1 / 16

Thesis Direction Introduction

Thesis Direction Introduction. Presented by: Henrry, C.Y. Chiang ( 江政祐 ). Today’s Agenda. 1. Background 2. Motivation 3. Problem Description 4. Problem Formulation Assumptions Given Parameters Objective function and Constraints Decision Variables. Today’s Agenda. 1. Background

Download Presentation

Thesis Direction Introduction

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Thesis Direction Introduction Presented by: Henrry, C.Y. Chiang (江政祐)

  2. Today’s Agenda 1. Background 2. Motivation 3. Problem Description 4. Problem Formulation • Assumptions • Given Parameters • Objective function and Constraints • Decision Variables

  3. Today’s Agenda 1. Background 2. Motivation 3. Problem Description 4. Problem Formulation • Assumptions • Given Parameters • Objective function and Constraints • Decision Variables

  4. 1. Background • Distributed Denial-of-Service (DDoS) attacks have become a major problem in the Internet today. • In one form of a DDoS attack, a large number of compromised hosts send unwanted traffic to exhaust the victim’s resources and prevent it from serving legitimate users. • One of the main mechanisms proposed to deal with DDoS is filtering, which allows routers to selectively block unwanted traffic.

  5. Today’s Agenda 1. Background 2. Motivation 3. Problem Description 4. Problem Formulation • Assumptions • Given Parameters • Objective function and Constraints • Decision Variables

  6. 2. Motivation The proposed filtering mechanism to defend against distributed denial-of-service (DDoS) attacks: • seldom considers the capability of the filter, the capability of the router and multiple (backup) servers under DDoS attacks. • can not guarantee 100% legitimate traffic will not be mistakenly discarded. • has to consider the percentage of the total attack traffic filtered after filters have been allocated.

  7. Today’s Agenda 1. Background 2. Motivation 3. Problem Description 4. Problem Formulation • Assumptions • Given Parameters • Objective function and Constraints • Decision Variables

  8. 3. Problem Description Z S G Z S G A Z S G Z Fig 1. initial network topology Fig 2. network topology with only good user traffic Fig 4. network topology with filters installed Fig 3. network topology with both good user traffic and attacker traffic S server G good user router filter Z zombie A attacker good user traffic attacker traffic aggregate (good user and attacker) traffic

  9. Today’s Agenda 1. Background 2. Motivation 3. Problem Description 4. Problem Formulation • Assumptions • Given Parameters • Objective function and Constraints • Decision Variables

  10. 4. Problem Formulation - Assumptions (Attacker) Assumptions 1. There are multiple servers to be considered by the attacker. 2. The attacker has a number of compromised hosts (zombies). 3. The attacker can decide which entry node and destination node to pass the zombie’s traffic. 4. The routing policy for the zombie’s traffic will be decided by the autonomous system (AS). 5. The objective of the attacker, who is outside the AS, is to minimize the total legitimate traffic after filters have been allocated.

  11. 4. Problem Formulation - Assumptions (Defender) Assumptions 6. There are a number of legitimate users sending traffic to multiple servers considered by the attacker. 7. The routing policy for the legitimate traffic will be decided by the AS. 8. The network administrator (defender) canallocatefilters to routers to maximize the total legitimate traffic after filters have been allocated. 9. The cost to allocate a filter to a router is decided by the capability of the filter.

  12. 4. Problem Formulation - Assumptions (Defender) Assumptions 10. The filter must have the certain capability to filter the certain number of zombies’ traffic (connections or volume?). 11. The router must have the certain capability to let the filter be allocated on it. 12. Both the attacker and the network administrator have complete information about the AS (each other?).

  13. 4. Problem Formulation - Given Parameters Given 1. The network topology 2. The number of servers to be considered by the attacker 3. The number of compromised hosts (zombies) 3.1 The capability of each zombie 4. The number of legitimate users sending traffic to the number of servers considered by the attacker 5. The total budget (cost) of the network administrator (defender) 6. The cost to allocate a filter with the certain capability 7. The capability of each router within the AS 8. The routing policy of the AS

  14. 4. Problem Formulation - Objective function and Constraints Objective • To maximize the minimized total legitimate traffic Subject to 1. The number of compromised hosts (zombies) 1.1 The capability of each zombie 2. The percentage of the total attack traffic which must be filtered after filters have been allocated 3. The total budget (cost) of the network administrator (defender) 4. The number of zombies’ traffic that a filter with the certain capability can filter 5. The capability of each router within the AS

  15. 4. Problem Formulation - Decision Variables To determine • Defender: • The budget (filters) allocation strategy • Attacker: 1. The volume of the traffic that each compromised host (zombie) sends 2. The destination node that each compromised host (zombie) sends traffic to 3. The entry node that each compromised host (zombie) sends traffic to pass

  16. The End - It’s my greatest honor to have your attention.

More Related