Articles via Databases
Articles via Journals
Online Catalog
E-books
Research & Information Literacy
Interlibrary loan
Theses & Dissertations
Collections
Policies
Services
About / Contact Us
Administration
Littman Architecture Library

Robert W. Van Houten Library
New Jersey Institute of Technology
323 King Blvd.
Newark, NJ 07102-1982

Phone: 973-596-3206
Fax: 973-643-5601
email: askalibrarian@njit.edu

Copyright 2012 NJIT
This site will be removed in January 2019, please change your bookmarks.
This page will redirect to https://digitalcommons.njit.edu/dissertations/914 in 5 seconds

The New Jersey Institute of Technology's
Electronic Theses & Dissertations Project

Title: On modeling and mitigating new breed of dos attacks
Author: Shevtekar, Amey Bhaskar
View Online: njit-etd2009-062
(xiv, 109 pages ~ 7.0 MB pdf)
Department: Department of Electrical and Computer Engineering
Degree: Doctor of Philosophy
Program: Computer Engineering
Document Type: Dissertation
Advisory Committee: Ansari, Nirwan (Committee chair)
Hou, Edwin (Committee member)
Rojas-Cessa, Roberto (Committee member)
Zhang, Yanchao (Committee member)
Borcea, Cristian (Committee member)
Date: 2009-05
Keywords: Low rate DOS attack
Router
Internet security
Botnets
DDOS attack
Dos attack
Availability: Unrestricted
Abstract:

Denial of Service (DoS) attacks pose serious threats to the Internet, exerting in tremendous impact on our daily lives that are heavily dependent on the good health of the Internet. This dissertation aims to achieve two objectives:1) to model new possibilities of the low rate DoS attacks; 2) to develop effective mitigation mechanisms to counter the threat from low rate DoS attacks.

A new stealthy DDoS attack model referred to as the "quiet" attack is proposed in this dissertation. The attack traffic consists of TCP traffic only. Widely used botnets in today's various attacks and newly introduced network feedback control are integral part of the quiet attack model. The quiet attack shows that short-lived TCP flows used as attack flows can be intentionally misused. This dissertation proposes another attack model referred to as the perfect storm which uses a combination of UDP and TCP. Better CAPTCHAs are highlighted as current defense against botnets to mitigate the quiet attack and the perfect storm.

A novel time domain technique is proposed that relies on the time difference between subsequent packets of each flow to detect periodicity of the low rate DoS attack flow. An attacker can easily use different IP address spoofing techniques or botnets to launch a low rate DoS attack and fool the detection system. To mitigate such a threat, this dissertation proposes a second detection algorithm that detects the sudden increase in the traffic load of all the expired flows within a short period. In a network rate DoS attacks, it is shown that the traffic load of all the expired flows is less than certain thresholds, which are derived from real Internet traffic analysis. A novel filtering scheme is proposed to drop the low rate DoS attack packets. The simulation results confirm attack mitigation by using proposed technique. Future research directions will be briefly discussed.

If you have any questions please contact the ETD Team, libetd@njit.edu.
 
ETD Information
Digital Commons @ NJIT
Theses and DIssertations
ETD Policies & Procedures
ETD FAQ's
ETD home

Request a Scan
NDLTD

NJIT's ETD project was given an ACRL/NJ Technology Innovation Honorable Mention Award in spring 2003