934 resultados para distributed denial-of-service attack
Resumo:
In this thesis we study a series of multi-user resource-sharing problems for the Internet, which involve distribution of a common resource among participants of multi-user systems (servers or networks). We study concurrently accessible resources, which for end-users may be exclusively accessible or non-exclusively. For all kinds we suggest a separate algorithm or a modification of common reputation scheme. Every algorithm or method is studied from different perspectives: optimality of protocols, selfishness of end users, fairness of the protocol for end users. On the one hand the multifaceted analysis allows us to select the most suited protocols among a set of various available ones based on trade-offs of optima criteria. On the other hand, the future Internet predictions dictate new rules for the optimality we should take into account and new properties of the networks that cannot be neglected anymore. In this thesis we have studied new protocols for such resource-sharing problems as the backoff protocol, defense mechanisms against Denial-of-Service, fairness and confidentiality for users in overlay networks. For backoff protocol we present analysis of a general backoff scheme, where an optimization is applied to a general-view backoff function. It leads to an optimality condition for backoff protocols in both slot times and continuous time models. Additionally we present an extension for the backoff scheme in order to achieve fairness for the participants in an unfair environment, such as wireless signal strengths. Finally, for the backoff algorithm we suggest a reputation scheme that deals with misbehaving nodes. For the next problem -- denial-of-service attacks, we suggest two schemes that deal with the malicious behavior for two conditions: forged identities and unspoofed identities. For the first one we suggest a novel most-knocked-first-served algorithm, while for the latter we apply a reputation mechanism in order to restrict resource access for misbehaving nodes. Finally, we study the reputation scheme for the overlays and peer-to-peer networks, where resource is not placed on a common station, but spread across the network. The theoretical analysis suggests what behavior will be selected by the end station under such a reputation mechanism.
Resumo:
Denial-of-service (DoS) attacks form a very important category of security threats that are prevalent in MIPv6 (mobile internet protocol version 6) today. Many schemes have been proposed to alleviate such threats, including one of our own [9]. However, reasoning about the correctness of such protocols is not trivial. In addition, new solutions to mitigate attacks may need to be deployed in the network on a frequent basis as and when attacks are detected, as it is practically impossible to anticipate all attacks and provide solutions in advance. This makes it necessary to validate the solutions in a timely manner before deployment in the real network. However, threshold schemes needed in group protocols make analysis complex. Model checking threshold-based group protocols that employ cryptography have not been successful so far. Here, we propose a new simulation based approach for validation using a tool called FRAMOGR that supports executable specification of group protocols that use cryptography. FRAMOGR allows one to specify attackers and track probability distributions of values or paths. We believe that infrastructure such as FRAMOGR would be required in future for validating new group based threshold protocols that may be needed for making MIPv6 more robust.
Resumo:
Hoje em dia, as ameaças são cada vez mais frequentes e sofisticadas, do que alguma vez registado. Todo o tipo de empresas/organizações e informação estão sujeitas a estas ameaças. Estes ataques são cada vez mais recorrentes, deixando para trás um rasto de várias quebras de segurança. Existem uma serie de ciberataques que já deixaram a sua marca na historia. Uma das mais notórias, foi o caso da Estónia em 2007, por um grupo pro-kremlin de Transnístria em que vários servidores governamentais, fornecedores de serviço, servidores da banca, entre outros foram alvo de uma serie de ataques, na sua maioria de DDoS (Distributed Denial of Service1),e botnets2. O seu método era tao complicado que o governo da Estónia achava que estavam a ser apoiados pelo governo russo. Isto resultou na paragem de um país ate que o problema fosse normalizado. Considerado um ato de hacktivismo3 pelo que representava algo muito importante para a população russa, um ícone, “the Bronze Soldier of Tallinn”, um elaborado cemitério da altura soviética que o governo da Estónia queria recolocar. Hoje em dia, não só enfrentamos adversários mais sofisticados, como a informação que valorizam é cada vez mais alargada. Estes grupos conseguem fazer coisas inimagináveis com os bits4 mais aparentemente inócuos de informações recolhidas. Como tal, é preciso tomar medidas para garantir a segurança dos cidadãos quando navegam no ciberespaço, no qual as fronteiras são desconhecidas, onde a regulação é insuficiente e a segurança é ainda muito precoce. No plano nacional pode-se afirmar que Portugal possui as capacidades necessárias à proteção do seu ciberespaço. Com a criação do Centro Nacional de Cibersegurança (CNCS), Portugal atingiu um dos objetivos principais da sua estratégia nacional de cibersegurança, em assegurar um ciberespaço livre e seguro e em implementar as medidas e instrumentos necessários à antecipação, deteção, reação e recuperação de situações que, face à iminência ou ocorrência de incidentes ou ciberataques, ponham em causa o funcionamento dos organismos do estado, das infraestruturas críticas e dos interesses nacionais. Partindo de uma analise à estrutura organizacional da cibersegurança em Portugal este trabalho pretende dar um contributo para o que se considera ser uma necessidade, o desenvolvimento de um quadro situacional para a cibersegurança com o objetivo de melhorar o nível de awareness nacional contribuindo assim para o desenvolvimento do modelo de maturidade do CNCS relativamente á prevenção e deteção de incidentes no ciberespaço nacional. Neste sentido foram formulados um conjunto de estudos com o objetivo de dar a entender ao leitor toda a estrutura de um centro de cibersegurança na qual se destaca a proposta de desenvolvimento de um quadro situacional para a cibersegurança em Portugal.
Resumo:
Les alertes que nos logiciels antivirus nous envoient ou encore les différents reportages diffusés dans les médias nous font prendre conscience de l'existence des menaces dans le cyberespace. Que ce soit les pourriels, les attaques par déni de service ou les virus, le cyberespace regorge de menaces qui persistent malgré les efforts qui sont déployés dans leur lutte. Est-ce que cela a à voir avec l'efficacité des politiques en place actuellement pour lutter contre ce phénomène? Pour y répondre, l'objectif général du présent mémoire est de vérifier quelles sont les politiques de prévention (lois anti-pourriel, partenariats publics-privés et démantèlements de botnets) qui influencent le plus fortement le taux de menaces informatiques détectées, tout en s'attardant également à l'effet de différents facteurs socio-économiques sur cette variable. Les données collectées par le logiciel antivirus de la compagnie ESET ont été utilisées. Les résultats suggèrent que les partenariats publics-privés offrant une assistance personnalisée aux internautes s'avèrent être la politique de prévention la plus efficace. Les démantèlements de botnets peuvent également s'avérer efficaces, mais seulement lorsque plusieurs acteurs/serveurs importants du réseau sont mis hors d'état de nuire. Le démantèlement du botnet Mariposa en est un bon exemple. Les résultats de ce mémoire suggèrent que la formule partenariats-démantèlements serait le choix le plus judicieux pour lutter contre les cybermenaces. Ces politiques de prévention possèdent toutes deux des méthodes efficaces pour lutter contre les menaces informatiques et c'est pourquoi elles devraient être mises en commun pour assurer une meilleure défense contre ce phénomène.
Resumo:
Informative website about Anonymous/LulzSec and Denial of Service attacks
Resumo:
Pós-graduação em Ciência da Computação - IBILCE
Resumo:
Internet access by wireless networks has grown considerably in recent years. However, these networks are vulnerable to security problems, especially those related to denial of service attacks. Intrusion Detection Systems(IDS)are widely used to improve network security, but comparison among the several existing approaches is not a trivial task. This paper proposes building a datasetfor evaluating IDS in wireless environments. The data were captured in a real, operating network. We conducted tests using traditional IDS and achieved great results, which showed the effectiveness of our proposed approach.
Resumo:
Pós-graduação em Engenharia Elétrica - FEIS
Resumo:
Backbone networks are responsible for long-haul data transport serving many clients with a large volume of data. Since long-haul data transport service must rely on a robust high capacity network the current technology broadly adopted by the industry is Wavelength Division Multiplexing (WDM). WDM networks enable one single ber to operate with multiple high capacity channels, drastically increasing the ber capacity. In WDM networks each channel is associated with an individual wavelength. Therefore a whole wavelength capacity is assigned to a connection, causing waste of bandwidth in case the connection bandwidth requirement is less than the channel total capacity. In the last half decade, Elastic Optical Networks (EON) have been proposed and developed based on the fexible use of the optical spectrum known as the exigrid. EONs are adaptable to clients requirements and may enhance optical networks performance. For these reasons, research community and data transport providers have been demonstrating increasingly high interest in EONs which are likely to replace WDM as the universally adopted technology in backbone networks in the near future. EONs have two characteristics that may limit its ecient resources use. The spectrum fragmentation, inherent to the dynamic EON operation, decrease the network capacity to assign resources to connection requests increasing network blocking probability. The spectrum fragmentation also intensifides the denial of service to higher rate request inducing service unfairness. Due to the fact EONs were just recently developed and proposed, the aforementioned issues were not yet extensively studied and solutions are still being proposed. Furthermore, EONs do not yet provide specific features as differentiated service mechanisms. Differentiated service strategies are important in backbone networks to guarantee client\'s diverse requirements in case of a network failure or the natural congestion and resources contention that may occur at some periods of time in a network. Impelled by the foregoing facts, this thesis objective is three-fold. By means of developing and proposing a mechanism for routing and resources assignment in EONs, we intend to provide differentiated service while decreasing fragmentation level and increasing service fairness. The mechanism proposed and explained in this thesis was tested in a EON simulation environment and performance results indicated that it promotes beneficial performance enhancements when compared to benchmark algorithms.
Resumo:
In the past few years, IRC bots, malicious programs which are remotely controlled by the attacker through IRC servers, have become a major threat to the Internet and users. These bots can be used in different malicious ways such as issuing distributed denial of services attacks to shutdown other networks and services, keystrokes logging, spamming, traffic sniffing cause serious disruption on networks and users. New bots use peer to peer (P2P) protocols start to appear as the upcoming threat to Internet security due to the fact that P2P bots do not have a centralized point to shutdown or traceback, thus making the detection of P2P bots is a real challenge. In response to these threats, we present an algorithm to detect an individual P2P bot running on a system by correlating its activities. Our evaluation shows that correlating different activities generated by P2P bots within a specified time period can detect these kind of bots.
Resumo:
Advancements in cloud computing have enabled the proliferation of distributed applications, which require management and control of multiple services. However, without an efficient mechanism for scaling services in response to changing workload conditions, such as number of connected users, application performance might suffer, leading to violations of Service Level Agreements (SLA) and possible inefficient use of hardware resources. Combining dynamic application requirements with the increased use of virtualised computing resources creates a challenging resource Management context for application and cloud-infrastructure owners. In such complex environments, business entities use SLAs as a means for specifying quantitative and qualitative requirements of services. There are several challenges in running distributed enterprise applications in cloud environments, ranging from the instantiation of service VMs in the correct order using an adequate quantity of computing resources, to adapting the number of running services in response to varying external loads, such as number of users. The application owner is interested in finding the optimum amount of computing and network resources to use for ensuring that the performance requirements of all her/his applications are met. She/he is also interested in appropriately scaling the distributed services so that application performance guarantees are maintained even under dynamic workload conditions. Similarly, the infrastructure Providers are interested in optimally provisioning the virtual resources onto the available physical infrastructure so that her/his operational costs are minimized, while maximizing the performance of tenants’ applications. Motivated by the complexities associated with the management and scaling of distributed applications, while satisfying multiple objectives (related to both consumers and providers of cloud resources), this thesis proposes a cloud resource management platform able to dynamically provision and coordinate the various lifecycle actions on both virtual and physical cloud resources using semantically enriched SLAs. The system focuses on dynamic sizing (scaling) of virtual infrastructures composed of virtual machines (VM) bounded application services. We describe several algorithms for adapting the number of VMs allocated to the distributed application in response to changing workload conditions, based on SLA-defined performance guarantees. We also present a framework for dynamic composition of scaling rules for distributed service, which used benchmark-generated application Monitoring traces. We show how these scaling rules can be combined and included into semantic SLAs for controlling allocation of services. We also provide a detailed description of the multi-objective infrastructure resource allocation problem and various approaches to satisfying this problem. We present a resource management system based on a genetic algorithm, which performs allocation of virtual resources, while considering the optimization of multiple criteria. We prove that our approach significantly outperforms reactive VM-scaling algorithms as well as heuristic-based VM-allocation approaches.
Resumo:
SAP and its research partners have been developing a lan- guage for describing details of Services from various view- points called the Unified Service Description Language (USDL). At the time of writing, version 3.0 describes technical implementation aspects of services, as well as stakeholders, pricing, lifecycle, and availability. Work is also underway to address other business and legal aspects of services. This language is designed to be used in service portfolio management, with a repository of service descriptions being available to various stakeholders in an organisation to allow for service prioritisation, development, deployment and lifecycle management. The structure of the USDL metadata is specified using an object-oriented metamodel that conforms to UML, MOF and EMF Ecore. As such it is amenable to code gener-ation for implementations of repositories that store service description instances. Although Web services toolkits can be used to make these programming language objects available as a set of Web services, the practicalities of writing dis- tributed clients against over one hundred class definitions, containing several hundred attributes, will make for very large WSDL interfaces and highly inefficient “chatty” implementations. This paper gives the high-level design for a completely model-generated repository for any version of USDL (or any other data-only metamodel), which uses the Eclipse Modelling Framework’s Java code generation, along with several open source plugins to create a robust, transactional repository running in a Java application with a relational datastore. However, the repository exposes a generated WSDL interface at a coarse granularity, suitable for distributed client code and user-interface creation. It uses heuristics to drive code generation to bridge between the Web service and EMF granularities.
Resumo:
The concept of Six Sigma was initiated in the 1980s by Motorola. Since then it has been implemented in several manufacturing and service organizations. Till now Six Sigma implementation is mostly limited to healthcare and financial services in private sector. Its implementation is now gradually picking up in services such as call center, education, construction and related engineering etc. in private as well as public sector. Through a literature review, a questionnaire survey, and multiple case study approach the paper develops a conceptual framework to facilitate widening the scope of Six Sigma implementation in service organizations. Using grounded theory methodology, this study develops theory for Six Sigma implementation in service organizations. The study involves a questionnaire survey and case studies to understand and build a conceptual framework. The survey was conducted in service organizations in Singapore and exploratory in nature. The case studies involved three service organizations which implemented Six Sigma. The objective is to explore and understand the issues highlighted by the survey and the literature. The findings confirm the inclusion of critical success factors, critical-to-quality characteristics, and set of tools and techniques as observed from the literature. In case of key performance indicator, there are different interpretations about it in literature and also by industry practitioners. Some literature explain key performance indicator as performance metrics whereas some feel it as key process input or output variables, which is similar to interpretations by practitioners of Six Sigma. The response of not relevant and unknown to us as reasons for not implementing Six Sigma shows the need for understanding specific requirements of service organizations. Though much theoretical description is available about Six Sigma, but there has been limited rigorous academic research on it. This gap is far more pronounced about Six Sigma implementation in service organizations, where the theory is not mature enough. Identifying this need, the study contributes by going through theory building exercise and developing a conceptual framework to understand the issues involving its implementation in service organizations.
