search query: @keyword intrusion detection systems / total: 4
reference: 2 / 4
Author: | Guiton, Emmanuel |
Title: | A Rate-Limiting System to Mitigate Denial of Service Attacks |
Nopeudenrajoitusmenetelmä palvelunestohyökkäysten tehon vähentämiseksi | |
Publication type: | Master's thesis |
Publication year: | 2003 |
Pages: | xiii + 97 Language: eng |
Department/School: | Sähkö- ja tietoliikennetekniikan osasto |
Main subject: | Tietoverkkotekniikka (S-38) |
Supervisor: | Jormakka, Jorma |
Instructor: | Mölsä, Jarmo |
OEVS: | Electronic archive copy is available via Aalto Thesis Database.
Instructions Reading digital theses in the closed network of the Aalto University Harald Herlin Learning CentreIn the closed network of Learning Centre you can read digital and digitized theses not available in the open network. The Learning Centre contact details and opening hours: https://learningcentre.aalto.fi/en/harald-herlin-learning-centre/ You can read theses on the Learning Centre customer computers, which are available on all floors.
Logging on to the customer computers
Opening a thesis
Reading the thesis
Printing the thesis
|
Location: | P1 Ark S80 | Archive |
Keywords: | Denial of Service Intrusion Detection Systems Quality of Service rate-limiting Rate-Limiting System RLS-AQM |
Abstract (eng): | This document describes an implementation and the testing of an automatic defense system that uses rate-limiting to mitigate Denial of Service attacks. Denial of Service attacks - and particularly the distributed ones - are amongst the latest and most problematic trends in network security threats. Currently, a few effective defense methods exist against them. In this document, the proposal is to jointly use the, capabilities of attack detection (via Intrusion Detection Systems) and Quality of Service to rate-limit these attacks. As an automatic reaction, rate-limiting has an advantage over blocking: it preserves the legitimate traffic that is mis-identified as belonging to an attack. This document describes in detail an already specified Rate-Limiting System. This system selects traffic into legitimate and attack aggregates thanks to an attack detection module. Based on this selection, routers direct the traffic aggregates into different queues. Attack queues are managed by a new Active Queue Management mechanism that enforces rate-limiting limiting by randomly discarding packets. This thesis presents mainly an implementation of the Rate-Limiting System in a Linux environment and its testing. It appeared from the tests that HTTP and FTP-downloading can handle one-way packet loss well, thus showing the suitability of rate-limiting to defend a website against low-bandwidth Denial of Service attacks such as typical TCP SYN or ICMP Echo Request flooding attacks. |
ED: | 2003-11-11 |
INSSI record number: 20120
+ add basket
INSSI