search query: @keyword intrusion detection systems / total: 4
results-list
reference: 2 / 4
« previous | next »
Author:Guiton, Emmanuel
Title:A Rate-Limiting System to Mitigate Denial of Service Attacks
Nopeudenrajoitusmenetelmä palvelunestohyökkäysten tehon vähentämiseksi
Publication type:Master's thesis
Publication year:2003
Pages:xiii + 97      Language:   eng
Department/School:Sähkö- ja tietoliikennetekniikan osasto
Main subject:Tietoverkkotekniikka   (S-38)
Supervisor:Jormakka, Jorma
Instructor:Mölsä, Jarmo
OEVS:
Electronic archive copy is available via Aalto Thesis Database.
Instructions
close

Reading digital theses in the closed network of the Aalto University Harald Herlin Learning Centre

In the closed network of Learning Centre you can read digital and digitized theses not available in the open network.

The Learning Centre contact details and opening hours: https://learningcentre.aalto.fi/en/harald-herlin-learning-centre/

You can read theses on the Learning Centre customer computers, which are available on all floors.

Logging on to the customer computers

  • Aalto University staff members log on to the customer computer using the Aalto username and password.
  • Other customers log on using a shared username and password.

Opening a thesis

  • On the desktop of the customer computers, you will find an icon titled:

    Aalto Thesis Database

  • Click on the icon to search for and open the thesis you are looking for from Aaltodoc database. You can find the thesis file by clicking the link on the OEV or OEVS field.

Reading the thesis

  • You can either print the thesis or read it on the customer computer screen.
  • You cannot save the thesis file on a flash drive or email it.
  • You cannot copy text or images from the file.
  • You cannot edit the file.

Printing the thesis

  • You can print the thesis for your personal study or research use.
  • Aalto University students and staff members may print black-and-white prints on the PrintingPoint devices when using the computer with personal Aalto username and password. Color printing is possible using the printer u90203-psc3, which is located near the customer service. Color printing is subject to a charge to Aalto University students and staff members.
  • Other customers can use the printer u90203-psc3. All printing is subject to a charge to non-University members.
Location:P1 Ark S80     | Archive
Keywords:Denial of Service
Intrusion Detection Systems
Quality of Service
rate-limiting
Rate-Limiting System
RLS-AQM
Abstract (eng):This document describes an implementation and the testing of an automatic defense system that uses rate-limiting to mitigate Denial of Service attacks.

Denial of Service attacks - and particularly the distributed ones - are amongst the latest and most problematic trends in network security threats.
Currently, a few effective defense methods exist against them.
In this document, the proposal is to jointly use the, capabilities of attack detection (via Intrusion Detection Systems) and Quality of Service to rate-limit these attacks.
As an automatic reaction, rate-limiting has an advantage over blocking: it preserves the legitimate traffic that is mis-identified as belonging to an attack.

This document describes in detail an already specified Rate-Limiting System.
This system selects traffic into legitimate and attack aggregates thanks to an attack detection module.
Based on this selection, routers direct the traffic aggregates into different queues.
Attack queues are managed by a new Active Queue Management mechanism that enforces rate-limiting limiting by randomly discarding packets.

This thesis presents mainly an implementation of the Rate-Limiting System in a Linux environment and its testing.
It appeared from the tests that HTTP and FTP-downloading can handle one-way packet loss well, thus showing the suitability of rate-limiting to defend a website against low-bandwidth Denial of Service attacks such as typical TCP SYN or ICMP Echo Request flooding attacks.
ED:2003-11-11
INSSI record number: 20120
+ add basket
« previous | next »
INSSI