attackers hide their identity by using third parties such as private chat

channels on IRC (Internet Relay Chat). They also insert false return IP address, spoofing, in a

packet which makes it difficult for the victim to determine the packet's origin.

We propose three novel and realistic traceback mechanisms which offer many advantages

over the existing schemes. All the three schemes take advantage of the Autonomous System

topology and consider the fact that the attacker's packets may traverse through a number of

domains under different administrative control. Most of the traceback mechanisms make wrong

assumptions that the network details of a company under an administrative control are disclosed

to the public. For security reasons, this is not the case most of the times.

The proposed schemes overcome this drawback by considering reconstruction at the inter

and intra AS levels. Hierarchical Internet Traceback (HIT) and Simple Traceback Mechanism

(STM) trace back to an attacker in two phases. In the first phase the attack originating

Autonomous System is identified while in the second phase the attacker within an AS is

identified. Both the schemes, HIT and STM, allow the victim to trace back to the attackers in a

few seconds. Their computational overhead is very low and they scale to large distributed attacks

with thousands of attackers. Fast Autonomous System Traceback allows complete attack path

reconstruction with few packets.

We use traceroute maps of real Internet topologies CAIDA's skitter to simulate DDoS

attacks and validate our design.

Files
  Filename       Size       Approximate Download Time (Hours:Minutes:Seconds) 
 
 28.8 Modem   56K Modem   ISDN (64 Kb)   ISDN (128 Kb)   Higher-speed Access 
  Nanduri_thesis.pdf 524.51 Kb 00:02:25 00:01:14 00:01:05 00:00:32 00:00:02

Browse All Available ETDs by ( Author | Department )

If you have more questions or technical problems, please Contact LSU-ETD Support.