| Search the Collection|Browse Subjects|Services|Library Information|Community |News & Events | |
|
|
|
|
|
|
|
|
||||
|
|||||||
Type of Document Master's Thesis Author Mahadik, Vinay A., Author's Email Address VAMahadik@lbl.gov URN etd-08132002-143359 Title Detection of Denial of QoS Attacks on DiffServ Networks. Degree Master of Science Graduate Program Computer Networking Advisory Committee
Advisor Name Title Dr. Douglas S. Reeves Committee Chair Dr. Gregory Byrd Committee Member Dr. Jon Doyle Committee Member Dr. Peng Ning Committee Member Keywords
- security
- deception
- QoS
- compromise
- statistical intrusion detection
- hack
- anomaly detection
Date of Defense 2002-06-07 Availability unrestricted Abstract In this work, we describe a method of detecting denial of Quality of Service (QoS)attacks on Differentiated Services (DiffServ) networks. Our approach focusses on real time
and quick detection, scalability to large networks, and a negligible false alarm generation
rate. This is the first comprehensive study on DiffServ monitoring. Our contributions
to this research area are 1. We identify several potential attacks, develop/use research
implementations of each on our testbed and investigate their effects on the QoS sensitive
network flows. 2. We study the effectiveness of several anomaly detection approaches;
select and adapt SRI's NIDES statistical inference algorithm and EWMA Statistical Process
Control technique for use in our anomaly detection engine. 3. We then emulate a Wide Area
Network on our testbed. We measure the effectiveness of our anomaly detection system in
detecting the attacks and present the results obtained as a justification of our work. 4. We
verify our findings through simulation of the network and the attacks on NS2 (the Network
Simulator, version 2). We believe that given the results of the tests with our implementation
of the attacks and the detection system, further validated by the simulations, the method
is a strong candidate for QoS-intrusion detection for a low-cost commercial deployment.
Files
Filename Size Approximate Download Time (Hours:Minutes:Seconds)
28.8 Modem 56K Modem ISDN (64 Kb) ISDN (128 Kb) Higher-speed Access etd.pdf 1.00 Mb 00:04:38 00:02:23 00:02:05 00:01:02 00:00:05