Analysis, detection, and modeling of attacks in computer communication networks

Keywords

Computer networks -- Security measures; Computer security

Abstract

This dissertation begins with the description and analysis of a certain class of denial of service attacks along with an overview of techniques and tools used to discover and analyze them. Two new solutions to the problem of detecting this type of attack are introduced developed, and evaluated. We demonstrate that one of these techniques can detect an average of 84% of the attacks and the other detects an average of 96%, all with no occurrence of a false alarm. (In this arena the latter may be more important than the former.) Having experienced firsthand the difficulty of creating a controlled environment, for testing new attack detection techniques we then describe the problems in this area and develop a new tool to be used in modeling and generating attacks. The first detection technique is based on an in-depth analysis of an invariant traffic characteristic that appears to be affected by certain types of network attack. The main benefits of detecting attacks by monitoring traffic invariants are that (1) no prior knowledge of the attack's behavior is needed and (2) no template of 'normal' traffic activity is needed.

The second technique is based on detecting abnormalities in a measurable traffic characteristic and although a traffic template is required, it does not require prior knowledge of the behavior of attacks, an advantage over some types of anomaly-based detectors. An attack generation system is presented that uses models of captured attacks to generate realistic, synthetic attacks under controlled conditions. This capability provides the designers of intrusion detection systems with a useful tool for testing their algorithms and sensors. It can also be used to test systems and networks for vulnerability to known attacks.

Notes

This item is only available in print in the UCF Libraries. If this is your thesis or dissertation, you can help us make it available online for use by researchers around the world by STARS for more information.

Graduation Date

2003

Advisor

Marin, Gerald A.

Degree

Doctor of Philosophy (Ph.D.)

College

College of Engineering

Department

Electrical Engineering and Computer Science

Degree Program

Computer Science

Format

PDF

Pages

241 p.

Language

English

Length of Campus-only Access

None

Access Status

Doctoral Dissertation (Open Access)

Identifier

DP0029092

Subjects

Dissertations, Academic -- Engineering; Engineering -- Dissertations, Academic

This document is currently not available here.

Share

COinS