Link to the University of Pittsburgh Homepage
Link to the University Library System Homepage Link to the Contact Us Form

A Defense Framework Against Denial-of-Service in Computer Networks

Mohamed Khattab, Sherif (2008) A Defense Framework Against Denial-of-Service in Computer Networks. Doctoral Dissertation, University of Pittsburgh. (Unpublished)

Primary Text

Download (1MB) | Preview


Denial-of-Service (DoS) is a computer security problem that poses a serious challenge totrustworthiness of services deployed over computer networks. The aim of DoS attacks isto make services unavailable to legitimate users, and current network architectures alloweasy-to-launch, hard-to-stop DoS attacks. Particularly challenging are the service-level DoSattacks, whereby the victim service is flooded with legitimate-like requests, and the jammingattack, in which wireless communication is blocked by malicious radio interference. Theseattacks are overwhelming even for massively-resourced services, and effective and efficientdefenses are highly needed. This work contributes a novel defense framework, which I call dodging, against service-level DoS and wireless jamming. Dodging has two components: (1) the careful assignment ofservers to clients to achieve accurate and quick identification of service-level DoS attackersand (2) the continuous and unpredictable-to-attackers reconfiguration of the client-serverassignment and the radio-channel mapping to withstand service-level and jamming DoSattacks. Dodging creates hard-to-evade baits, or traps, and dilutes the attack "fire power".The traps identify the attackers when they violate the mapping function and even when theyattack while correctly following the mapping function. Moreover, dodging keeps attackers"in the dark", trying to follow the unpredictably changing mapping. They may hit a fewtimes but lose "precious" time before they are identified and stopped. Three dodging-based DoS defense algorithms are developed in this work. They are moreresource-efficient than state-of-the-art DoS detection and mitigation techniques. Honeybees combines channel hopping and error-correcting codes to achieve bandwidth-efficientand energy-efficient mitigation of jamming in multi-radio networks. In roaming honeypots, dodging enables the camouflaging of honeypots, or trap machines, as real servers,making it hard for attackers to locate and avoid the traps. Furthermore, shuffling requestsover servers opens up windows of opportunity, during which legitimate requests are serviced.Live baiting, efficiently identifies service-level DoS attackers by employing results fromthe group-testing theory, discovering defective members in a population using the minimumnumber of tests. The cost and benefit of the dodging algorithms are analyzed theoretically,in simulation, and using prototype experiments.


Social Networking:
Share |


Item Type: University of Pittsburgh ETD
Status: Unpublished
CreatorsEmailPitt UsernameORCID
Mohamed Khattab, Sherifshm44@pitt.eduSHM44
ETD Committee:
TitleMemberEmail AddressPitt UsernameORCID
Committee CoChairMossé, Danielmosse@cs.pitt.eduMOSSE
Committee CoChairMelhem, Ramimelhem@cs.pitt.eduMELHEM
Committee MemberKrishnamurthy, Prashantprashant@mail.sis.pitt.eduPRASHK
Committee MemberZnati, Taiebznati@cs.pitt.eduZNATI
Date: 30 October 2008
Date Type: Completion
Defense Date: 25 June 2008
Approval Date: 30 October 2008
Submission Date: 29 July 2008
Access Restriction: No restriction; Release the ETD for access worldwide immediately.
Institution: University of Pittsburgh
Schools and Programs: Dietrich School of Arts and Sciences > Computer Science
Degree: PhD - Doctor of Philosophy
Thesis Type: Doctoral Dissertation
Refereed: Yes
Uncontrolled Keywords: Computer Networks; Denial-of-Service; Network Security
Other ID:, etd-07292008-233917
Date Deposited: 10 Nov 2011 19:54
Last Modified: 15 Nov 2016 13:47


Monthly Views for the past 3 years

Plum Analytics

Actions (login required)

View Item View Item