Skip to Main Content
Frequently Asked Questions
Submit an ETD
Global Search Box
Need Help?
Keyword Search
Participating Institutions
Advanced Search
School Logo
Files
File List
osu1185209072.pdf (987.67 KB)
ETD Abstract Container
Abstract Header
Widespread internet attacks: defense-oriented evolution and countermeasures
Author Info
Wang, Xun
Permalink:
http://rave.ohiolink.edu/etdc/view?acc_num=osu1185209072
Abstract Details
Year and Degree
2007, Doctor of Philosophy, Ohio State University, Computer and Information Science.
Abstract
Widespread Internet attacks, such as Distributed Denial of Service (DDoS) attacks and active worm attacks, have been major threats to the Internet in the recent past. Although tremendous research effort has focused on this domain, the defense against these attacks remains challenging for one reason: the attacks are evolving intelligently based on their knowledge of defense mechanisms. In other words, the attacks are becoming more intelligent and effective through defense-oriented evolution in order to defeat existing defense systems. The objectives of this dissertation are to obtain deep insight about these defense-oriented attacks and to address the challenges in defense against them. While multiple elements define a specific defense system, the most important ones are the system infrastructure and algorithms. The evolving defense-oriented attacks can exploit and leverage the knowledge of infrastructure and algorithms in the defense systems in order to counteract them. Hence we can classify defense-oriented widespread Internet attacks into infrastructure-oriented and algorithm-oriented attacks. In this dissertation, we investigate a variety of such attacks and design new and more effective countermeasures against them. For infrastructure-oriented attacks, we study two classes of new attacks that target different aspects of the defense system infrastructure. First, we investigate intelligent DDoS attacks which aim to infer architectures of the DDoS-defending Secure Overlay Forwarding Systems (SOFS) to launch attacks more efficiently than ordinary random DDoS attacks. Second, we study the invisible LOCalization attack which can obtain location information of Internet Threat Monitoring (ITM) systems. In order to counteract these new attacks, we provide enhancements for SOFS and ITM systems. For algorithm-oriented attacks, first we study a class of new active worms, the Varying Scan Rate Worm, which deliberately varies its port scan rate during propagation to evade detection by existing network-based worm detection algorithms. Second, we focus on polymorphic worms which change or possess new signatures to defeat existing host-based worm detection algorithms. Furthermore, we provide new and more effective detection approaches against these new worms. The war between attackers and defenders is never ending. We believe this dissertation lays a foundation to deeply understand the evolution of widespread Internet attacks and to enhance defenses against them.
Committee
Dong Xuan (Advisor)
Recommended Citations
Refworks
EndNote
RIS
Mendeley
Citations
Wang, X. (2007).
Widespread internet attacks: defense-oriented evolution and countermeasures
[Doctoral dissertation, Ohio State University]. OhioLINK Electronic Theses and Dissertations Center. http://rave.ohiolink.edu/etdc/view?acc_num=osu1185209072
APA Style (7th edition)
Wang, Xun.
Widespread internet attacks: defense-oriented evolution and countermeasures.
2007. Ohio State University, Doctoral dissertation.
OhioLINK Electronic Theses and Dissertations Center
, http://rave.ohiolink.edu/etdc/view?acc_num=osu1185209072.
MLA Style (8th edition)
Wang, Xun. "Widespread internet attacks: defense-oriented evolution and countermeasures." Doctoral dissertation, Ohio State University, 2007. http://rave.ohiolink.edu/etdc/view?acc_num=osu1185209072
Chicago Manual of Style (17th edition)
Abstract Footer
Document number:
osu1185209072
Download Count:
1,207
Copyright Info
© 2007, all rights reserved.
This open access ETD is published by The Ohio State University and OhioLINK.