Mitigating Denial of Service using QoS regulation /

As more and more critical services are provided over the Internet, the risk to these services from malicious users is also increasing. Several networks have witnessed problems like Denial of Service attacks over the recent past. Denial of Service attacks work by flooding a network, router or an end...

Full description

Bibliographic Details
Main Author: Garg, Aman, 1976-
Format: Thesis eBook
Language:English
Published: [Place of publication not identified] : [publisher not identified] ; 2001.
Subjects:
Online Access:Link to OAKTrust copy
Description
Summary:As more and more critical services are provided over the Internet, the risk to these services from malicious users is also increasing. Several networks have witnessed problems like Denial of Service attacks over the recent past. Denial of Service attacks work by flooding a network, router or an end server with malicious packets and fooling the underlying system into believing that these malicious packets were legitimate. An excess of these packets can cause overload conditions in the network and on the end servers. The purpose of this research is to provide an efficient way to keep track of server and network resources in an attempt to mitigate the effect of such attacks. Our scheme provides a general, and not attack specific, mechanism to provide graceful server degradation in the face of such an attack. Our solution is based on two seemingly different paradigms -- Denial of Service, and Quality of Service. The solution has two parts. The first part is to maintain sufficient state information per resource in the network layer, so as to be able to get a high-level picture of current network behavior and resource consumption status. The second part is a policing or enforcing mechanism which can regulate resource consumption and recover excess resources if they are believed to be held by malicious flows. A Window Regulation based scheme is proposed and implemented to do the regulation of traffic. It is shown that this scheme works better than conventional rate-based QoS regulation.
Item Description:"Major subject: Computer Engineering".
Vita.
Physical Description:x, 60 leaves : illustrations ; 28 cm.
Also available online.
Issued also on microfiche from Lange Micrographics.
Bibliography:Includes bibliographical references (leaves 55-59).