Member Login

E-mail:    Password:  




 TitleDate AddedCompany
whitepaper Exposing and Eliminating Vulnerabilities to Denial of Service Attacks in Secure Gossip-Based Multicast2009-01-01 Technion - Israel Institute of Technology
  This paper proposes a framework and methodology for quantifying the effect of Denial of Service (DoS) attacks on a distributed system. They present a systematic study of the resistance of gossip-based multicast protocols to DoS attacks. They show that even distributed and randomized gossip-based protocols, which eliminate single points of failure, do not necessarily eliminate vulnerabilities to DoS attacks. They propose Drum - a simple gossip-based multicast protocol that eliminates such vulnerabilities. Drum was implemented in Java and tested on a large cluster. They show, using closed-form mathematical analysis, simulations, and empirical tests, that Drum survives severe DoS attacks.

Tags: Intrusion - Tampering, Intrusion - Tampering		   
whitepaper Proactive Server Roaming for Mitigating Denial-of-Service Attacks2009-01-01 Institute of Electrical and Electronics Engineers
  This paper proposes a framework based on proactive server roaming to mitigate the effects of Denial-of-Service (DoS) attacks. The active server proactively changes its location within a pool of servers to defend against unpredictable and undetectable attacks. Only legitimate clients can follow the active server as it roams. They present algorithms that are secure, distributed, randomized, and adaptive for triggering the roaming and determining the next server to roam to. They propose some modifications to the state recovery process of existing TCP connection-migration schemes to suit roaming. Preliminary experiments in a FreeBSD network show that the overhead of server roaming is small, in terms of response time, in the absence of attacks. Further, during an attack, roaming significantly improves the response time.

Tags: Software Development Tools, Intrusion - Tampering		   
whitepaper SIFF: A Stateless Internet Flow Filter to Mitigate DDoS Flooding Attacks2009-01-01 Carnegie Mellon University
  One of the fundamental limitations of the Internet is the inability of a packet flow recipient to halt disruptive flows before they consume the recipient's network link resources. Critical infrastructures and businesses alike are vulnerable to DoS attacks or flash-crowds that can incapacitate their networks with traffic floods. Unfortunately, current mechanisms require per-flow state at routers, ISP collaboration, or the deployment of an overlay infrastructure to defend against these events. This paper presents SIFF, a Stateless Internet Flow Filter, which allows an end-host to selectively stop individual flows from reaching its network, without any of the common assumptions. They divide all network traffic into two classes, privileged (prioritized packets subject to recipient control) and unprivileged (legacy traffic). Privileged channels are established through a capability exchange handshake.

Tags: Security Administration, Intrusion - Tampering		   
whitepaper Live Baiting for Service-Level DoS Attackers2009-01-01 University of Pittsburgh
  Denial-of-Service (DoS) attacks remain a challenging problem in the Internet. In a DoS attack the attacker is attempting to make a resource unavailable to its intended legitimate clients. Furthermore, in order to employ massive attack power, the attacker usually launches a Distributed Denial of Service (DDoS) attack, in which several subordinate hosts attack the target in concert. Denial-of-service attacks can result in significant loss of time and money for many organizations, thus, many defense mechanisms have been proposed. This paper proposes a novel approach for detecting DoS attackers, which they call live baiting. Live baiting leverages group-testing theory, which aims at discovering defective members in a population using the minimum number of "Tests", to detect attackers with the minimum state.

Tags: Security Administration, Intrusion - Tampering		   
whitepaper Detect SYN Flooding Attack in Edge Routers2009-01-01 Zhejiang Gongshang University
  Distributed Denial-of-Service (DDoS) attacks pose a serious threat to Internet security. Traditional detection methods rely on passively detecting an attacking signature and are inaccurate in the early stages of an attack. This paper proposes a novel defense mechanism that makes use of the edge routers that connect end hosts to the Internet to store and detect whether the outgoing SYN, ACK or incoming SYN/ACK segment is valid. This is accomplished by maintaining a mapping table of the outgoing SYN segments and incoming SYN/ACK segments and establishing the destination and source IP address database. From the result of simulation, the approach presented in this paper yields accurate DDoS alarms at early stage.

Tags: Security Administration, Intrusion - Tampering		   
whitepaper Denial-of-Service Attacks and Prevention2009-01-01 East Carolina University
  A significant security problem for computer resources is the constant attacks from outsiders, making the resources unavailable to its intended users. The motives behind the malicious attacks may vary. For example, it could be for the sake of pulling a prank or a difference in political views with the affected organization. A Denial-of-Service (DoS) attack sits near the top of the list of computer resource attacks. There are many types of Denial-of-Service attacks, including e-mail bombs, ping floods, teardrop attacks, etc.

Tags: Security Administration, Intrusion - Tampering		   
whitepaper CCTV.com Streams Beijing 2008 Content to 25 Million Online Users With F5 Solutions2008-12-06 F5 Networks
  CCTV.com is the Internet arm of China Central Television (CCTV), the largest broadcaster in mainland China. The challenge was to maintain infrastructure reliability during high traffic period of the Beijing 2008 Games, to ensure fast and secure user access to web content, to protect against DDoS attacks and to optimize server utilization. It deployed F5 BIG-IP Local Traffic Manager and F5 BIG-IP Global Traffic Manager.

Tags: Security Administration, Intrusion - Tampering		   
whitepaper Detection of Denial of Service Attacks in Wireless Mesh Networks2008-11-28 Carleton University
  Mesh networks are a new technology that provide nodes with the ability of self forming and self healing as well as provide multi hop wireless links with infrastructure support. Previous research has mainly been on intrusion detection techniques in multi hop networks since due to their ad hoc nature and no central control; it is harder to detect intrusion. This paper proposes an intrusion detection mechanism based on reasoning agents that takes advantage of the infrastructure support in mesh network.

Tags: Mobile and Wireless		   
whitepaper Accurately Measuring Denial of Service in Simulation and Testbed Experiments2008-11-12 Institute of Electrical and Electronics Engineers
  Researchers in the Denial of Service (DoS) field lack accurate, quantitative and versatile metrics to measure service denial in simulation and testbed experiments. Without such metrics, it is impossible to measure severity of various attacks, quantify success of proposed defenses and compare their performance. Existing DoS metrics equate service denial with slow communication, low throughput, high resource utilization and high loss rate. These metrics are not versatile because they fail to monitor all traffic parameters that signal service degradation. They are not quantitative because they fail to specify exact ranges of parameter values that correspond to good or poor service quality. Finally, they are not accurate since they were not proven to correspond to human perception of service denial.

Tags: Intrusion - Tampering		   
whitepaper DDoS Protection Service: Distributed Denial of Service (DDoS)2008-10-28 Swisscom
  Since the early days of the Internet, "Denial-of-service" (DoS) attacks have been a fact of life. The goal of these attacks is to restrict on a grand scale the availability of certain online systems and/or services or to deny service completely. Usually, in this type of attack, an attempt is made to cause the attacked systems to crash by exploiting vulnerabilities in operating systems, programs and services or basic design flaws in the network protocols in use via the Internet. The online systems can also be overloaded to the extent that they no longer function properly.