1 / 10

Design of an Autonomous Anti-DDOS Network (A2D2)

Design of an Autonomous Anti-DDOS Network (A2D2). Angela Cearns Thesis Proposal Master of Software Engineering University of Colorado, Colorado Springs. Introduction - DDoS. DDoS – a threat not forgotten 3 main research areas: Source Identification (Prevention)

tmick
Télécharger la présentation

Design of an Autonomous Anti-DDOS Network (A2D2)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Design of an Autonomous Anti-DDOS Network (A2D2) Angela Cearns Thesis Proposal Master of Software Engineering University of Colorado, Colorado Springs

  2. Introduction - DDoS • DDoS – a threat not forgotten • 3 main research areas: • Source Identification (Prevention) • ITRACE, Ingree/Engress Filtering • More difficult with distributed attack & new tools • Most effective when implemented from attackers’ networks • Detection • Monitor and identify patterns • Intrusion Tolerance (Response) • Minimize attack impact, maximize QoS • Focus of this Thesis

  3. Existing Intrusion Tolerant Architecture – Main Shortcomings • Rate-Limiting • IDS with high false positives  dropped packets from legitimate clients • Expensive & Extensive Infrastructure • XenoService – dynamic duplication • Very expensive, all ISP need to purchase this service • Pushback architecture • Require co-operations of ISPs worldwide • DARPA IDIP autonomous response network • Require protocol is not standard yet

  4. Current Thesis Proposal • UCSD research • Significant of DDoSes targeted home and medium-sized businesses • This Thesis Design an Autonomous Anti-DDoS network • Integrate/improve existing technologies • Easily afforded and implemented by home and small networks

  5. Proposed A2D2 Design & Improvements • Fit real-life scenario • Detection • Snort: new patch to detect generic flood • New module plug-in • Autonomic Mitigation • Class-based queuing • Design new multi-level rate limiting • Design new interface to integrate the various methodologies to achieve autonomic response

  6. Proposed A2D2 Design & Improvements • Software Engineering Principle Analysis • Testing Evaluation • Current DDoS research  no common test matrix and test parameters

  7. Thesis Plan & Schedule • Requirement Analysis (February 1, 2002 – June 30 2002) • Identify and understand the problem domain • Identify the problem • Evaluate possible prototypes • Define requirements • Present proposal and obtain official approval • Planning (May 25, 2002 – July 12, 2002) • Identify and obtain resources needed • Define thesis plan and schedule • Design (May 25, 2002 – July 12, 2002) • Design initial test-bed prototype and evaluate design effectiveness • Refine and finalize test-bed design • Refine A2D2 response system design • Implementation & Testing (May 30, 2002 – August 30, 2002) • Create initial prototype • Identify testing techniques before attack network is created. • Create attack network • Refine and create response network • Refine autonomous response • Project Closure (August 25, 2002 –September 25, 2002) • Present final data and obtain approval. • Create all necessary documentation • Thesis defense

  8. Thesis Deliverables • The network test-bed • Attack network + response network • Resemble real-life scenario • The A2D2 response network • Thesis report • Software Engineering analysis report

  9. Questions? Suggestions? References: Please refer to Proposal Document

More Related