Network topology as shown above. - PowerPoint PPT Presentation

1 / 1
About This Presentation
Title:

Network topology as shown above.

Description:

Attackers bombard the server with requests for files. ... Distributed DoS (DDoS) attacks exploit software vulnerabilities to capture 'zombies' or 'agents' ... – PowerPoint PPT presentation

Number of Views:61
Avg rating:3.0/5.0
Slides: 2
Provided by: mos111
Category:

less

Transcript and Presenter's Notes

Title: Network topology as shown above.


1
Server Roaming for Mitigating Denial of Service
Attacks
Sherif Mohamed Khattab Chatree Sangpachatanaruk
Network Security Group (NetSec)
1
3
5
Reactive Roaming
Context
No Attack Low Overhead Attack Substantial Gain
Maintaining Quality of Service Guarantees under
DoS Attacks is a Challenge.
A proactively roaming Health Monitor triggers
roaming upon detecting an attack.
Roaming Cost ? Smaller migrate interval, higher
cost each client would face
3
3
3
3
1
4
4
3
3
3
2
  • After detecting an attack, the health monitor
    sends a roaming trigger to all servers and
    legitimate
  • clients. Using their key chains, legitimate
    clients can switch to the new server.
  • After roaming, either proactively or reactively,
    the old server is forced to flush its state and
    reload
  • its system software to avoid Trojan horses.
  • DoS attack packets deplete resources (e.g.,
    router buffers, server CPU time or memory
    structures).
  • The general DoS problem is to distinguish attack
    packets from legitimate packets.
  • Distributed DoS (DDoS) attacks exploit software
    vulnerabilities to capture zombies or agents
  • and use them as attacking machines on behalf of
    the real attacker.
  • As agents can be insiders, things are even
    more challenging.

( Average from 20 runs of 100 legitimate FTP
sessions)
2
4
6
Conclusions
Secure Proactive Roaming
Proactive Roaming Simulation
Service migrates within a pool of replicas and
only legitimate clients can follow it. Proactive
roaming is time-triggered.
We built a simple file transfer service which
utilizes proactive roaming in NS2.
  • Replication provides Fault Tolerance.
  • Server Roaming augments Replication
  • with DoS attack tolerance.
  • Secure Proactive Roaming is a promising
  • direction for providing sustained QoS level
  • in the presence of (undetected) DoS attacks.

Key generation
Future Work
ftp server
good agent
bad agent
Rn
Rn-1
Rn-2
R1
R2
  • Network topology as shown above.
  • File requests of 1Mb each.
  • Attackers bombard the server with requests for
    files.
  • We simulated one type of attacks in which the
    attackers attack only one server.

Roaming time and target calculation
  • More complex attack models.
  • Formal proof of the mechanisms security.
  • Analytical study using Markov Chains
  • and/or Game theoretic Models.

Roaming
  • Key Generation Ki-1H(Ki), for 1ltiltn and H(.) is
    a one-way hash function.
  • Roaming Trigger Ri-Ri-1MSBm(G(Ki-1)), 2m
    maxRj-Rj-1 for 1ltjltn and MSBx are the most
    significant bits of x
  • Roaming Targeti ServersMSBlogN(G(Ki)), where
    Servers is the list of N servers.
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Network topology as shown above." is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!