PMS, 분산 서비스 거부 공격에 대한 방어 전략

Alternative Title
Usman Tariq
Tariq, Usman
Alternative Author(s)
Usman Tariq
정보통신전문대학원 정보통신공학과
The Graduate School, Ajou University
Publication Year
DDOSPacket MarkingDDOS Attack & Defence
Alternative Abstract
Distributed Denial of Service attack is a challenging threat to current internet world. Due to thousands of vulnerable machines connected to internet, hackers need little preparation to launch a highly destructive attack. Attacks can be easily downloaded and launched through these fertilized zombie machines. While defense mechanisms and trace back is highly inefficient due to high number of attack machines. Researchers and commercial organizations are putting all there efforts to deal with the DDoS attack problem but the problem is still unsolved. In this thesis we discussed the DDoS problem in two directions: 1) Cause of problem. 2) Design (architecture and implementation) of defense of DDoS problem which we named PMS that highly prevents the spoofed IP packets to consume legitimate internet bandwidth. In PMS, the packet is marked by the routers which come along the path to the destination. The packets traveling along the same path will have the same marking which will be dynamically changed after certain span of time. PMS can not only defend against the DDoS attack but also it can deal with the TCP hijacking and multicast source spoofing attacks. PMS defense mechanism just needs to identify only one malicious packet to identify the attack. PMS also supports incremental deployment which enhances its effectiveness against the DDoS attack. PMS scheme effectively defend the network from DDoS attack.

Appears in Collections:
Special Graduate Schools > Graduate School of Information and Communication Technology > Department of Information and Communication > 3. Theses(Master)
Files in This Item:
There are no files associated with this item.
RIS (EndNote)
XLS (Excel)

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.