Mohamed Khattab, Sherif
(2008)
A Defense Framework Against Denial-of-Service in Computer Networks.
Doctoral Dissertation, University of Pittsburgh.
(Unpublished)
Abstract
Denial-of-Service (DoS) is a computer security problem that poses a serious challenge totrustworthiness of services deployed over computer networks. The aim of DoS attacks isto make services unavailable to legitimate users, and current network architectures alloweasy-to-launch, hard-to-stop DoS attacks. Particularly challenging are the service-level DoSattacks, whereby the victim service is flooded with legitimate-like requests, and the jammingattack, in which wireless communication is blocked by malicious radio interference. Theseattacks are overwhelming even for massively-resourced services, and effective and efficientdefenses are highly needed. This work contributes a novel defense framework, which I call dodging, against service-level DoS and wireless jamming. Dodging has two components: (1) the careful assignment ofservers to clients to achieve accurate and quick identification of service-level DoS attackersand (2) the continuous and unpredictable-to-attackers reconfiguration of the client-serverassignment and the radio-channel mapping to withstand service-level and jamming DoSattacks. Dodging creates hard-to-evade baits, or traps, and dilutes the attack "fire power".The traps identify the attackers when they violate the mapping function and even when theyattack while correctly following the mapping function. Moreover, dodging keeps attackers"in the dark", trying to follow the unpredictably changing mapping. They may hit a fewtimes but lose "precious" time before they are identified and stopped. Three dodging-based DoS defense algorithms are developed in this work. They are moreresource-efficient than state-of-the-art DoS detection and mitigation techniques. Honeybees combines channel hopping and error-correcting codes to achieve bandwidth-efficientand energy-efficient mitigation of jamming in multi-radio networks. In roaming honeypots, dodging enables the camouflaging of honeypots, or trap machines, as real servers,making it hard for attackers to locate and avoid the traps. Furthermore, shuffling requestsover servers opens up windows of opportunity, during which legitimate requests are serviced.Live baiting, efficiently identifies service-level DoS attackers by employing results fromthe group-testing theory, discovering defective members in a population using the minimumnumber of tests. The cost and benefit of the dodging algorithms are analyzed theoretically,in simulation, and using prototype experiments.
Share
| Citation/Export: |
|
| Social Networking: |
|
Details
| Item Type: |
University of Pittsburgh ETD
|
| Status: |
Unpublished |
| Creators/Authors: |
| Creators | Email | Pitt Username | ORCID  |
|---|
| Mohamed Khattab, Sherif | shm44@pitt.edu | SHM44 | |
|
| ETD Committee: |
|
| Date: |
30 October 2008 |
| Date Type: |
Completion |
| Defense Date: |
25 June 2008 |
| Approval Date: |
30 October 2008 |
| Submission Date: |
29 July 2008 |
| Access Restriction: |
No restriction; Release the ETD for access worldwide immediately. |
| Institution: |
University of Pittsburgh |
| Schools and Programs: |
Dietrich School of Arts and Sciences > Computer Science |
| Degree: |
PhD - Doctor of Philosophy |
| Thesis Type: |
Doctoral Dissertation |
| Refereed: |
Yes |
| Uncontrolled Keywords: |
Computer Networks; Denial-of-Service; Network Security |
| Other ID: |
http://etd.library.pitt.edu/ETD/available/etd-07292008-233917/, etd-07292008-233917 |
| Date Deposited: |
10 Nov 2011 19:54 |
| Last Modified: |
15 Nov 2016 13:47 |
| URI: |
http://d-scholarship.pitt.edu/id/eprint/8711 |
Metrics
Monthly Views for the past 3 years
Plum Analytics
Actions (login required)
 |
View Item |
![[feed]](/images/feed-icon-32x32.png){kind=icon}