以作者查詢圖書館館藏 、以作者查詢臺灣博碩士 、以作者查詢全國書目 、勘誤回報 、線上人數:70 、訪客IP:3.14.246.184
姓名 黃熙程(Hsi-Cheng Huang) 查詢紙本館藏 畢業系所 資訊工程學系 論文名稱 SSDC:一個基於伺服器端之Coremelt及Crossfire分散式阻斷服務攻擊的偵測辦法
(SSDC:A Server Side Solution to Detect Coremelt and Crossfire DDoS Attacks)相關論文 檔案 [Endnote RIS 格式] [Bibtex 格式] [相關文章] [文章引用] [完整記錄] [館藏目錄] [檢視] [下載]
- 本電子論文使用權限為同意立即開放。
- 已達開放權限電子全文僅授權使用者為學術研究之目的,進行個人非營利性質之檢索、閱讀、列印。
- 請遵守中華民國著作權法之相關規定,切勿任意重製、散佈、改作、轉貼、播送,以免觸法。
摘要(中) 由於缺乏有效的解決方法,DoS 及DDoS Attack是現今不斷肆虐在網際網路上,造成嚴重破壞的攻擊。DoS 及DDoS Attack的種類與手法繁多,其中、Crossfire 及 Coremelt 這兩種分散式阻斷服務攻擊 (DDoS Attack) 被資安專家視為難解的問題。主要的原因是造成這些攻擊的攻擊封包並不會送向被攻擊主機(被攻擊的主機通常是網路上的各種伺服器),而是在攻擊者控制的機器間傳遞。
這個特色導致無論從受害主機端或是從ISPs端均難以得知實際參與攻擊的惡意主機。而即使遭攻擊的主機發現長時間都無使用者與其連線,遭攻擊的主機也僅能感覺狀況異常,而無法得知其是否遭受Crossfire 及 Coremelt DDoS攻擊。因此在本論文中我們將發展出一server side的偵測系統,用以偵測server side是否遭受Crossfire及Coremelt DDoS attack,且偵測系統在遭受Crossfire 及 Coremelt DDoS攻擊時被癱瘓的網段之位置。摘要(英)
Due to the lack of effective solutions, DoS and DDoS attack is common on the internet now which cause serious damage. There are numerous types of DoS and DDos attack. Among them, Crossfire and Coremelt DDos Attack are considered as difficult problems by computer security experts. The main reason is that the attack packets which caused by Coremelt and Crossfire are not send to the target host machines directly but the machines controlled by attacker. (The target host machines are usually servers on the internet.)
This feature of Coremetl and Crossfire leads to that it’s difficult to know the actual host machines which are participated in the attack from both the ISP side and the victim side. So that the target servers can only feel the abnormal situation but not know whether they suffered from Crossfire and Coremelt attack, even if target servers find that there are no client connections for a long time. In this project we will develop an server side system to detect whether the server side machine suffered from Crossfire and Coremelt attack and the location of the network segment which were paralyzed by Crossfire and Coremelt.關鍵字(中) ★ 封包側錄
★ VyOS
★ Linux
★ DDoS
★ LFA關鍵字(英) ★ Packet sniffer
★ VyOS
★ Linux
★ DDoS
★ LFA論文目次
中文摘要 5
Abstract 6
誌謝 7
Contents 8
List of Figures 10
List of Tables 11
Chapter 1. Introduction 12
Chapter 2. Background 15
2.1. Denial of Service Attacks 15
2.2. Distributed Denial Of Service Attack 15
2.3. Link-flood Attack 16
2.4. Coremelt DDoS Attack 16
2.5. Crossfire DDoS Attack 17
2.6. Wireshark/TShark 17
2.7. PyShark 17
2.8. VyOS 18
2.9. Hping 18
2.10. MariaDB 19
2.11. MTR 19
Chapter 3. Related Work 20
3.1. Mitigate LFA DDoS by obfuscated linkmap 20
3.2. Detect LFA by enumerating a set of end-to-end path 20
3.3. Crossfire DoS Attack and its Defence Mechanism 21
3.4. Towards Defeating the Crossfire Attack using SDN 21
Chapter 4. System Design 22
4.1. Components in SSDC 23
4.2. Execution Flow and Data Flow 27
Chapter 5. Evaluation 31
5.1. Environment 31
5.2. Resource Usage and Overhead 34
5.3. Detection Accuracy of SSDC 36
Chapter 6. Discussion 38
6.1. Limitation 38
6.2. Future Work 38
Chapter 7. Conclusion 40參考文獻
[1] Lei Xue, Xiapu Luo, Edmond W. W. Chan, Xian Zhan, “Towards Detecting Target Link Flood Attack”, USENIX Security Symposium, 2014
https://www.usenix.org/system/files/conference/lisa14/lisa14-paper-xue.pdf
[2] Qian Wang, Feng Xiao, Man Zhou, Zhibo Wang, Hongyu Ding, “Targets Can Be Baits: Mitigating Link-flooding Attacks With Active Link Obfuscation”, Cornell University Library,
https://pdfs.semanticscholar.org/56e8/3dd78a131739db898b5e37689afca4b1f98f.pdf
[3] Sumer Shende, “Crossfire DoS Attack and its Defence Mechanism”,
http://www.ijcaonline.org/research/volume132/number3/shende-2015-ijca-907313.pdf
[4] Dimitrios Gkounis, Vasileios Kotronis, Xenofontas Dimitropoulos, “Towards Defeating the Crossfire Attack using SDN”,
https://arxiv.org/pdf/1412.2013.pdf
[5] Ahren Studer, Adrian Perrig “The Coremelt Attack”, Proc.ESORICS ,2009
http://www.netsec.ethz.ch/publications/papers/studer_esorics09.pdf
[6] Min Suk Kang, Soo Bum Lee, Virgil D. Gligor, “The Crossfire Attack”, Proc.IEEE SecurityandPrivacy ,2013.
http://www.ieee-security.org/TC/SP2013/papers/4977a127.pdf
[7] VMware ESXI [Online]. Available: https://www.vmware.com/products/vsphere-hypervisor.html
[8] VyOS [Online]. Available:
https://vyos.io/
[9] Hping [Online]. Available:
https://github.com/antirez/hping
[10] MTR [Online]. Available:
https://github.com/traviscross/mtr
[11] TShark [Online]. Available:
https://github.com/wireshark/wireshark
[12] MariaDB [Online]. Available:
https://mariadb.org/download/
[13] Wikipedia. Denial-of-service attack [Online]. Available: https://en.wikipedia.org/wiki/Denial-of-service_attack
[14] Wikipedia. Packet analyzer [Online]. Available:
https://www.wikiwand.com/en/Packet_analyzer指導教授 許富皓(Fu-Hau Hsu) 審核日期 2017-7-17 推文 facebook plurk twitter funp google live udn HD myshare reddit netvibes friend youpush delicious baidu 網路書籤 Google bookmarks del.icio.us hemidemi myshare