Defending against advanced DDoS attacks

Miu, Tung Ngai

Author:	Miu, Tung Ngai
Title:	Defending against advanced DDoS attacks
Advisors:	Luo, Daniel (COMP) Wang, Dan (COMP)
Degree:	M.Phil.
Year:	2022
Subject:	Computer networks -- Security measures Denial of service attacks Hong Kong Polytechnic University -- Dissertations
Department:	Department of Computing
Pages:	xiv, 94 pages : color illustrations
Language:	English
Abstract:	Distributed denial of service (DDoS) attacks have been a severe threat to the Internet for decades. Although many detection and defense mechanisms have been proposed, the attackers always attempt to evade the detection by adopting various sophisticated approaches. In this thesis, we investigate such advanced DDoS attacks from three aspects. First, we inspect application layer DDoS attacks because their attack requests can be the same as benign ones for evasion and exhaust the computational resources of target servers. Specifically, we first design a new approach to model users' browsing behaviors and use it to differentiate between attacks and benign visits at both session and page level. Then, we develop an effective defense system named SkyShield that leverages the sketch data structure to detect and mitigate application-layer DDoS attacks quickly. Second, network layer volumetric attacks are becoming even more popular with the emergence of the DDoS-as-a-service economy, and most attacks are launched abruptly. Hence, a defense system should adopt an effective process to detect and mitigate the attacks as soon as possible. Since different DDoS protection services (DPS) adopt diverse defense strategies, we characterize the Border Gateway Protocol (BGP)-based DPSes by proposing a machine learning based approach to analyze BGP update messages. Third, to better understand the trends of DDoS amplification attacks, we deploy DDoSTrap, a high-performance honeypot to collect data and report interesting observations after analyzing 4-year data. We conducted extensive experiments to evaluate the proposed approaches, and the experimental results demonstrate their effectiveness. Moreover, our findings shed light on the trends of DDoS attacks and the design of effective DDoS attack mitigation schemes.
Rights:	All rights reserved
Access:	open access

Files in This Item:

File	Description	Size	Format
6636.pdf	For All Users	5.08 MB	Adobe PDF	View/Open

Copyright Undertaking

As a bona fide Library user, I declare that:

I will abide by the rules and legal ordinances governing copyright regarding the use of the Database.
I will use the Database for the purpose of my research or private study only and not for circulation or further reproduction or any other purpose.
I agree to indemnify and hold the University harmless from and against any loss, damage, cost, liability or expenses arising from copyright infringement or unauthorized usage.

By downloading any item(s) listed above, you acknowledge that you have read and understood the copyright undertaking as stated above, and agree to be bound by all of its terms.

Show full item record

Please use this identifier to cite or link to this item: https://theses.lib.polyu.edu.hk/handle/200/12228