On Network-Layer Packet Traceback: Tracing Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) Attacks

Show full item record

Title: On Network-Layer Packet Traceback: Tracing Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) Attacks
Author: Wu, Chien-Lung
Advisors: Edward Gehringer, Committee Member
George N. Rouskas, Committee Member
Shyhtsun Felix Wu, Committee Co-Chair
Arne A. Nilsson, Committee Chair
Abstract: The objective of this research is to study the Internet Protocol (IP) traceback technique in defeating Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) attacks. Tracing attackers is the first and most important step to solve the DoS/DDoS problem. In this dissertation, two new traceback techniques, PHIL and Intention-Driven iTrace, are proposed and evaluated. Based on the IPSec infrastructure, previously, the Decentralized Source Identification for Network-based Intrusions (DECIDUOUS) module has been implemented and evaluated. However, in order to trace attack sources across different administrative domains securely, the notion of Packet Header Information List (PHIL) for IPSec is proposed to enhance DECIDUOUS module. Second, it is shown, in this thesis, that the iTrace (ICMP traceback, being standardized in IETF) has some serious drawbacks. To overcome these drawbacks, the Intention-Driven iTrace (ID-iTrace) and the Hybrid iTrace schemes are proposed. Our simulation results confirm that the original iTrace scheme is not able to handle low attack traffic well. From our simulation, the Hybrid iTrace scheme is evaluated and demonstrated to be an efficient and practical mechanism for tracing DoS/DDoS attacks.
Date: 2004-01-07
Degree: PhD
Discipline: Electrical Engineering
URI: http://www.lib.ncsu.edu/resolver/1840.16/3806


Files in this item

Files Size Format View
etd.pdf 2.914Mb PDF View/Open

This item appears in the following Collection(s)

Show full item record