71 resultados para denial
Resumo:
Denial-of-service (DoS) attacks are a growing concern to networked services like the Internet. In recent years, major Internet e-commerce and government sites have been disabled due to various DoS attacks. A common form of DoS attack is a resource depletion attack, in which an attacker tries to overload the server's resources, such as memory or computational power, rendering the server unable to service honest clients. A promising way to deal with this problem is for a defending server to identify and segregate malicious traffic as earlier as possible. Client puzzles, also known as proofs of work, have been shown to be a promising tool to thwart DoS attacks in network protocols, particularly in authentication protocols. In this thesis, we design efficient client puzzles and propose a stronger security model to analyse client puzzles. We revisit a few key establishment protocols to analyse their DoS resilient properties and strengthen them using existing and novel techniques. Our contributions in the thesis are manifold. We propose an efficient client puzzle that enjoys its security in the standard model under new computational assumptions. Assuming the presence of powerful DoS attackers, we find a weakness in the most recent security model proposed to analyse client puzzles and this study leads us to introduce a better security model for analysing client puzzles. We demonstrate the utility of our new security definitions by including two hash based stronger client puzzles. We also show that using stronger client puzzles any protocol can be converted into a provably secure DoS resilient key exchange protocol. In other contributions, we analyse DoS resilient properties of network protocols such as Just Fast Keying (JFK) and Transport Layer Security (TLS). In the JFK protocol, we identify a new DoS attack by applying Meadows' cost based framework to analyse DoS resilient properties. We also prove that the original security claim of JFK does not hold. Then we combine an existing technique to reduce the server cost and prove that the new variant of JFK achieves perfect forward secrecy (the property not achieved by original JFK protocol) and secure under the original security assumptions of JFK. Finally, we introduce a novel cost shifting technique which reduces the computation cost of the server significantly and employ the technique in the most important network protocol, TLS, to analyse the security of the resultant protocol. We also observe that the cost shifting technique can be incorporated in any Diffine{Hellman based key exchange protocol to reduce the Diffie{Hellman exponential cost of a party by one multiplication and one addition.
Resumo:
This article outlines the impact that a conspiracy of silence and denial of difference has had on some adopted and donor conceived persons who have been lied to or misled about their origins. Factors discussed include deceit - expressed as a central secret which undermines the fabric of a family and through distortion mystifies communication processes; the shock of discovery - often revealed accidentally and the associated sense of betrayal when this occurs; and a series of losses, for example, kinship, medical history, culture and agency which result in having to rebuild personal identity. By providing those affected with a voice, validation and vindication healing can begin. Any feelings of disregard, of betrayal of trust, of anger, frustration, sorrow or loss, need to be regarded as real, expected, and above all, a valid reaction to what has occurred. The author is a 'late discoverer' of her adoption and draws on the information from her doctoral research on the same topic which was completed in 2012.
Resumo:
This thesis investigates and develops techniques for accurately detecting Internet-based Distributed Denial-of-Service (DDoS) Attacks where an adversary harnesses the power of thousands of compromised machines to disrupt the normal operations of a Web-service provider, resulting in significant down-time and financial losses. This thesis also develops methods to differentiate these attacks from similar-looking benign surges in web-traffic known as Flash Events (FEs). This thesis also addresses an intrinsic challenge in research associated with DDoS attacks, namely, the extreme scarcity of public domain datasets (due to legal and privacy issues) by developing techniques to realistically emulate DDoS attack and FE traffic.
Resumo:
This study aimed to explore whether participants' pretherapy coping strategies predicted the outcome of group cognitive behavioral therapy (CBT) for anxiety and depression. It was hypothesized that adaptive coping strategies such as the use of active planning and acceptance would be associated with higher reductions, whereas maladaptive coping strategies such as denial and disengagement would be associated with lower reductions in anxious and depressed symptoms following psychotherapy. There were 144 participants who completed group CBT for anxiety and depression. Measures of coping strategies were administered prior to therapy, whereas measures of depression and anxiety were completed both prior to and following therapy. The results showed that higher levels of denial were associated with a poorer outcome, in terms of change in anxiety but not depression, following therapy. These findings suggest the usefulness of using the Denial subscale from the revised Coping Orientation to Problems Experienced (COPE) as a predictor of outcome in group CBT for anxiety.
Resumo:
An intrinsic challenge associated with evaluating proposed techniques for detecting Distributed Denial-of-Service (DDoS) attacks and distinguishing them from Flash Events (FEs) is the extreme scarcity of publicly available real-word traffic traces. Those available are either heavily anonymised or too old to accurately reflect the current trends in DDoS attacks and FEs. This paper proposes a traffic generation and testbed framework for synthetically generating different types of realistic DDoS attacks, FEs and other benign traffic traces, and monitoring their effects on the target. Using only modest hardware resources, the proposed framework, consisting of a customised software traffic generator, ‘Botloader’, is capable of generating a configurable mix of two-way traffic, for emulating either large-scale DDoS attacks, FEs or benign traffic traces that are experimentally reproducible. Botloader uses IP-aliasing, a well-known technique available on most computing platforms, to create thousands of interactive UDP/TCP endpoints on a single computer, each bound to a unique IP-address, to emulate large numbers of simultaneous attackers or benign clients.
Resumo:
The arrival of the colonists, the invasion of Aboriginal lands and the subsequent colonization of Australia had a disastrous effect on Aboriginal women, including on-going dispossession and disempowerment. Aboriginal women’s lives and gendered realities were forever changed in most communities. The system of colonization deprived Aboriginal women of land and personal autonomy and restricted the economic, political, social, spiritual and ceremonial domains that had existed prior to colonization. It also involved the implementation of overriding patriarchal systems. This is why Aboriginal women may find understanding within the women’s movement and why feminism might offer them a source of analysis. There are some connections in the various forms of social oppression, which give women connection and a sharing on some issues. However, imperialism and colonialism are also part of the women’s movement and feminism. This essay demonstrates why attempts to engage with feminism and to be included in women-centred activities might result in the denial and sidelining of Aboriginal sovereignty and further oppression and marginalisation of Aboriginal women. Moreover, strategies employed by non-Indigenous feminists can result in the maintenance of white women’s values and privileges within the dominant patriarchal white society. By engaging in these strategies feminists can also act in direct opposition to Aboriginal sovereignty and Aboriginal women. This essay states clearly that women who do not express positions or opinions in outright support of these activities still benefit from their position by proxy and contribute to the cultural dominance of non-Indigenous women. I argue that Aboriginal women need to define what empowerment might mean to themselves, and I suggest re-empowerment as an act of Aboriginal women’s healing and resistance to the on-going processes and impacts of colonization.
Resumo:
Today’s evolving networks are experiencing a large number of different attacks ranging from system break-ins, infection from automatic attack tools such as worms, viruses, trojan horses and denial of service (DoS). One important aspect of such attacks is that they are often indiscriminate and target Internet addresses without regard to whether they are bona fide allocated or not. Due to the absence of any advertised host services the traffic observed on unused IP addresses is by definition unsolicited and likely to be either opportunistic or malicious. The analysis of large repositories of such traffic can be used to extract useful information about both ongoing and new attack patterns and unearth unusual attack behaviors. However, such an analysis is difficult due to the size and nature of the collected traffic on unused address spaces. In this dissertation, we present a network traffic analysis technique which uses traffic collected from unused address spaces and relies on the statistical properties of the collected traffic, in order to accurately and quickly detect new and ongoing network anomalies. Detection of network anomalies is based on the concept that an anomalous activity usually transforms the network parameters in such a way that their statistical properties no longer remain constant, resulting in abrupt changes. In this dissertation, we use sequential analysis techniques to identify changes in the behavior of network traffic targeting unused address spaces to unveil both ongoing and new attack patterns. Specifically, we have developed a dynamic sliding window based non-parametric cumulative sum change detection techniques for identification of changes in network traffic. Furthermore we have introduced dynamic thresholds to detect changes in network traffic behavior and also detect when a particular change has ended. Experimental results are presented that demonstrate the operational effectiveness and efficiency of the proposed approach, using both synthetically generated datasets and real network traces collected from a dedicated block of unused IP addresses.
Resumo:
High-rate flooding attacks (aka Distributed Denial of Service or DDoS attacks) continue to constitute a pernicious threat within the Internet domain. In this work we demonstrate how using packet source IP addresses coupled with a change-point analysis of the rate of arrival of new IP addresses may be sufficient to detect the onset of a high-rate flooding attack. Importantly, minimizing the number of features to be examined, directly addresses the issue of scalability of the detection process to higher network speeds. Using a proof of concept implementation we have shown how pre-onset IP addresses can be efficiently represented using a bit vector and used to modify a “white list” filter in a firewall as part of the mitigation strategy.
Resumo:
Since the launch of the ‘Clean Delhi, Green Delhi’ campaign in 2003, slums have become a significant social and political issue in India’s capital city. Through this campaign, the state, in collaboration with Delhi’s middle class through the ‘Bhagidari system’ (literally translated as ‘participatory system’), aims to transform Delhi into a ‘world-class city’ that offers a sanitised, aesthetically appealing urban experience to its citizens and Western visitors. In 2007, Delhi won the bid to host the 2010 Commonwealth Games; since then, this agenda has acquired an urgent, almost violent, impetus to transform Delhi into an environmentally friendly, aesthetically appealing and ‘truly international city’. Slums and slum-dwellers, with their ‘filth, dirt, and noise’, have no place in this imagined city. The violence inflicted upon slum-dwellers, including the denial of their judicial rights, is justified on these accounts. In addition, the juridical discourse since 2000 has ‘re-problematised slums as ‘nuisance’. The rising antagonism of the middle-classes against the poor, supported by the state’s ambition to have a ‘world-class city’, has allowed a new rhetoric to situate the slums in the city. These representations articulate slums as homogenised spaces of experience and identity. The ‘illegal’ status of slum-dwellers, as encroachers upon public space, is stretched to involve ‘social, cultural, and moral’ decadence and depravity. This thesis is an ethnographic exploration of everyday life in a prominent slum settlement in Delhi. It sensually examines the social, cultural and political materiality of slums, and the relationship of slums with the middle class. In doing so, it highlights the politics of sensorial ordering of slums as ‘filthy, dirty, and noisy’ by the middle classes to calcify their position as ‘others’ in order to further segregate, exclude and discriminate the slums. The ethnographic experience in the slums, however, highlights a complex sensorial ordering and politics of its own. Not only are the interactions between diverse communities in slums highly restricted and sensually ordained, but the middle class is identified as a sensual ‘other’, and its sensual practices prohibited. This is significant in two ways. First, it highlights the multiplicity of social, cultural experience and engagement in the slums, thereby challenging its homogenised representation. Second, the ethnographic exploration allowed me to frame a distinct sense of self amongst the slums, which is denied in mainstream discourses, and allowed me to identify the slums’ own ’others’, middle class being one of them. This thesis highlights sound – its production, performances and articulations – as an act with social, cultural, and political implications and manifestations. ‘Noise’ can be understood as a political construct to identify ‘others’ – and both slum-dwellers and the middle classes identify different sonic practices as noise to situate the ‘other’ sonically. It is within this context that this thesis frames the position of Listener and Hearer, which corresponds to their social-political positions. These positions can be, and are, resisted and circumvented through sonic practices. For instance, amplification tactics in the Karimnagar slums, which are understood as ‘uncultured, callous activities to just create more noise’ by the slums’ middle-class neighbours, also serve definite purposes in shaping and navigating the space through the slums’ soundscapes, asserting a presence that is otherwise denied. Such tactics allow the residents to define their sonic territories and scope of sonic performances; they are significant in terms of exerting one’s position, territory and identity, and they are very important in subverting hierarchies. The residents of the Karimnagar slums have to negotiate many social, cultural, moral and political prejudices in their everyday lives. Their identity is constantly under scrutiny and threat. However, the sonic cultures and practices in the Karimnagar slums allow their residents to exert a definite sonic presence – which the middle class has to hear. The articulation of noise and silence is an act manifesting, referencing and resisting social, cultural, and political power and hierarchies.
