以作者查詢圖書館館藏

、以作者查詢臺灣博碩士

、以作者查詢全國書目

、勘誤回報

、線上人數：29

、訪客IP：3.21.231.245

姓名	黃熙程(Hsi-Cheng Huang)  查詢紙本館藏	畢業系所	資訊工程學系
論文名稱	SSDC:一個基於伺服器端之Coremelt及Crossfire分散式阻斷服務攻擊的偵測辦法 (SSDC:A Server Side Solution to Detect Coremelt and Crossfire DDoS Attacks)
相關論文	★ USB WORM KILLER: Cure USB Flash Worms Through a USB Flash Worm ★ Discoverer- Rootkit即時偵測系統 ★ 一項Android手機上詐騙簡訊的偵測與防禦機制 ★ SRA系統防禦ARP欺騙劫持路由器 ★ A Solution for Detecting and Defending ARP Spoofing on Virtual Machines ★ 針對遠端緩衝區溢位攻擊之自動化即時反擊系統 ★ 即時血清系統: 具攻性防壁之自動化蠕蟲治癒系統 ★ DNSPD: Entrap Botnets Through DNS Cache Poisoning Detection ★ TransSQL: A Translation and Validation-based Solution for SQL-Injection Attacks ★ A Spam Mail-based Solution for Botnet Detection and Network Bandwidth Protection ★ Shark: Phishing Information Recycling from Spam Mails ★ FFRTD: Beat Fast-Flux by Response Time Differences ★ Antivirus Software Shield against Antivirus Terminators ★ MAC-YURI : My ACcount, YoUr ResponsIbility ★ KKBB: Kernel Keylogger Bye-Bye ★ CIDP Treatment: An Innovative Mobile Botnet Covert Channel based on Caller IDs with P8 Treatment
檔案	[Endnote RIS 格式]    [Bibtex 格式]    [相關文章]   [文章引用]   [完整記錄]   [館藏目錄]   [檢視]  [下載] 本電子論文使用權限為同意立即開放。 已達開放權限電子全文僅授權使用者為學術研究之目的，進行個人非營利性質之檢索、閱讀、列印。 請遵守中華民國著作權法之相關規定，切勿任意重製、散佈、改作、轉貼、播送，以免觸法。
摘要(中)	由於缺乏有效的解決方法，DoS 及DDoS Attack是現今不斷肆虐在網際網路上，造成嚴重破壞的攻擊。DoS 及DDoS Attack的種類與手法繁多，其中、Crossfire 及 Coremelt 這兩種分散式阻斷服務攻擊 (DDoS Attack) 被資安專家視為難解的問題。主要的原因是造成這些攻擊的攻擊封包並不會送向被攻擊主機(被攻擊的主機通常是網路上的各種伺服器)，而是在攻擊者控制的機器間傳遞。 這個特色導致無論從受害主機端或是從ISPs端均難以得知實際參與攻擊的惡意主機。而即使遭攻擊的主機發現長時間都無使用者與其連線，遭攻擊的主機也僅能感覺狀況異常，而無法得知其是否遭受Crossfire 及 Coremelt DDoS攻擊。因此在本論文中我們將發展出一server side的偵測系統，用以偵測server side是否遭受Crossfire及Coremelt DDoS attack，且偵測系統在遭受Crossfire 及 Coremelt DDoS攻擊時被癱瘓的網段之位置。
摘要(英)	Due to the lack of effective solutions, DoS and DDoS attack is common on the internet now which cause serious damage. There are numerous types of DoS and DDos attack. Among them, Crossfire and Coremelt DDos Attack are considered as difficult problems by computer security experts. The main reason is that the attack packets which caused by Coremelt and Crossfire are not send to the target host machines directly but the machines controlled by attacker. (The target host machines are usually servers on the internet.) This feature of Coremetl and Crossfire leads to that it’s difficult to know the actual host machines which are participated in the attack from both the ISP side and the victim side. So that the target servers can only feel the abnormal situation but not know whether they suffered from Crossfire and Coremelt attack, even if target servers find that there are no client connections for a long time. In this project we will develop an server side system to detect whether the server side machine suffered from Crossfire and Coremelt attack and the location of the network segment which were paralyzed by Crossfire and Coremelt.
關鍵字(中)	★ 封包側錄 ★ VyOS ★ Linux ★ DDoS ★ LFA	關鍵字(英)	★ Packet sniffer ★ VyOS ★ Linux ★ DDoS ★ LFA
論文目次	中文摘要 5 Abstract 6 誌謝 7 Contents 8 List of Figures 10 List of Tables 11 Chapter 1. Introduction 12 Chapter 2. Background 15 2.1. Denial of Service Attacks 15 2.2. Distributed Denial Of Service Attack 15 2.3. Link-flood Attack 16 2.4. Coremelt DDoS Attack 16 2.5. Crossfire DDoS Attack 17 2.6. Wireshark/TShark 17 2.7. PyShark 17 2.8. VyOS 18 2.9. Hping 18 2.10. MariaDB 19 2.11. MTR 19 Chapter 3. Related Work 20 3.1. Mitigate LFA DDoS by obfuscated linkmap 20 3.2. Detect LFA by enumerating a set of end-to-end path 20 3.3. Crossfire DoS Attack and its Defence Mechanism 21 3.4. Towards Defeating the Crossfire Attack using SDN 21 Chapter 4. System Design 22 4.1. Components in SSDC 23 4.2. Execution Flow and Data Flow 27 Chapter 5. Evaluation 31 5.1. Environment 31 5.2. Resource Usage and Overhead 34 5.3. Detection Accuracy of SSDC 36 Chapter 6. Discussion 38 6.1. Limitation 38 6.2. Future Work 38 Chapter 7. Conclusion 40
參考文獻	[1] Lei Xue, Xiapu Luo, Edmond W. W. Chan, Xian Zhan, “Towards Detecting Target Link Flood Attack”, USENIX Security Symposium, 2014 https://www.usenix.org/system/files/conference/lisa14/lisa14-paper-xue.pdf [2] Qian Wang, Feng Xiao, Man Zhou, Zhibo Wang, Hongyu Ding, “Targets Can Be Baits: Mitigating Link-flooding Attacks With Active Link Obfuscation”, Cornell University Library, https://pdfs.semanticscholar.org/56e8/3dd78a131739db898b5e37689afca4b1f98f.pdf [3] Sumer Shende, “Crossfire DoS Attack and its Defence Mechanism”, http://www.ijcaonline.org/research/volume132/number3/shende-2015-ijca-907313.pdf [4] Dimitrios Gkounis, Vasileios Kotronis, Xenofontas Dimitropoulos, “Towards Defeating the Crossfire Attack using SDN”, https://arxiv.org/pdf/1412.2013.pdf [5] Ahren Studer, Adrian Perrig “The Coremelt Attack”, Proc.ESORICS ,2009 http://www.netsec.ethz.ch/publications/papers/studer_esorics09.pdf [6] Min Suk Kang, Soo Bum Lee, Virgil D. Gligor, “The Crossfire Attack”, Proc.IEEE SecurityandPrivacy ,2013. http://www.ieee-security.org/TC/SP2013/papers/4977a127.pdf [7] VMware ESXI [Online]. Available: https://www.vmware.com/products/vsphere-hypervisor.html [8] VyOS [Online]. Available: https://vyos.io/ [9] Hping [Online]. Available: https://github.com/antirez/hping [10] MTR [Online]. Available: https://github.com/traviscross/mtr [11] TShark [Online]. Available: https://github.com/wireshark/wireshark [12] MariaDB [Online]. Available: https://mariadb.org/download/ [13] Wikipedia. Denial-of-service attack [Online]. Available: https://en.wikipedia.org/wiki/Denial-of-service_attack [14] Wikipedia. Packet analyzer [Online]. Available: https://www.wikiwand.com/en/Packet_analyzer
指導教授	許富皓(Fu-Hau Hsu)	審核日期	2017-7-17
推文	facebook   plurk   twitter   funp   google   live   udn   HD   myshare   reddit   netvibes   friend   youpush   delicious   baidu
網路書籤	Google bookmarks   del.icio.us   hemidemi   myshare