ECE Home
About ECE
Why Study Electrical & Computer Engineering at NJIT?
Our People
Academics
Undergraduate Majors
Research
Learning Beyond the Classroom
Careers in ECE & Industry Partners
News & Events
Info for Students
Contact Us
BS in Computer Engineering (CoE)
CoE Mission Statement
CoE Program Objectives
BS in Electrical Engineering (EE)
EE Mission Statement
EE Program Objectives
Senior Design Projects
Advising
Graduate Degree Programs
Countering Distributed Denial Of Service Attacks With Ip Traceback And Ddos Defense
Ph.D. Dissertation Defens by Zhiqiang GAO
Date: May 10, 2006 (Wednesday)
Time: 12:00 pm
Location : ECE202, NJIT
Denial of service (DoS) attacks and distributed denial of service (DDoS) attacks are probably the most ferocious threats in the Internet, resulting in tremendous economic and social implications/impacts on our daily lives which are increasingly depending on the well-being of the Internet. How to mitigate these attacks effectively and efficiently has become an active research area. The critical issues here include 1) IP spoofing, i.e., forged source IP addresses are routinely employed to conceal the identifier of the attack sources and deter the efforts of detection, defense, and tracing; 2) the distributed nature, that is, hundreds or thousands of compromised hosts are orchestrated to attack the victim synchronously. Other related issues are scalability, lack of sufficient incentives to deploy a new scheme, and the effectiveness under partial deployment.
This dissertation investigates and proposes effective schemes to handle DDoS attacks. It is comprised of three parts. The first part introduces the classification of DDoS attacks and the evaluation of previous schemes. The second part presents our proposed IP traceback scheme, namely, practical and robust inter-domain traceback (ASEM). ASEM enhances PPM in several aspects: (1) ASEM is capable of addressing large-scale DDoS attacks efficiently; (2) ASEM is capable of handling spoofed marking from the attacker and spurious marking incurred by subverted routers, which is a unique and critical feature; (3) ASEM can significantly reduce the number of marked packets required for path reconstruction and suppress false positives as well. The third part presents our devised DDoS defense mechanisms, including four-color-theorem based path marking and a comprehensive framework for DDoS defense. The salient features of the framework include (1) it is designed to tackle a wide spectrum of DDoS attacks rather than a specified one, and (2) it can differentiate malicious traffic from normal ones. The receiver-center design avoids several related issues such as scalability, and lack of incentives to deploy a new scheme. Finally, conclusions are drawn and future work is discussed.
Committee members:
Dr. Nirwan Ansari, Professor, ECE, NJIT, Dissertation Advisor
Dr. Swades De, Assistant Professor, ECE, NJIT, Committee Member
Dr. Edwin Hou, Associate Professor, ECE, NJIT, Committee Member|
Dr. Teunis Ott, Professor, CS, NJIT, Committee Member
Dr. Roberto Rojas-cessa, Assistant Professor, ECE, NJIT, Committee Member