Presentation is loading. Please wait.

Presentation is loading. Please wait.

Design of an Autonomous Anti-DDOS Network (A2D2) Angela Cearns Thesis Proposal Master of Software Engineering University of Colorado, Colorado Springs.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Design of an Autonomous Anti-DDOS Network (A2D2) Angela Cearns Thesis Proposal Master of Software Engineering University of Colorado, Colorado Springs."— Presentation transcript:

1 Design of an Autonomous Anti-DDOS Network (A2D2) Angela Cearns Thesis Proposal Master of Software Engineering University of Colorado, Colorado Springs

2 Introduction - DDoS DDoS – a threat not forgotten 3 main research areas: Source Identification (Prevention) ITRACE, Ingree/Engress Filtering More difficult with distributed attack & new tools Most effective when implemented from attackers’ networks Detection Monitor and identify patterns Intrusion Tolerance (Response) Minimize attack impact, maximize QoS Focus of this Thesis

3 Existing Intrusion Tolerant Architecture – Main Shortcomings Rate-Limiting IDS with high false positives  dropped packets from legitimate clients Expensive & Extensive Infrastructure XenoService – dynamic duplication Very expensive, all ISP need to purchase this service Pushback architecture Require co-operations of ISPs worldwide DARPA IDIP autonomous response network Require protocol is not standard yet

4 Current Thesis Proposal UCSD research Significant of DDoSes targeted home and medium-sized businesses This Thesis  Design an Autonomous Anti-DDoS network Integrate/improve existing technologies Easily afforded and implemented by home and small networks

5 Proposed A2D2 Design & Improvements Fit real-life scenario 1.Detection Snort: new patch to detect generic flood New module plug-in 2.Autonomic Mitigation Class-based queuing Design new multi-level rate limiting Design new interface to integrate the various methodologies to achieve autonomic response

6 Proposed A2D2 Design & Improvements 3.Software Engineering Principle Analysis 4.Testing Evaluation Current DDoS research  no common test matrix and test parameters

7 Thesis Plan & Schedule 1.Requirement Analysis (February 1, 2002 – June 30 2002) Identify and understand the problem domain Identify the problem Evaluate possible prototypes Define requirements Present proposal and obtain official approval 2.Planning (May 25, 2002 – July 12, 2002) Identify and obtain resources needed Define thesis plan and schedule 3.Design (May 25, 2002 – July 12, 2002) Design initial test-bed prototype and evaluate design effectiveness Refine and finalize test-bed design Refine A2D2 response system design 4.Implementation & Testing (May 30, 2002 – August 30, 2002) Create initial prototype Identify testing techniques before attack network is created. Create attack network Refine and create response network Refine autonomous response 5.Project Closure (August 25, 2002 –September 25, 2002) Present final data and obtain approval. Create all necessary documentation Thesis defense

8 Thesis Deliverables The network test-bed Attack network + response network Resemble real-life scenario The A2D2 response network Thesis report Software Engineering analysis report

9 Questions? Suggestions? References: Please refer to Proposal Document

10

Download ppt "Design of an Autonomous Anti-DDOS Network (A2D2) Angela Cearns Thesis Proposal Master of Software Engineering University of Colorado, Colorado Springs."

Similar presentations

REFLEX INTRUSION PREVENTION SYSTEM.. OVERVIEW The Reflex Interceptor appliance is an enterprise- level Network Intrusion Prevention System. It is designed.

REFLEX INTRUSION PREVENTION SYSTEM.. OVERVIEW The Reflex Interceptor appliance is an enterprise- level Network Intrusion Prevention System. It is designed.
Randomized Failover Intrusion Tolerant Systems (RFITS) Ranga Ramanujan Noel Schmidt Architecture Technology Corporation Odyssey Research Associates DARPA.

Randomized Failover Intrusion Tolerant Systems (RFITS) Ranga Ramanujan Noel Schmidt Architecture Technology Corporation Odyssey Research Associates DARPA.
Distributed Denial of Service Attacks: Characterization and Defense Will Lefevers CS522 UCCS.

Distributed Denial of Service Attacks: Characterization and Defense Will Lefevers CS522 UCCS.
Simulation and Analysis of DDos Attacks Poongothai, M Department of Information Technology,Institute of Road and Transport Technology, Erode Tamilnadu,

Simulation and Analysis of DDos Attacks Poongothai, M Department of Information Technology,Institute of Road and Transport Technology, Erode Tamilnadu,
Extensible Networking Platform 1 1 - IWAN 2005 Extensible Network Configuration and Communication Framework Todd Sproull and John Lockwood

Extensible Networking Platform IWAN 2005 Extensible Network Configuration and Communication Framework Todd Sproull and John Lockwood
Challenges & problems of Master Theses on Computer Engineering Department in PUT (From Decision to research and finalization) Betim Çiço Faculty of Information.

Challenges & problems of Master Theses on Computer Engineering Department in PUT (From Decision to research and finalization) Betim Çiço Faculty of Information.
IS6112 Application Modelling and Design Introduction.

IS6112 Application Modelling and Design Introduction.
Behavior Intrusion Detection: Enhanced Hakan Evecek Rodolfo Ortiz Hakan Evecek Rodolfo Ortiz.

Behavior Intrusion Detection: Enhanced Hakan Evecek Rodolfo Ortiz Hakan Evecek Rodolfo Ortiz.
Design and Implementation of Alternative Route Against DDOS Jing Yang and Su Li.

Design and Implementation of Alternative Route Against DDOS Jing Yang and Su Li.
Unit 251 Implementation and Integration Implementation Unit Testing Integration Integration Approaches.

Unit 251 Implementation and Integration Implementation Unit Testing Integration Integration Approaches.
Lan Nguyen Mounika Namburu 1.  DDoS Defense Research  A2D2 Design ◦ Subnet Flooding Detection using Snort ◦ Class -Based Queuing ◦ Multi-level Rate.

Lan Nguyen Mounika Namburu 1.  DDoS Defense Research  A2D2 Design ◦ Subnet Flooding Detection using Snort ◦ Class -Based Queuing ◦ Multi-level Rate.
Presented By: Vinay Kumar.  At the time of invention, Internet was just accessible to a small group of pioneers who wanted to make the network work.

Presented By: Vinay Kumar.  At the time of invention, Internet was just accessible to a small group of pioneers who wanted to make the network work.
ChowSCID1 Secure Collective Internet Defense (SCID) C. Edward Chow Yu Cai Dave Wilkinson Sarah Jelinek Part of this project is sponsored by a grant from.

ChowSCID1 Secure Collective Internet Defense (SCID) C. Edward Chow Yu Cai Dave Wilkinson Sarah Jelinek Part of this project is sponsored by a grant from.
ChowSCOLD1 Secure Collective Defense Network (SCOLD) C. Edward Chow Yu Cai Dave Wilkinson Sarah Jelinek Part of this project is sponsored by a grant from.

ChowSCOLD1 Secure Collective Defense Network (SCOLD) C. Edward Chow Yu Cai Dave Wilkinson Sarah Jelinek Part of this project is sponsored by a grant from.
UNCLASSIFIED Secure Indirect Routing and An Autonomous Enterprise Intrusion Defense System Applied to Mobile ad hoc Networks J. Leland Langston, Raytheon.

UNCLASSIFIED Secure Indirect Routing and An Autonomous Enterprise Intrusion Defense System Applied to Mobile ad hoc Networks J. Leland Langston, Raytheon.
Managing Agent Platforms with SNMP Brian Remick Research Proposal Defense June 27, 2015.

Managing Agent Platforms with SNMP Brian Remick Research Proposal Defense June 27, 2015.
12/6/2010CS 591 - Andrew Bates - UCCS1 Intrusion Detection and Advanced Persistent Threats CS 591 Andrew Bates University of Colorado at Colorado Springs.

12/6/2010CS Andrew Bates - UCCS1 Intrusion Detection and Advanced Persistent Threats CS 591 Andrew Bates University of Colorado at Colorado Springs.
Secure Collective Internet Defense (SCID) Yu Cai 05/30/2003

Secure Collective Internet Defense (SCID) Yu Cai 05/30/2003
ChowSCOLD1 Secure Collective Internet Defense (SCOLD) C. Edward Chow Yu Cai Dave Wilkinson Sarah Jelinek Part of this project is sponsored by a grant from.

ChowSCOLD1 Secure Collective Internet Defense (SCOLD) C. Edward Chow Yu Cai Dave Wilkinson Sarah Jelinek Part of this project is sponsored by a grant from.
Design of an Autonomous Anti-DDOS Network (A2D2) Angela Cearns Thesis Defense Thursday October 24, 2002 Master of Software Engineering Department of Computer.

Design of an Autonomous Anti-DDOS Network (A2D2) Angela Cearns Thesis Defense Thursday October 24, 2002 Master of Software Engineering Department of Computer.

Similar presentations

Ads by Google