| dc.contributor.advisor |
Edward Gehringer, Committee Member |
en_US |
| dc.contributor.advisor |
George N. Rouskas, Committee Member |
en_US |
| dc.contributor.advisor |
Shyhtsun Felix Wu, Committee Co-Chair |
en_US |
| dc.contributor.advisor |
Arne A. Nilsson, Committee Chair |
en_US |
| dc.contributor.author |
Wu, Chien-Lung |
en_US |
| dc.date.accessioned |
2010-04-02T18:36:54Z |
|
| dc.date.available |
2010-04-02T18:36:54Z |
|
| dc.date.issued |
2004-01-07 |
en_US |
| dc.identifier.other |
etd-01062004-093357 |
en_US |
| dc.identifier.uri |
http://www.lib.ncsu.edu/resolver/1840.16/3806 |
|
| dc.description.abstract |
The objective of this research is to study the Internet Protocol (IP) traceback technique in defeating Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) attacks. Tracing attackers is the first and most important step to solve the DoS/DDoS problem. In this dissertation, two new traceback techniques, PHIL and Intention-Driven iTrace, are proposed and evaluated. Based on the IPSec infrastructure, previously, the Decentralized Source Identification for Network-based Intrusions (DECIDUOUS) module has been implemented and evaluated. However, in order to trace attack sources across different administrative domains securely, the notion of Packet Header Information List (PHIL) for IPSec is proposed to enhance DECIDUOUS module. Second, it is shown, in this thesis, that the iTrace (ICMP traceback, being standardized in IETF) has some serious drawbacks. To overcome these drawbacks, the Intention-Driven iTrace (ID-iTrace) and the Hybrid iTrace schemes are proposed. Our simulation results confirm that the original iTrace scheme is not able to handle low attack traffic well. From our simulation, the Hybrid iTrace scheme is evaluated and demonstrated to be an efficient and practical mechanism for tracing DoS/DDoS attacks. |
en_US |
| dc.rights |
I hereby certify that, if appropriate, I have obtained and attached hereto a written permission statement from the owner(s) of each third party copyrighted matter to be included in my thesis, dissertation, or project report, allowing distribution as specified below. I certify that the version I submitted is the same as that approved by my advisory committee. I hereby grant to NC State University or its agents the non-exclusive license to archive and make accessible, under the conditions specified below, my thesis, dissertation, or project report in whole or in part in all forms of media, now or hereafter known. I retain all other ownership rights to the copyright of the thesis, dissertation or project report. I also retain the right to use in future works (such as articles or books) all or part of this thesis, dissertation, or project report. |
en_US |
| dc.subject |
Hybrid iTrace |
en_US |
| dc.subject |
Intention-Driven iTrace |
en_US |
| dc.subject |
Traceback |
en_US |
| dc.subject |
DoS |
en_US |
| dc.subject |
DDoS |
en_US |
| dc.subject |
iTrace |
en_US |
| dc.subject |
ICMP Traceback |
en_US |
| dc.subject |
IPSec |
en_US |
| dc.subject |
Network-Layer Tracing |
en_US |
| dc.title |
On Network-Layer Packet Traceback: Tracing Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) Attacks |
en_US |
| dc.degree.name |
PhD |
en_US |
| dc.degree.level |
dissertation |
en_US |
| dc.degree.discipline |
Electrical Engineering |
en_US |
