국립중앙도서관 "우편 복사 서비스"로 연결 됩니다.
Distributed Denial of Service attack is a challenging threat to current internet world. Due to thousands of vulnerable machines connected to internet, hackers need little preparation to launch a highly destructive attack. Attacks can be easily downloa...
다국어 입력
あ
ぁ
か
が
さ
ざ
た
だ
な
は
ば
ぱ
ま
や
ゃ
ら
わ
ゎ
ん
い
ぃ
き
ぎ
し
じ
ち
ぢ
に
ひ
び
ぴ
み
り
う
ぅ
く
ぐ
す
ず
つ
づ
っ
ぬ
ふ
ぶ
ぷ
む
ゆ
ゅ
る
え
ぇ
け
げ
せ
ぜ
て
で
ね
へ
べ
ぺ
め
れ
お
ぉ
こ
ご
そ
ぞ
と
ど
の
ほ
ぼ
ぽ
も
よ
ょ
ろ
を
ア
ァ
カ
サ
ザ
タ
ダ
ナ
ハ
バ
パ
マ
ヤ
ャ
ラ
ワ
ヮ
ン
イ
ィ
キ
ギ
シ
ジ
チ
ヂ
ニ
ヒ
ビ
ピ
ミ
リ
ウ
ゥ
ク
グ
ス
ズ
ツ
ヅ
ッ
ヌ
フ
ブ
プ
ム
ユ
ュ
ル
エ
ェ
ケ
ゲ
セ
ゼ
テ
デ
ヘ
ベ
ペ
メ
レ
オ
ォ
コ
ゴ
ソ
ゾ
ト
ド
ノ
ホ
ボ
ポ
モ
ヨ
ョ
ロ
ヲ
―
http://chineseinput.net/에서 pinyin(병음)방식으로 중국어를 변환할 수 있습니다.
변환된 중국어를 복사하여 사용하시면 됩니다.
예시)
- 中文 을 입력하시려면 zhongwen을 입력하시고 space를누르시면됩니다.
- 北京 을 입력하시려면 beijing을 입력하시고 space를 누르시면 됩니다.
А
Б
В
Г
Д
Е
Ё
Ж
З
И
Й
К
Л
М
Н
О
П
Р
С
Т
У
Ф
Х
Ц
Ч
Ш
Щ
Ъ
Ы
Ь
Э
Ю
Я
а
б
в
г
д
е
ё
ж
з
и
й
к
л
м
н
о
п
р
с
т
у
ф
х
ц
ч
ш
щ
ъ
ы
ь
э
ю
я
′
″
℃
Å
¢
£
¥
¤
℉
‰
$
%
F
₩
㎕
㎖
㎗
ℓ
㎘
㏄
㎣
㎤
㎥
㎦
㎙
㎚
㎛
㎜
㎝
㎞
㎟
㎠
㎡
㎢
㏊
㎍
㎎
㎏
㏏
㎈
㎉
㏈
㎧
㎨
㎰
㎱
㎲
㎳
㎴
㎵
㎶
㎷
㎸
㎹
㎀
㎁
㎂
㎃
㎄
㎺
㎻
㎽
㎾
㎿
㎐
㎑
㎒
㎓
㎔
Ω
㏀
㏁
㎊
㎋
㎌
㏖
㏅
㎭
㎮
㎯
㏛
㎩
㎪
㎫
㎬
㏝
㏐
㏓
㏃
㏉
㏜
㏆
RISS 인기검색어
https://www.riss.kr/link?id=T10879406
- 저자
-
발행사항
수원 : 아주대학교 정보통신전문대학원, 2006
-
학위논문사항
Thesis(Master) -- 아주대학교 정보통신전문대학원 , 정보통신공학과
-
발행연도
2006
-
작성언어
영어
- 주제어
-
발행국(도시)
대한민국
-
형태사항
43 ; 26cm
-
일반주기명
지도교수 :홍만표
-
소장기관
- 아주대학교 도서관
- 아주대학교 도서관
-
0
상세조회 -
0
다운로드
부가정보
다국어 초록 (Multilingual Abstract)
Distributed Denial of Service attack is a challenging threat to current internet world. Due to thousands of vulnerable machines connected to internet, hackers need little preparation to launch a highly destructive attack. Attacks can be easily downloaded and launched through these fertilized zombie machines. While defense mechanisms and trace back is highly inefficient due to high number of attack machines.
Researchers and commercial organizations are putting all there efforts to deal with the DDoS attack problem but the problem is still unsolved. In this thesis we discussed the DDoS problem in two directions: 1) Cause of problem. 2) Design (architecture and implementation) of defense of DDoS problem which we named PMS that highly prevents the spoofed IP packets to consume legitimate internet bandwidth.
In PMS, the packet is marked by the routers which come along the path to the destination. The packets traveling along the same path will have the same marking which will be dynamically changed after certain span of time. PMS can not only defend against the DDoS attack but also it can deal with the TCP hijacking and multicast source spoofing attacks. PMS defense mechanism just needs to identify only one malicious packet to identify the attack. PMS also supports incremental deployment which enhances its effectiveness against the DDoS attack. PMS scheme effectively defend the network from DDoS attack.
목차 (Table of Contents)
- 1 Introduction 1
- 2 Classification of DoS attacks 4
- 2.1 Data Flood 4
- 2.2 Network Level Attack 4
- 2.3 OS Level Attack 5
- 1 Introduction 1
- 2 Classification of DoS attacks 4
- 2.1 Data Flood 4
- 2.2 Network Level Attack 4
- 2.3 OS Level Attack 5
- 2.4 Application Level Attack 5
- 2.5 Buffer Overflow Attack 5
- 2.6 Protocol exploitation Attack 5
- 3 Classification by DDoS Attack 6
- 3.1 Categorization by Level of Computerization 7
- 3.1.1 Instruction based DDoS Attacks 7
- 3.1.2 Semi-Preset DDoS Attacks 8
- 3.1.3 Preset DDoS Attacks 8
- 3.2 Categorization by DDoS Attack Network 8
- 3.2.1 Agent Handler Model Attacks 8
- 3.2.2 IRC-Based Model Attacks 8
- 3.3 Categorization by Oppressed Vulnerability 9
- 3.3.1 Flood Attacks 9
- 3.3.2 Intensification Attack 9
- 3.3.3 Protocol Exploit Attack 10
- 3.3.4 Malicious Formed Attacks 10
- 3.4 Categorization by Influence 10
- 3.4.1 Disorderly Attack 10
- 3.4.2 Degrading Attack 10
- 3.5 Categorization by attack intensity dynamics 11
- 3.5.1 Continuous Intensity Attack 11
- 3.5.2 Variable Intensity Attack 11
- 4 Discussion 12
- 4.1 DDoS Attack Methods 12
- 4.1.1 SYN Flood 12
- 4.1.2 UDP flood 12
- 4.1.3 ICMP attack 12
- 4.1.4 Mail Bomb 12
- 4.1.5 TCP reset 13
- 4.1.6 CGI request 13
- 4.2 Limitations 13
- 4.3 Interface 13
- 5 DDoS attack tools 16
- 5.1 Agent-Based Attack Tools 16
- 5.2 IRC Based Attack Tools 17
- 6 DDoS Defense Challenges 18
- 6.1 Distributed Defense Solution 18
- Distributed Defense Solution 18
- 6.2 Intelligent Traffic Management 18
- 6.3 Deficiency of meticulous attack information 18
- 6.4 Impenetrability of outsized Testing 18
- 6.5 Victim filtering 19
- 6.6 Support incremental deployment 19
- 7.1 Categorization by Submissive Defense Mechanism 21
- 7.1.1 Identifying Mechanism 21
- 7.1.2 Counter Mechanism 22
- 7.2 Categorization by Counter Defense Mechanism 22
- 7.2.1 Base end defense 23
- 7.2.2 Mapping Trace Back 23
- 7.2.3 Packet Marking Trace Back 23
- 7.2.4 Protocol-Based Defense 23
- 7.3 Categorization by Action 23
- 7.4 Categorization by Defense Deployment Position 24
- 7.4.1 Basis Network Mechanism 24
- 7.4.2 Transitional Network Mechanism 25
- 7.4.3 Destination Network Mechanism 25
- 8 Contribution of Taxonomy 26
- 9 PMS Marking Scheme 27
- Marking space in IP header 30
- Packet marking by router 30
- Router stability 30
- TTL based Hop?Count Check 30
- Marking 31
- Effects of Path Stability 32
- Limitations 32
- 10 Filtering Mechanism 33
- 10.1 Basic Filtering Scheme 33
- 10.2 Threshold Filtering 33
- 11 Simulation Environment and Results 34
- 12 Related Work 38
- 13 Conclusion 40
- 14 Reference 41
분석정보
연관 공개강의(KOCW)
이 자료와 함께 이용한 RISS 자료
나만을 위한 추천자료
