Denial of Service - IT Library : ZDNet Asia

White Papers

Case Studies

Vendor Webcast

Show all content

Title Date Added Company

Preventing Distributed Denial of Service Attacks by Perturbing TCP Traffic 2008-01-01 university of maryland

This paper discusses a method for preventing Distributed Denial of Service (DDoS) attacks that use spoofed source IP addresses by monitoring TCP traffic. The method requires dropping TCP packets from client to server and monitoring the effect of the dropped packet. The goal is to develop software that an organization can deploy on most reprogrammable routers. The paper tests the software on a popular UNIX distribution - FreeBSD - on a real network.

Tags: Server Platforms - OS, Intrusion - Tampering

Roaming Honeypots for Mitigating Service-Level Denial-of-Service Attacks 2008-01-01 University of Pittsburgh

Honeypots have been proposed to act as traps for malicious attackers. However, because of their deployment at fixed (thus detectable) locations and on machines other than the ones they are supposed to protect, honeypots can be avoided by sophisticated attacks. The paper proposes roaming honeypots, a mechanism that allows the locations of honeypots to be unpredictable, continuously changing, and disguised within a server pool. A (continuously changing) subset of the servers is active and providing service, while the rest of the server pool is idle and acting as honeypots. The paper utilizes the roaming honeypots scheme to mitigate the effects of service-level DoS attacks, in which many attack machines acquire service from a victim server at a high rate, against back-end servers of private services.

Tags: Security Administration, Intrusion - Tampering

Active Internet Traffic Filtering: Real-Time Response to Denial-of-Service Attacks 2008-01-01 Stanford University

This paper describes Active Internet Traffic Filtering (AITF), a mechanism for blocking highly Distributed Denial-of-Service (DDoS) attacks. These attacks are an acute contemporary problem, with few practical solutions available today; this paper describes the reasons why no effective DDoS filtering mechanism has been deployed yet. The paper shows that the current Internet's routers have sufficient filtering resources to thwart such attacks, with the condition that attack traffic be blocked close to its sources; AITF leverages this observation. The results demonstrate that AITF can block a million-flow attack within seconds, while it requires only tens of thousands of wire-speed filters per participating router - an amount easily accommodated by today's routers. AITF can be deployed incrementally and yields benefits even to the very first adopters.

Tags: Security Administration, Intrusion - Tampering

Analyzing Performance Vulnerability Due to Resource Denial-of-Service Attack on Chip Multiprocessors 2008-01-01 Georgia Institute of Technology

Due to the ever-increasing design complexity and physical constraint in frequency scaling, chip multiprocessors are considered the de facto architecture baseline for future processor generation. Through resource sharing, applications running on a CMP can achieve better resource utilization and faster inter-core communication, leading to a higher overall throughput for the entire system. From a different perspective, however, such architectures are also more susceptible to Denial-of-Service (DoS) attacks on these shared resources, increasing the vulnerability in performance. Furthermore, as the number of cores increases, attacks similar to Distributed Denial-of-Service (DDoS) attacks on the Internet can be employed to throttle these on-chip resources with the presence of multiple malicious applications.

Tags: Intrusion - Tampering, Intrusion - Tampering

A Client-Transparent Approach to Defend Against Denial of Service Attacks 2008-01-01 IBM

Denial of Service (DoS) attacks attempt to consume a server's resources (network bandwidth, computing power, main memory, disk bandwidth etc) to near exhaustion so that there are no resources left to handle requests from legitimate clients. An effective solution to defend against DoS attacks is to filter DoS attack requests at the earliest point (say, the web site's firewall), before they consume much of the server's resources. Most defenses against DoS attacks attempt to filter requests from inauthentic clients before they consume much of the server's resources. Client authentication using techniques like IPSec or SSL may often require changes to the client-side software and may additionally require superuser privileges at the client for deployment.

Tags: Authentication - Encryption, Intrusion - Tampering

MOVE: An End-to-End Solution to Network Denial of Service 2008-01-01 Columbia University

This paper presents a solution to the Denial of Service (DoS) problem that does not rely on network infrastructure support, conforming to the end-to-end (e2e) design principle. The approach is to combine an overlay network, which allows to treat authorized traffic preferentially, with a lightweight process-migration environment that allows one to move services easily between different parts of a distributed system. Functionality residing on a part of the system that is subjected to a DoS attack migrates to an unaffected location. The overlay network ensures that traffic from legitimate users, who are authenticated before they are allowed to access the service, is routed to the new location.

Tags: Intrusion - Tampering

Re-Visited: Denial of Service Resilient Access Control for Wireless Sensor Networks 2008-01-01 NEC

The appliance of wireless sensor networks to a broad variety of applications doubtlessly requires end-user acceptance. End-users from various computer network unrelated disciplines like for example from the agriculture sector, geography, health care, or biology will only use wireless sensor networks to support their daily work if the overall benefit beats the overhead when getting in touch with this new paradigm. This does first and foremost mean that, once the WSN is deployed, it is easy to collect data also for a technical unexperienced audience. However, the trust in the system's confidentiality and its reliability should not be underestimated.

Tags: Intrusion - Tampering, Mobile and Wireless

On the Effectiveness of Probabilistic Packet Marking for IP Traceback Under Denial of Service Attack 2008-01-01 Purdue University

Effective mitigation of Denial of Service (DoS) attack is a pressing problem on the Internet. In many instances, DoS attacks can be prevented if the spoofed source IP address is traced back to its origin which allows assigning penalties to the offending party or isolating the compromised hosts and domains from the rest of the network. Recently IP traceback mechanisms based on Probabilistic Packet Marking (PPM) have been proposed for achieving traceback of DoS attacks. This paper shows that probabilistic packet marking - of interest due to its efficiency and implementability vis-a-vis deterministic packet marking and logging or messaging based schemes - suffers under spoofing of the marking field in the IP header by the attacker which can impede traceback by the victim.

Tags: Intrusion - Tampering, Intrusion - Tampering

Distributed Attacks Denial of Service Type: Nature of These Attacks and Defense Against Them 2008-01-01 Technical University of Sofia

According to statistical information, published by SANS institute (System Administration, Networking and Security), one of the most critical and devastating classes of computer attacks is that of the (Distributed Denial of Service) type, (DDoS), aimed at interfering in the accessibility to information resources. These attacks are accomplished by the combined actions of variety of program components available on Internet hosts. One of the current tasks in the field of computer security is the development of relevant security methods of defense against DDoS attacks and working out of well-founded recommendations to choose from as most efficient means in the specific conditions.

Tags: Security Administration, Intrusion - Tampering

An Efficient Filter for Denial-of-Service Bandwidth Attacks 2008-01-01 University of Melbourne

This paper presents an efficient method for detecting and filtering denial-of-service bandwidth attacks. The system called TOPS (Tabulated Online Packet Statistics) can monitor a large number of network addresses in a compact, fixed-size structure using several effective heuristics. The paper demonstrates that TOPS can detect bandwidth attacks in a standard benchmark dataset with a high accuracy and a low false alarm rate. A key benefit of TOPS is that it uses few computational resources and does not slow down during an attack.

Tags: Intrusion - Tampering, Intrusion - Tampering

Jump to 1 2 3 4 5 6 7 [8] 9 10

Title	Date Added	Company
Preventing Distributed Denial of Service Attacks by Perturbing TCP Traffic	2008-01-01	university of maryland
This paper discusses a method for preventing Distributed Denial of Service (DDoS) attacks that use spoofed source IP addresses by monitoring TCP traffic. The method requires dropping TCP packets from client to server and monitoring the effect of the dropped packet. The goal is to develop software that an organization can deploy on most reprogrammable routers. The paper tests the software on a popular UNIX distribution - FreeBSD - on a real network. Tags: Server Platforms - OS, Intrusion - Tampering
Roaming Honeypots for Mitigating Service-Level Denial-of-Service Attacks	2008-01-01	University of Pittsburgh
Honeypots have been proposed to act as traps for malicious attackers. However, because of their deployment at fixed (thus detectable) locations and on machines other than the ones they are supposed to protect, honeypots can be avoided by sophisticated attacks. The paper proposes roaming honeypots, a mechanism that allows the locations of honeypots to be unpredictable, continuously changing, and disguised within a server pool. A (continuously changing) subset of the servers is active and providing service, while the rest of the server pool is idle and acting as honeypots. The paper utilizes the roaming honeypots scheme to mitigate the effects of service-level DoS attacks, in which many attack machines acquire service from a victim server at a high rate, against back-end servers of private services. Tags: Security Administration, Intrusion - Tampering
Active Internet Traffic Filtering: Real-Time Response to Denial-of-Service Attacks	2008-01-01	Stanford University
This paper describes Active Internet Traffic Filtering (AITF), a mechanism for blocking highly Distributed Denial-of-Service (DDoS) attacks. These attacks are an acute contemporary problem, with few practical solutions available today; this paper describes the reasons why no effective DDoS filtering mechanism has been deployed yet. The paper shows that the current Internet's routers have sufficient filtering resources to thwart such attacks, with the condition that attack traffic be blocked close to its sources; AITF leverages this observation. The results demonstrate that AITF can block a million-flow attack within seconds, while it requires only tens of thousands of wire-speed filters per participating router - an amount easily accommodated by today's routers. AITF can be deployed incrementally and yields benefits even to the very first adopters. Tags: Security Administration, Intrusion - Tampering
Analyzing Performance Vulnerability Due to Resource Denial-of-Service Attack on Chip Multiprocessors	2008-01-01	Georgia Institute of Technology
Due to the ever-increasing design complexity and physical constraint in frequency scaling, chip multiprocessors are considered the de facto architecture baseline for future processor generation. Through resource sharing, applications running on a CMP can achieve better resource utilization and faster inter-core communication, leading to a higher overall throughput for the entire system. From a different perspective, however, such architectures are also more susceptible to Denial-of-Service (DoS) attacks on these shared resources, increasing the vulnerability in performance. Furthermore, as the number of cores increases, attacks similar to Distributed Denial-of-Service (DDoS) attacks on the Internet can be employed to throttle these on-chip resources with the presence of multiple malicious applications. Tags: Intrusion - Tampering, Intrusion - Tampering
A Client-Transparent Approach to Defend Against Denial of Service Attacks	2008-01-01	IBM
Denial of Service (DoS) attacks attempt to consume a server's resources (network bandwidth, computing power, main memory, disk bandwidth etc) to near exhaustion so that there are no resources left to handle requests from legitimate clients. An effective solution to defend against DoS attacks is to filter DoS attack requests at the earliest point (say, the web site's firewall), before they consume much of the server's resources. Most defenses against DoS attacks attempt to filter requests from inauthentic clients before they consume much of the server's resources. Client authentication using techniques like IPSec or SSL may often require changes to the client-side software and may additionally require superuser privileges at the client for deployment. Tags: Authentication - Encryption, Intrusion - Tampering
MOVE: An End-to-End Solution to Network Denial of Service	2008-01-01	Columbia University
This paper presents a solution to the Denial of Service (DoS) problem that does not rely on network infrastructure support, conforming to the end-to-end (e2e) design principle. The approach is to combine an overlay network, which allows to treat authorized traffic preferentially, with a lightweight process-migration environment that allows one to move services easily between different parts of a distributed system. Functionality residing on a part of the system that is subjected to a DoS attack migrates to an unaffected location. The overlay network ensures that traffic from legitimate users, who are authenticated before they are allowed to access the service, is routed to the new location. Tags: Intrusion - Tampering
Re-Visited: Denial of Service Resilient Access Control for Wireless Sensor Networks	2008-01-01	NEC
The appliance of wireless sensor networks to a broad variety of applications doubtlessly requires end-user acceptance. End-users from various computer network unrelated disciplines like for example from the agriculture sector, geography, health care, or biology will only use wireless sensor networks to support their daily work if the overall benefit beats the overhead when getting in touch with this new paradigm. This does first and foremost mean that, once the WSN is deployed, it is easy to collect data also for a technical unexperienced audience. However, the trust in the system's confidentiality and its reliability should not be underestimated. Tags: Intrusion - Tampering, Mobile and Wireless
On the Effectiveness of Probabilistic Packet Marking for IP Traceback Under Denial of Service Attack	2008-01-01	Purdue University
Effective mitigation of Denial of Service (DoS) attack is a pressing problem on the Internet. In many instances, DoS attacks can be prevented if the spoofed source IP address is traced back to its origin which allows assigning penalties to the offending party or isolating the compromised hosts and domains from the rest of the network. Recently IP traceback mechanisms based on Probabilistic Packet Marking (PPM) have been proposed for achieving traceback of DoS attacks. This paper shows that probabilistic packet marking - of interest due to its efficiency and implementability vis-a-vis deterministic packet marking and logging or messaging based schemes - suffers under spoofing of the marking field in the IP header by the attacker which can impede traceback by the victim. Tags: Intrusion - Tampering, Intrusion - Tampering
Distributed Attacks Denial of Service Type: Nature of These Attacks and Defense Against Them	2008-01-01	Technical University of Sofia
According to statistical information, published by SANS institute (System Administration, Networking and Security), one of the most critical and devastating classes of computer attacks is that of the (Distributed Denial of Service) type, (DDoS), aimed at interfering in the accessibility to information resources. These attacks are accomplished by the combined actions of variety of program components available on Internet hosts. One of the current tasks in the field of computer security is the development of relevant security methods of defense against DDoS attacks and working out of well-founded recommendations to choose from as most efficient means in the specific conditions. Tags: Security Administration, Intrusion - Tampering
An Efficient Filter for Denial-of-Service Bandwidth Attacks	2008-01-01	University of Melbourne
This paper presents an efficient method for detecting and filtering denial-of-service bandwidth attacks. The system called TOPS (Tabulated Online Packet Statistics) can monitor a large number of network addresses in a compact, fixed-size structure using several effective heuristics. The paper demonstrates that TOPS can detect bandwidth attacks in a standard benchmark dataset with a high accuracy and a low false alarm rate. A key benefit of TOPS is that it uses few computational resources and does not slow down during an attack. Tags: Intrusion - Tampering, Intrusion - Tampering

Cutting-edge technology from premium sponsors

Adaptive Threat Management
High Performance Security for your Distributed Enterprise

Achieve lower TCO, agility, risk mitigation, compliance, and productivity

Webcast series: Cybercrime is a growth industry - is your organisation prepared?
More resources to optimize the security of your enterprise »

Brought to you by:

More Tech Showcases:

Hitachi Eco-Products
Juniper Networks

IDC's Powering the Enterprise Cloud Event 2009

12 Nov - 17 Dec 2009

Grand Copthorne Waterfront Hotel, Singapore

Cloud Computing Summit 2009

9 Dec 2009

Hong Kong Convention and Exhibition Center

4th Annual GovTech 2010

27 - 28 Jan 2010

Amara Hotel, Singapore

ZDNet Asia Top Tech 50 Index

AT&T

Asustek

Canon

Convergys

Ericsson

Hewlett-Packard

Infosys

LogicaCMG

NTT

Samsung

SingTel Group

Toshiba

Xerox

Accenture

Atos Origin

Capgemini

Dell

France Telecom

Hitachi

Intel

Microsoft

Nokia

Satyam Computer Services

Sony

Verizon Communications

ZTE

Alcatel-Lucent

British Telecom

China Mobile

Deutsche Telekom

Fujitsu

Huawei Technologies

LG Electronics

Motorola

Oracle

Seagate Technology

Sun Microsystems

Western Digital

Apple

CSC

Cisco Systems

EMC

Google

IBM

Lenovo Group

NEC

SAP

Siemens IT Solutions & Services

Tata Consultancy Services

Wipro

ZDNet Asia's Top Tech Index will be next updated in 2010.

The Roots for a Greener World
Discover Hitachi's Environmental Vision 2025 and featured Eco-Products

The Desktop Virtualization Revolution is here!
Find our more with Citrix Simplicity is Power

Master in Organisational Leadership
Part-time masters program from Monash University. Find out more.

Lack of visibility into network issues and performance?
Find out today. Download SolarWinds FREE 30-Day Trial Software here.

IT Salary & Skills Report 2009
Join activeTechPros for free access to the report

More from CBS Interactive

CBS Interactive Inc Sites

About ZDNet Asia |

About CBS Interactive |

ZDNet Asia editorial calendar |

Advertise with us |

Jobs |

Partnership |

Contact Us |

CNET Direct |

CNET Asia |

CNET Asia mobile |

Sitemap

ZDNet.com |

ZDNet Japan |

ZDNet.de |

CNET UK |

CNET.de |

Tech Republic |

BNET |

MP3.com |

activeTechPros |

ZDNet UK |

ZDNet Korea |

ZDNet France |

CNET Australia |

CNET France |

Download.com |

Builder |

GameSpot

ZDNet Australia |

ZDNet Taiwan |

CNET |

CNET Taiwan |

News.com |

Silicon.com |

TV.com |

GameSpot Korea

News | Insight | Reviews | TechGuides | Jobs | Blogs | Videos | Community | Downloads | IT Library |

Get RSS feeds

Security

Featured Whitepapers

Member Login

Adaptive Threat Management

ZDNet Asia Top Tech 50 Index