On Network-Layer Packet Traceback: Tracing Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) Attacks

Show simple item record

dc.contributor.advisor Edward Gehringer, Committee Member en_US
dc.contributor.advisor George N. Rouskas, Committee Member en_US
dc.contributor.advisor Shyhtsun Felix Wu, Committee Co-Chair en_US
dc.contributor.advisor Arne A. Nilsson, Committee Chair en_US
dc.contributor.author Wu, Chien-Lung en_US
dc.date.accessioned 2010-04-02T18:36:54Z
dc.date.available 2010-04-02T18:36:54Z
dc.date.issued 2004-01-07 en_US
dc.identifier.other etd-01062004-093357 en_US
dc.identifier.uri http://www.lib.ncsu.edu/resolver/1840.16/3806
dc.description.abstract The objective of this research is to study the Internet Protocol (IP) traceback technique in defeating Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) attacks. Tracing attackers is the first and most important step to solve the DoS/DDoS problem. In this dissertation, two new traceback techniques, PHIL and Intention-Driven iTrace, are proposed and evaluated. Based on the IPSec infrastructure, previously, the Decentralized Source Identification for Network-based Intrusions (DECIDUOUS) module has been implemented and evaluated. However, in order to trace attack sources across different administrative domains securely, the notion of Packet Header Information List (PHIL) for IPSec is proposed to enhance DECIDUOUS module. Second, it is shown, in this thesis, that the iTrace (ICMP traceback, being standardized in IETF) has some serious drawbacks. To overcome these drawbacks, the Intention-Driven iTrace (ID-iTrace) and the Hybrid iTrace schemes are proposed. Our simulation results confirm that the original iTrace scheme is not able to handle low attack traffic well. From our simulation, the Hybrid iTrace scheme is evaluated and demonstrated to be an efficient and practical mechanism for tracing DoS/DDoS attacks. en_US
dc.rights I hereby certify that, if appropriate, I have obtained and attached hereto a written permission statement from the owner(s) of each third party copyrighted matter to be included in my thesis, dissertation, or project report, allowing distribution as specified below. I certify that the version I submitted is the same as that approved by my advisory committee. I hereby grant to NC State University or its agents the non-exclusive license to archive and make accessible, under the conditions specified below, my thesis, dissertation, or project report in whole or in part in all forms of media, now or hereafter known. I retain all other ownership rights to the copyright of the thesis, dissertation or project report. I also retain the right to use in future works (such as articles or books) all or part of this thesis, dissertation, or project report. en_US
dc.subject Hybrid iTrace en_US
dc.subject Intention-Driven iTrace en_US
dc.subject Traceback en_US
dc.subject DoS en_US
dc.subject DDoS en_US
dc.subject iTrace en_US
dc.subject ICMP Traceback en_US
dc.subject IPSec en_US
dc.subject Network-Layer Tracing en_US
dc.title On Network-Layer Packet Traceback: Tracing Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) Attacks en_US
dc.degree.name PhD en_US
dc.degree.level dissertation en_US
dc.degree.discipline Electrical Engineering en_US


Files in this item

Files Size Format View
etd.pdf 2.914Mb PDF View/Open

This item appears in the following Collection(s)

Show simple item record