Modelling client puzzles and denial-of-service resistant protocols

Denial-of-service (DoS) attacks are a growing concern to networked services like the Internet. In recent years, major Internet e-commerce and government sites have been disabled due to various DoS attacks. A common form of DoS attack is a resource depletion attack, in which an attacker tries to overload the server's resources, such as memory or computational power, rendering the server unable to service honest clients. A promising way to deal with this problem is for a defending server to identify and segregate malicious traffic as earlier as possible. Client puzzles, also known as proofs of work, have been shown to be a promising tool to thwart DoS attacks in network protocols, particularly in authentication protocols. In this thesis, we design efficient client puzzles and propose a stronger security model to analyse client puzzles. We revisit a few key establishment protocols to analyse their DoS resilient properties and strengthen them using existing and novel techniques. Our contributions in the thesis are manifold. We propose an efficient client puzzle that enjoys its security in the standard model under new computational assumptions. Assuming the presence of powerful DoS attackers, we find a weakness in the most recent security model proposed to analyse client puzzles and this study leads us to introduce a better security model for analysing client puzzles. We demonstrate the utility of our new security definitions by including two hash based stronger client puzzles. We also show that using stronger client puzzles any protocol can be converted into a provably secure DoS resilient key exchange protocol. In other contributions, we analyse DoS resilient properties of network protocols such as Just Fast Keying (JFK) and Transport Layer Security (TLS). In the JFK protocol, we identify a new DoS attack by applying Meadows' cost based framework to analyse DoS resilient properties. We also prove that the original security claim of JFK does not hold. Then we combine an existing technique to reduce the server cost and prove that the new variant of JFK achieves perfect forward secrecy (the property not achieved by original JFK protocol) and secure under the original security assumptions of JFK. Finally, we introduce a novel cost shifting technique which reduces the computation cost of the server significantly and employ the technique in the most important network protocol, TLS, to analyse the security of the resultant protocol. We also observe that the cost shifting technique can be incorporated in any Diffine{Hellman based key exchange protocol to reduce the Diffie{Hellman exponential cost of a party by one multiplication and one addition.

Confronting the conspiracy of silence and denial of difference for late discovery adoptive persons and donor conceived people

This article outlines the impact that a conspiracy of silence and denial of difference has had on some adopted and donor conceived persons who have been lied to or misled about their origins. Factors discussed include deceit - expressed as a central secret which undermines the fabric of a family and through distortion mystifies communication processes; the shock of discovery - often revealed accidentally and the associated sense of betrayal when this occurs; and a series of losses, for example, kinship, medical history, culture and agency which result in having to rebuild personal identity. By providing those affected with a voice, validation and vindication healing can begin. Any feelings of disregard, of betrayal of trust, of anger, frustration, sorrow or loss, need to be regarded as real, expected, and above all, a valid reaction to what has occurred. The author is a 'late discoverer' of her adoption and draws on the information from her doctoral research on the same topic which was completed in 2012.

Detecting distributed Denial-of-Service attacks and Flash Events

This thesis investigates and develops techniques for accurately detecting Internet-based Distributed Denial-of-Service (DDoS) Attacks where an adversary harnesses the power of thousands of compromised machines to disrupt the normal operations of a Web-service provider, resulting in significant down-time and financial losses. This thesis also develops methods to differentiate these attacks from similar-looking benign surges in web-traffic known as Flash Events (FEs). This thesis also addresses an intrinsic challenge in research associated with DDoS attacks, namely, the extreme scarcity of public domain datasets (due to legal and privacy issues) by developing techniques to realistically emulate DDoS attack and FE traffic.

Denial predicts outcome in anxiety following group cognitive behavioral therapy

This study aimed to explore whether participants' pretherapy coping strategies predicted the outcome of group cognitive behavioral therapy (CBT) for anxiety and depression. It was hypothesized that adaptive coping strategies such as the use of active planning and acceptance would be associated with higher reductions, whereas maladaptive coping strategies such as denial and disengagement would be associated with lower reductions in anxious and depressed symptoms following psychotherapy. There were 144 participants who completed group CBT for anxiety and depression. Measures of coping strategies were administered prior to therapy, whereas measures of depression and anxiety were completed both prior to and following therapy. The results showed that higher levels of denial were associated with a poorer outcome, in terms of change in anxiety but not depression, following therapy. These findings suggest the usefulness of using the Denial subscale from the revised Coping Orientation to Problems Experienced (COPE) as a predictor of outcome in group CBT for anxiety.

A framework for generating realistic traffic for distributed denial-of-service attacks and flash events

An intrinsic challenge associated with evaluating proposed techniques for detecting Distributed Denial-of-Service (DDoS) attacks and distinguishing them from Flash Events (FEs) is the extreme scarcity of publicly available real-word traffic traces. Those available are either heavily anonymised or too old to accurately reflect the current trends in DDoS attacks and FEs. This paper proposes a traffic generation and testbed framework for synthetically generating different types of realistic DDoS attacks, FEs and other benign traffic traces, and monitoring their effects on the target. Using only modest hardware resources, the proposed framework, consisting of a customised software traffic generator, ‘Botloader’, is capable of generating a configurable mix of two-way traffic, for emulating either large-scale DDoS attacks, FEs or benign traffic traces that are experimentally reproducible. Botloader uses IP-aliasing, a well-known technique available on most computing platforms, to create thousands of interactive UDP/TCP endpoints on a single computer, each bound to a unique IP-address, to emulate large numbers of simultaneous attackers or benign clients.

Denial, Silence and the Politics of the Past: Unpicking the Opposition to Truth Recovery in Northern Ireland

There has been considerable and protracted debate on whether a formal truth recovery process should be established in Northern Ireland. Some of the strongest opposition to the creation of such a body has been from unionist political elites and the security forces. Based on qualitative fieldwork, this article argues that the dynamics of denial and silence have been instrumental in shaping their concerns. It explores how questions of memory, identity and denial have created a ‘myth of blamelessness’ in unionist discourse that is at odds with the reasons for a truth process being established. It also examines how three interlocking manifestations of silence – ‘silence as passivity,’ ‘silence as loyalty’ and ‘silence as pragmatism’ – have furthered unionists’ opposition to dealing with the past. This article argues that making peace with the past requires an active deconstruction of these practices.