Dissertations / Theses on the topic 'Distributed attacks'
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 50 dissertations / theses for your research on the topic 'Distributed attacks.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse dissertations / theses on a wide variety of disciplines and organise your bibliography correctly.
Li, Chi-Pan. "A distributed scheme to detect and defend against distributed denial of service attacks /." View Abstract or Full-Text, 2003. http://library.ust.hk/cgi/db/thesis.pl?COMP%202003%20LI.
Full textIncludes bibliographical references (leaves 102-107). Also available in electronic version. Access restricted to campus users.
Namuduri, Sarita. "Distributed Denial of Service Attacks (DDoS)- Consequences and Future." Thesis, Linköping University, Department of Electrical Engineering, 2006. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-8055.
Full textDenial of Service and the Distributed Denial of Service Attacks have recently emerged as one of the most newsworthy, if not the greatest, weaknesses of the Internet. This paper attempt to explain how they work, why they are hard to combat today, and what will need to happen if they are to be brought under control. It is divided into eight sections. The first is an overview of the current situation and also brief explanatory of the rest of the chapters being covered. The second is a detailed description of exactly how this attack works, and why it is hard to cope with today; of necessity it includes a description of how the Internet works today. The third section is totally about the different attacks in recent years and how they affected the people or the bigorganizations. The fourth section describes the short-term prospects, the tools which are used to rectify these attacks. The fifth is problems being faced with an explanatory of the percentage of attack in recent years and comparing the problems. The sixth is what can be done today to help alleviate this problem. The seventh section describes the legal actions and also legal actions that can be followed against the attack by the victim; and the eighth section describes the long-term picture, what will change to bring this class of problem under control, if not eliminate it entirely. And finally there are some appendices: a bibliography, giving references to original research work and announcements; a brief article on securing servers; and acknowledgments for the many people who helped make this paper possible.
Ramanauskaitė, Simona. "Modelling and Research of Distributed Denial of Service Attacks." Doctoral thesis, Lithuanian Academic Libraries Network (LABT), 2012. http://vddb.laba.lt/obj/LT-eLABa-0001:E.02~2012~D_20120723_105031-70003.
Full textDisertacijoje nagrinėjamos internetinės paslaugos sutrikdymo (angl. DoS – Denial of Service) atakos ir jų modeliavimo priemonės. Tai kibernetinių atakų tipas, kurių metu siekiama tam tikro tinkle veikiančio mazgo teikiamas paslaugas padaryti neprieinamas jų teisėtiems klientams. DoS atakos gali turėti daug skirtingų tipų, todėl šio darbo pagrindinis tyrimų objektas yra srautinė internetinės paslaugos sutrikdymo (angl. DDoS – Distributed Denial of Service) ataka, kuri paslaugos sutrikdymo siekia naudodama bent kelis atakuojančiuosius kompiuterius vienu metu ir kuri siekia išnaudoti visus pasirinkto tipo resursus tą paslaugą teikiančiame mazge. DDoS atakos aktualios dėl šių priežasčių: šiuo metu nėra apsaugos priemonių, leidžiančių patikimai ir užtikrintai apsisaugoti nuo jų keliamos grėsmės; jas gali sukelti net ir teisėti vartotojai, netinkamai elgdamiesi ar esant netinkamai paruoštai sistemai; internete teikiamos paslaugos vis dažniau naudojamos kasdieniniame gyvenime ir jų blokavimas ar kokybės suprastėjimas gali neigiamai paveikti kitų sistemų ar jų vartotojų darbą. Pagrindinis šios disertacijos tikslas – sukurti jungtinį DDoS atakos sėkmės tikimybės vertinimo modelį. Šis modelis leistų įvertinti kompiuterinės technikos sugebėjimą atlaikyti skirtingo tipo ir galingumo DDoS atakas, todėl galėtų būti taikomas prevencijai bei paslaugų tiekėjų kokybės vertinimui. Disertaciją sudaro įvadas, penki skyriai, rezultatų apibendrinimas, naudotos literatūros ir autoriaus publikacijų... [toliau žr. visą tekstą]
Thing, Vrizlynn Ling Ling. "Adaptive Response System for Distributed Denial-of-Service Attacks." Thesis, Imperial College London, 2008. http://hdl.handle.net/10044/1/4264.
Full textKarandikar, Sampada. "Analysis of distributed denial of service attacks and countermeasures." Connect to this title online, 2009. http://etd.lib.clemson.edu/documents/1263409912/.
Full textBhatia, Sajal. "Detecting distributed Denial-of-Service attacks and Flash Events." Thesis, Queensland University of Technology, 2013. https://eprints.qut.edu.au/62031/1/Sajal_Bhatia_Thesis.pdf.
Full textEklund, Martin, and Patrik Ståhlberg. "Distributed denial of service attacks : Protection, Mitigation, and Economic Consequences." Thesis, KTH, Radio Systems Laboratory (RS Lab), 2015. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-170924.
Full textDistributed Denial of Service (DDoS) attacker är ett problem som ständigt hotar företag, som förlitar sig till internet för centrala delar av sin verksamhet. En DDoS-attack som lyckas penetrerar ett företags nätverk kan medföra förödande skador i form av förlorade intäkter, minskad produktivitet, ökade kostnader samt skada på företagets rykte/varumärke. DDoS-attackerna är många och av olika karaktär, som attackerar olika delar av ett företags nätverk, vilket leder till att det är svårt att effektivt skydda sig mot DDoS-attacker. Det står också klart att DDoS-attacker ökar både till antalet och storleksmässigt för varje år som går. Utifrån våra egna experiment har vi kunnat bevisa att vem som helst med små medel och begränsade kunskaper kan utföra en DDoS-attack som sänker en webbsida. Ett faktum som gör att alla företag vars verksamhet är baserad på internet bör räkna med att de någon gång bli utsatta för en DDoS-attack. Utifrån våra undersökningar kan vi se att det finns en uppsjö av olika DDoS-skydd på marknaden, skydd som hanterar några problem som DDoS-attacker medför, men det finns inga kompletta skydd som kan garantera 100 % säkerhet. Utifrån tidigare forskning på området framgår det att det finns många olika sätt att skydda sig mot DDoS-attacker, t.ex. genom Software Defined Networks, Hop-Count Filtering eller Kill-bots. Våra egna tester visar på att en virtuell brandvägg kan vara ett sätt att skydda sig mot DDoS-attacker, men testerna visar också att en sådan lösning inte heller är säker då man kan förstöra åtkomsten till webbsidan genom att överbelasta brandväggen.<p> Undersökningen visar också att ett av de vanligaste motiven bakom DDoS-attacker är kriminella ändamål. Kriminella som använder DDoS-attacker för att tjäna pengar genom att erbjuda riktade DDoS-attacker mot websidor eller genom försök att utpressa till betalning med DDoS-attacker som ett hot. Vi har kommit fram till att de ekonomiska konsekvenserna av DDoS-attacker kan vara ödestigna för företag om det inte hanteras i tid. Genom våra egna beräkningar har vi visat att e-handelsföretaget CDON.com riskerar att förlora ca 36 415,90 kr per minut som en DDoS-attack pågår mot företaget. Anledningen till av vi valt att ägnad denna uppsats åt DDoS-problemet, är den skrämmande ökningen av DDoS-attacker som man kan se sker årligen. Attackerna blir flera, de ökar storleksmässigt och de blir allt mer sofistikerade. Attackerna utförs också tillsynes omotiverat i vissa fall, men också välplanerade attacker utförs för att skada företag ekonomiskt. I dagens företagsklimat är det viktigt att företaget har möjlighet att använda sig av internet för att driva verksamheten och göra det enkelt för kunder att ta del av företagets produkter/tjänster. Att företags webbsidor blir utslagen på grund av en DDoS-attacker är idag en verklighet, och en tydlig plan för att hur man ska hantera en sådan incident bör finns på plats inom företag.
Fischer, Benjamin. "Vehicular Group Membership Resilient to Malicious Attacks." Thesis, Linköpings universitet, Programvara och system, 2019. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-158086.
Full textNegi, Chandan Singh. "Using network management systems to detect Distributed Denial of Service Attacks." Thesis, Monterey, Calif. : Springfield, Va. : Naval Postgraduate School ; Available from National Technical Information Service, 2001. http://handle.dtic.mil/100.2/ADA397257.
Full textThesis advisors, Bordetsky, Alex ; Clark, Paul. "September 2001." Includes bibliographical references (p. 115-117). Also available in print.
Aditham, Santosh. "Mitigation of Insider Attacks for Data Security in Distributed Computing Environments." Scholar Commons, 2017. http://scholarcommons.usf.edu/etd/6639.
Full textVuković, Ognjen, and György Dán. "On the Security of Distributed Power System State Estimation under Targeted Attacks." KTH, Kommunikationsnät, 2013. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-122442.
Full textQC 20130522
Khanapure, Vishal. "Memory efficient distributed detection of node replication attacks in wireless sensor networks." [Gainesville, Fla.] : University of Florida, 2009. http://purl.fcla.edu/fcla/etd/UFE0025072.
Full textVenkataraman, Aravind. "802.11 Fingerprinting to Detect Wireless Stealth Attacks." Digital Archive @ GSU, 2008. http://digitalarchive.gsu.edu/cs_theses/57.
Full textKhan, Ahmed Waheed. "Towards Utilization of Distributed On-Chip Power Delivery Against EM Side-Channel Attacks." Scholar Commons, 2018. http://scholarcommons.usf.edu/etd/7178.
Full textVordos, Ioannis. "Mitigating distributed denial of service attacks with Multiprotocol Label Switching--Traffic Engineering (MPLS-TE)." Thesis, Monterey, Calif. : Naval Postgraduate School, 2009. http://edocs.nps.edu/npspubs/scholarly/theses/2009/March/09Mar%5FVordos.pdf.
Full textThesis Advisor(s): Xie, Geoffry. "March 2009." Description based on title screen as viewed on April 23, 2009. Author(s) subject terms: Traffic Engineering, Distributed Denial of Service Attacks, Sinkhole Routing, Blackhole Routing. Includes bibliographical references (p. 115-119). Also available in print.
Needels, Keith. "Detecting and recovering from overlay routing attacks in peer-to-peer distributed hash tables /." Online version of thesis, 2008. http://hdl.handle.net/1850/8800.
Full textDi, Mauro Mario. "Statistical models for the characterization, identification and mitigation of distributed attacks in data networks." Doctoral thesis, Universita degli studi di Salerno, 2018. http://hdl.handle.net/10556/3088.
Full textThe thesis focuses on statistical approaches to model, mitigate, and prevent distributed network attacks. When dealing with distributed network attacks (and, more in general, with cyber-security problems), three fundamental phases/issues emerge distinctly. The first issue concerns the threat propagation across the network, which entails an "avalanche" effect, with the number of infected nodes increasing exponentially as time elapses. The second issue regards the design of proper mitigation strategies (e.g., threat detection, attacker's identification) aimed at containing the propagation phenomenon. Finally (and this is the third issue), it is also desirable to act on the system infrastructure to grant a conservative design by adding some controlled degree of redundancy, in order to face those cases where the attacker has not been yet defeated. The contributions of the present thesis address the aforementioned relevant issues, namely, propagation, mitigation and prevention of distributed network attacks. A brief summary of the main contributions is reported below. The first contribution concerns the adoption of Kendall’s birth-and-death process as an analytical model for threat propagation. Such a model exhibits two main properties: i) it is a stochastic model (a desirable requirement to embody the complexity of real-world networks) whereas many models are purely deterministic; ii) it is able to capture the essential features of threat propagation through a few parameters with a clear physical meaning. By exploiting the remarkable properties of Kendall’s model, the exact solution for the optimal resource allocation problem (namely, the optimal mitigation policy) has been provided for both conditions of perfectly known parameters, and unknown parameters (with the latter case being solved through a Maximum-Likelihood estimator). The second contribution pertains to the formalization of a novel kind of randomized Distributed Denial of Service (DDoS) attack. In particular, a botnet (a network of malicious entities) is able to emulate some normal traffic, by picking messages from a dictionary of admissible requests. Such a model allows to quantify the botnet “learning ability”, and to ascertain the real nature of users (normal or bot) via an indicator referred to as MIR (Message Innovation Rate). Exploiting the considered model, an algorithm that allows to identify a botnet (possibly) hidden in the network has been devised. The results are then extended to the case of a multi-cluster environment, where different botnets are concurrently present in the network, and an algorithm to identify the different clusters is conceived. The third contribution concerns the formalization of the network resilience problem and the consequent design of a prevention strategy. Two statistical frameworks are proposed to model the high availability requirements of network infrastructures, namely, the Stochastic Reward Network (SRN), and the Universal Generating Function (UGF) frameworks. In particular, since in the network environment dealing with multidimensional quantities is crucial, an extension of the classic UGF framework, called Multi-dimensional UGF (MUGF), is devised. [edited by author]
XVI n.s.
McNevin, Timothy John. "Mitigating Network-Based Denial-of-Service Attacks with Client Puzzles." Thesis, Virginia Tech, 2005. http://hdl.handle.net/10919/31941.
Full textMaster of Science
Jawad, Dina, and Felicia Rosell. "Speak-up as a Resource Based Defence against Application Layer Distributed Denial-of-Service Attacks." Thesis, KTH, Skolan för datavetenskap och kommunikation (CSC), 2015. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-166597.
Full textIn recent years, the internet has endured an increase in application layer DDoS attacks. It is a growing problem that needs to be addressed. This paper presents a number of existing detection and protection methods that are used to mitigate application layer DDoS attacks. Anomaly detection is a widely explored area for defence and there have been many findings that show positive results in mitigating attacks. However, anomaly detection possesses a number of flaws, such as causing false positives and negatives. Another method that has yet to become thoroughly examined is resource based defence. This defence method has great potential as it addresses clear differences between legitimate users and attackers during a DDoS attack. One such defence method is called Speak-up and is the center of this paper. The advantages and limitations of Speak-up have been explored and the findings suggest that Speak-up has the potential to become a strong tool in defending against DDoS attacks. However, Speak-up has its limitations and may not be the best alternative during certain types of application layer DDoS attacks.
Cordeiro, Weverton Luis da Costa. "Limiting fake accounts in large-scale distributed systems through adaptive identity management." reponame:Biblioteca Digital de Teses e Dissertações da UFRGS, 2014. http://hdl.handle.net/10183/90442.
Full textOnline systems such as Facebook, Twitter, Digg, and BitTorrent communities (among various others) offer a lightweight process for obtaining identities (e.g., confirming a valid e-mail address; the actual requirements may vary depending on the system), so that users can easily join them. Such convenience comes with a price, however: with minimum effort, an attacker can obtain a horde of fake accounts (Sybil attack), and use them to either perform malicious activities (that might harm legitimate users) or obtain unfair benefits. It is extremely challenging (if not impossible) to devise a single identity management solution at the same time able to support a variety of end-users using heterogeneous devices, and suitable for a multitude of environments (e.g., large-scale distributed systems, Internet-of-Things, and Future Internet). As a consequence, the research community has focused on the design of system-specific identity management solutions, in scenarios having a well-defined set of purposes, requirements, and constraints. In this thesis, we approach the issue of fake accounts in large-scale, distributed systems. More specifically, we target systems based on the peer-to-peer paradigm and that can accommodate lightweight, long-term identity management schemes (e.g., file sharing and live streaming networks, collaborative intrusion detection systems, among others); lightweight because users should obtain identities without being required to provide “proof of identity” (e.g., passport) and/or pay taxes; and long-term because users should be able to maintain their identities (e.g., through renewal) for an indefinite period. Our main objective is to propose a framework for adaptively pricing identity requests as an approach to limit Sybil attacks. The key idea is to estimate a trust score for identity requests, calculated as a as function of the number of identities already granted in a given period, and considering their source of origin. Our approach relies on proof of work, and uses cryptographic puzzles as a resource to restrain attackers. In this thesis, we also concentrate on reshaping traditional puzzles, in order to make them “green” and “useful”. The results obtained through simulation and experimentation have shown the feasibility of using green and useful puzzles for identity management. More importantly, they have shown that profiling identity requests based on their source of origin constitutes a promising approach to tackle the dissemination of fake accounts.
Ikusan, Ademola A. "Collaboratively Detecting HTTP-based Distributed Denial of Service Attack using Software Defined Network." Wright State University / OhioLINK, 2017. http://rave.ohiolink.edu/etdc/view?acc_num=wright1515067456228498.
Full textSaw, Tee Huu. "Evaluation of a multi-agent system for simulation and analysis of distributed denial-of-service attacks." Thesis, Monterey, Calif. : Springfield, Va. : Naval Postgraduate School ; Available from National Technical Information Service, 2003. http://library.nps.navy.mil/uhtbin/hyperion-image/03Dec%5FSaw.pdf.
Full textThesis advisor(s): James B. Michael, Mikhail Auguston. Includes bibliographical references (p. 52-54). Also available online.
Yu, Xuan Hamilton John A. "A defense system on DDOS attacks in mobile ad hoc networks." Auburn, Ala., 2007. http://repo.lib.auburn.edu/2006%20Fall/Dissertations/YU_XUAN_49.pdf.
Full textMekhitarian, Araxi, and Amir Rabiee. "A simulation study of an application layer DDoS detection mechanism." Thesis, KTH, Skolan för informations- och kommunikationsteknik (ICT), 2016. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-191145.
Full textUnder de senaste åren har ökningen av Distributed Denial of Service (DDoS) attacker på applikationslagret ökat markant. På grund av detta har många frågor uppkommit om hur organisationer och företag kan skydda sig mot intrång och skador mot sina system och tjänster. Konsekvenserna av dessa attacker är många, allt från intäktsförluster för företag till stulen personlig data. Eftersom tekniken utvecklas, har DDoS attacker på applikationslagret blivit mer effektiva och det finns inte en konkret lösning för att hindra dem. Denna rapport fokuserar på de tillgängliga försvarsmekanismer och presenterar en allmän översikt över olika typer av DDoS-attacker på applikationslagret och hur de är uppbyggda. Dessutom bidrar den här rapporten med en redovisning av en simulering baserad på en av de försvarsmekanismer som nämns i rapporten, CALD. Simuleringen testade två olika attacker på applikationslagret och visar att CALD kan upptäcka och skilja mellan de två attackerna. Denna rapport kan användas som en allmän informationskälla för DDoSattacker på applikationslagret och hur man försvarar sig mot och upptäcker dessa. Vidare kan simuleringen användas som utgångspunkt på hur väl en relativt småskalig implementering av CALD kan upptäcka DDoS-attacker på applikationslagret.
Han, Kai. "Scheduling Distributed Real-Time Tasks in Unreliable and Untrustworthy Systems." Diss., Virginia Tech, 2010. http://hdl.handle.net/10919/26917.
Full textPh. D.
Nilsson, Sebastian. "The Current State of DDoS Defense." Thesis, Blekinge Tekniska Högskola, Institutionen för programvaruteknik, 2014. http://urn.kb.se/resolve?urn=urn:nbn:se:bth-3933.
Full textDevasundaram, Shanmuga Sundaram. "PERFORMANCE EVALUATION OF A TTL-BASED DYNAMIC MARKING SCHEME IN IP TRACEBACK." University of Akron / OhioLINK, 2006. http://rave.ohiolink.edu/etdc/view?acc_num=akron1164051699.
Full textKaynar, Kerem [Verfasser], Sahin [Akademischer Betreuer] Albayrak, Sahin [Gutachter] Albayrak, Alexander [Gutachter] Schill, and Albert [Gutachter] Levi. "Distributed log analysis for scenario-based detection of multi-step attacks and generation of near-optimal defense recommendations / Kerem Kaynar ; Gutachter: Sahin Albayrak, Alexander Schill, Albert Levi ; Betreuer: Sahin Albayrak." Berlin : Technische Universität Berlin, 2017. http://d-nb.info/1156178177/34.
Full textMartimiano, Taciane. "Distributed attacker." reponame:Repositório Institucional da UFSC, 2017. https://repositorio.ufsc.br/xmlui/handle/123456789/176799.
Full textMade available in DSpace on 2017-06-27T04:22:41Z (GMT). No. of bitstreams: 1 345978.pdf: 978430 bytes, checksum: e7dbdcc1dd284e84bcac339aae3f6488 (MD5) Previous issue date: 2017
Abstract : Security ceremonies are extensions of security protocols, including all that is out-of-bounds for protocols. Nowadays we lack a base description language and a detailed threat model for security ceremonies in order to be able to use symbolic evaluation methods and verify claims embedded in ceremonies. Our goal is to contribute with a syntax and detailed threat model for ceremonies description in order to establish our proposal for a new attacker type named Distributed Attacker (DA in brief). Moreover, we also developed a strategy for symbolic evaluation of our attacker model using First-Order Logic (FOL) and an automatic theorem prover. Lastly, we present scenarios formally analysed with our methodology, including cases we could not have with standard Dolev-Yao or Multi-Attacker models. For instance, our most interesting scenario is when several attackers gather only pieces of an user's credentials and, by putting together their knowledge, collude to attack this user's email account.
Protocolos de segurança são subconjuntos das chamadas cerimônias de segurança. Atualmente não se tem uma linguagem de descrição e um modelo de ameaça detalhado para cerimônias de segurança, necessários para o uso de métodos de avaliação simbólica e verificação de suposições presentes em cerimônias. O objetivo desta dissertação é contribuir com uma sintaxe para descrição de mensagens de cerimônias e apropriado modelo de ameaça a fim de estabelecer a proposta para um novo tipo de atacante (nomeado Atacante Distribuído). Adicionalmente, uma estratégia para execução de avaliação simbólica também foi desenvolvida, utilizando lógica de primeira ordem e um provador de teoremas automático. Por fim, cenários formalmente analisados com o modelo de atacante proposto são exibidos, incluindo casos não passíveis de serem simulados com modelos padrão como Dolev-Yao ou Multi-Attacker. Por exemplo, o caso mais interessante é o que apresenta vários atacantes com conhecimento apenas de partes das credenciais de um usuário, mas que ao colaborar entre si conseguem atacar a conta de email desse usuário.
Moore, Tyler Weston. "Cooperative attack and defense in distributed networks." Thesis, University of Cambridge, 2008. http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.612283.
Full textSaied, Alan. "Distributed Denial of Service (DDoS) attack detection and mitigation." Thesis, King's College London (University of London), 2015. http://kclpure.kcl.ac.uk/portal/en/theses/distributed-denial-of-service-ddos-attack-detection-and-mitigation(eaa45e51-f602-46da-a37a-75c3ae71d2db).html.
Full textKaraaslan, Ibrahim. "Anti-sensor Network: Distortion-based Distributed Attack In Wireless Sensor Networks." Master's thesis, METU, 2008. http://etd.lib.metu.edu.tr/upload/3/12609276/index.pdf.
Full textKhanal, Sandarva, and Ciara Lynton. "Packet Simulation of Distributed Denial of Service (DDoS) Attack and Recovery." International Foundation for Telemetering, 2013. http://hdl.handle.net/10150/579511.
Full textDistributed Denial of Service (DDoS) attacks have been gaining popularity in recent years. Most research developed to defend against DDoS attacks have focused on analytical studies. However, because of the inherent nature of a DDoS attack and the scale of a network involved in the attack, analytical simulations are not always the best way to study DDoS attacks. Moreover, because DDoS attacks are considered illicit, performing real attacks to study their defense mechanisms is not an alternative. For this reason, using packet/network simulators, such as OPNET Modeler, is the best option for research purposes. Detection of an ongoing DDoS attack, as well as simulation of a defense mechanism against the attack, is beyond the scope of this paper. However, this paper includes design recommendations to simulate an effective defense strategy to mitigate DDoS attacks. Finally, this paper introduces network links failure during simulation in an attempt to demonstrate how the network recovers during and following an attack.
Selliah, Sentil. "Mobile agent based attack resistant architecture for distributed intrusion detection system." Morgantown, W. Va. : [West Virginia University Libraries], 2001. http://etd.wvu.edu/templates/showETD.cfm?recnum=2060.
Full textTitle from document title page. Document formatted into pages; contains vii, 61 p. : ill. Includes abstract. Includes bibliographical references (p. 50-52).
Skog, Andersen Jonas, and Ammar Alderhally. "Denial-of-service attack : A realistic implementation of a DoS attack." Thesis, Linköpings universitet, Institutionen för datavetenskap, 2015. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-120690.
Full textLaurens, Vicky. "DDoSniffer: An attack detection tool detecting TCP-based distributed denial of service attack traffic at the agent machines." Thesis, University of Ottawa (Canada), 2006. http://hdl.handle.net/10393/27384.
Full textAndersson, Karl, and Marcus Odlander. "Detecting a Distributed Denial-of-Service Attack Using Speed Test Data: A Case Study on an Attack with Nationwide Impact." Thesis, Linköpings universitet, Institutionen för datavetenskap, 2015. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-120611.
Full textChen, Yao. "A novel marking-based detection and filtering scheme against distributed denial of service attack." Thesis, University of Ottawa (Canada), 2006. http://hdl.handle.net/10393/27117.
Full textCappelleri, Vincenzo-Maria. "Randomness, Age, Work: Ingredients for Secure Distributed Hash Tables." Doctoral thesis, Università degli studi di Padova, 2017. http://hdl.handle.net/11577/3423231.
Full textNel contesto dell’indirizzamento dinamico basato su risorse le Tabelle di Hash Distribuite (DHT) si rivelano una scelta naturale oltre che molto apprezzata. Le DHT forniscono due funzioni principali: il salvataggio di coppie (chiave, valore) e, data una chiave, la localizzazione del nodo per essa responsabile, opzionalmente unita al recupero del valore associato. La maggior parte delle DHT realizzate sono ad ogni modo vulnerabili a falle di sicurezza che espongono i nodi ed i dati salvati ad un certo numero di possibili attacchi. Tali attacchi spaziano dall’impedire il corretto instradamento sulla DHT al corrompere o rendere indisponibili i dati. Anche se le DHT sono uno standard de facto in sistemi molto diffusi (come per esempio i client di BitTorrent o per la rete KAD) la debolezza di fronte a questi attacchi potrebbe tuttavia impedirne l’adozione da parte di sistemi maggiormente incentrati sulla sicurezza, pur potendo trarre vantaggio dalla facilità di indicizzazione e pubblicazione delle DHT. Nel corso degli anni, sia da parte della comunità accademica che da parte di sviluppatori professionisti, sono state proposte molte possibili soluzioni al problema di sicurezza della DHT, spaziando da idee basate sul controllo esercitato da parte di Autorità Centrali a meccanismi basati sulle social network. Le proposte sono spesso personalizzate per specifiche realizzazioni delle DHT o, spesso, cercano semplicemente di mitigare senza eliminare la possibilità di azioni ostili verso i nodi o le risorse. Inoltre le soluzioni proposte spesso dimostrano di essere seriamente limitate o basate su assunzioni piuttosto forti relativamente alla rete di riferimento. In questo lavoro, dopo aver fornito un’utile e generica astrazione del protocollo e delle infrastrutture di una DHT, presentiamo due nuove primitive. Estendiamo la “normale” funzione di proof-of-work facendo si che offra anche una “prova d’età” (ossia, informalmente, permette di provare che un nodo sia sufficientemente “anziano”) ed una primitiva che permetta l’accesso ad un seme randomico distribuito. Utilizzando queste due nuove primitive ed integrandole nell’astrazione basilare otteniamo una DHT “migliorata”, resistente a molti degi comuni attacchi inferti a questi sistemi. Inoltre mostreremo come un sistema basato sulle Block Chain – una collezione di “blocchi di dati” protetta contro la contraffazione – possa fornire una possibile fondazione per la nostra DHT migliorata. Infine abbiamo realizzato un software prototipo che realizza una DHT sicura basata sul sistema Kademlia. Utilizzando questo software abbiamo condotto degli esperimenti, dimostrando come questo sistema sia utilizzabile in pratica nonostante il lavoro addizionale richiesto dai nodi. Concludendo questo lavoro forniamo il seguente contributo: descriviamo un nuovo insieme di primitive per ottenere una DHT sicura (adattabile ad ogni sistema conforme alla nostra definizione di DHT), proponiamo un’architettura concreta per ottenere una DHT migliorata, ed annunciamo una versione prototipale e funzionante di questo sistema.
Chan, Yik-Kwan Eric, and 陳奕鈞. "Investigation of a router-based approach to defense against Distributed Denial-of-Service (DDoS) attack." Thesis, The University of Hong Kong (Pokfulam, Hong Kong), 2004. http://hub.hku.hk/bib/B30173309.
Full textDing, Sze Yi. "On Distributed Strategies in Defense of a High Value Unit (HVU) Against a Swarm Attack." Thesis, Monterey, California. Naval Postgraduate School, 2012. http://hdl.handle.net/10945/17356.
Full textSwarm attacks are of great concern to the U.S. Navy as well as to navies around the world and commercial ships transiting through waters with high volume of marine traffic. A large group of hostile ships can hide themselves among various other small ships, like pleasure crafts, fishing boats and transport vessels, and can make a coordinated attack against a High Value Unit (HVU) while it passes by. The HVU can easily be overwhelmed by the numbers and sustain heavy damage or risk being taken over. The objective of this thesis is to develop heuristic algorithms that multiple defenders can use to intercept and stop the advances of multiple attackers. The attackers are in much larger numbers compared to the defenders, and are moving in on a slow moving HVU. Pursuit guidance laws and proportional navigation (PN) guidance laws, commonly used in missile guidance strategies, are modified to be used by the defenders to try intercepting attackers that outnumber them. Another objective is to evaluate the effectiveness of the heuristic algorithms in defending the HVU against the swarm attack. The probability that the HVU survives the swarm attack will be used as a measure of effectiveness of the algorithms. The impact of various parameters, like the number of defenders and the speed of defenders, on the effectiveness of the algorithms are also evaluated.
Sung, Minho. "Scalable and efficient distributed algorithms for defending against malicious Internet activity." Diss., Available online, Georgia Institute of Technology, 2006, 2006. http://etd.gatech.edu/theses/available/etd-07172006-134741/.
Full textXu, Jun, Committee Chair ; Ahamad, Mustaque, Committee Member ; Ammar, Mostafa, Committee Member ; Bing, Benny, Committee Member ; Zegura, Ellen, Committee Member.
Vašek, Jiří. "Distribuovaný systém kryptoanalýzy." Master's thesis, Vysoké učení technické v Brně. Fakulta elektrotechniky a komunikačních technologií, 2012. http://www.nusl.cz/ntk/nusl-219474.
Full textThames, John Lane. "Advancing cyber security with a semantic path merger packet classification algorithm." Diss., Georgia Institute of Technology, 2012. http://hdl.handle.net/1853/45872.
Full textBuček, Hynek. "Generátor síťových útoků." Master's thesis, Vysoké učení technické v Brně. Fakulta informačních technologií, 2013. http://www.nusl.cz/ntk/nusl-236362.
Full textMorais, Anderson. "Distributed and cooperative intrusion detection in wireless mesh networks." Phd thesis, Institut National des Télécommunications, 2012. http://tel.archives-ouvertes.fr/tel-00789724.
Full textBolvanský, Dávid. "Lámání hesel pomocí algoritmu PRINCE v systému Fitcrack." Master's thesis, Vysoké učení technické v Brně. Fakulta informačních technologií, 2020. http://www.nusl.cz/ntk/nusl-433602.
Full textCholez, Thibault. "Supervision des réseaux pair à pair structurés appliquée à la sécurité des contenus." Phd thesis, Université Henri Poincaré - Nancy I, 2011. http://tel.archives-ouvertes.fr/tel-00608907.
Full textDamour, Gabriel. "Information-Theoretic Framework for Network Anomaly Detection: Enabling online application of statistical learning models to high-speed traffic." Thesis, KTH, Matematisk statistik, 2019. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-252560.
Full textI takt med att antalet cyberattacker växer snabbt blir det alltmer viktigt för våra digitaliserade ekonomier att skydda uppkopplade verksamheter från nätverksintrång. Maskininlärning (ML) porträtteras som ett kraftfullt alternativ till konventionella regelbaserade lösningar och dess anmärkningsvärda framgångar bådar för en ny generation detekteringssytem mot intrång (IDS). Trots denna utveckling, bygger många IDS:er fortfarande på signaturbaserade metoder, vilket förklaras av de stora svagheter som präglar många ML-baserade lösningar. I detta arbete utgår vi från en granskning av nuvarande forskning kring tillämpningen av ML för intrångsdetektering, med fokus på de nödvändiga steg som omger modellernas implementation inom IDS. Genom att sätta upp ett ramverk för hur variabler konstrueras och identifiering av attackkällor (ASI) utförs i olika lösningar, kan vi identifiera de flaskhalsar och begränsningar som förhindrar deras praktiska implementation. Särskild vikt läggs vid analysen av de populära flödesbaserade modellerna, vars resurskrävande bearbetning av rådata leder till signifikant tidsfördröjning, vilket omöjliggör deras användning i realtidssystem. För att bemöta dessa svagheter föreslår vi ett nytt ramverk -- det informationsteoretiska ramverket för detektering av nätverksanomalier (ITF-NAD) -- vars syfte är att möjliggöra direktanslutning av ML-modeller över nätverkslänkar med höghastighetstrafik, samt tillhandahåller en metod för identifiering av de bakomliggande källorna till attacken. Ramverket bygger på modern entropiestimeringsteknik, designad för att tillämpas över dataströmmar, samt en ASI-metod inspirerad av entropibaserad detektering av avvikande punkter i kategoriska rum. Utöver detta presenteras en studie av ramverkets prestanda över verklig internettrafik, vilken innehåller 5 olika typer av överbelastningsattacker (DoS) genererad från populära DDoS-verktyg, vilket i sin tur illustrerar ramverkets användning med en enkel semi-övervakad ML-modell. Resultaten visar på hög nivå av noggrannhet för detektion av samtliga attacktyper samt lovande prestanda gällande ramverkets förmåga att identifiera de bakomliggande aktörerna.
Megahed, Mohamed Helmy Mostafa. "SurvSec Security Architecture for Reliable Surveillance WSN Recovery from Base Station Failure." Thèse, Université d'Ottawa / University of Ottawa, 2014. http://hdl.handle.net/10393/31154.
Full text