A Distributed Denial-of-Service Resistant Intrusion Detection Scheme Using Mobile Agents

• Main Authors: Cheng-Kuang Wu, 吳正光
• Other Authors: 曹偉駿
• Format: Others
• Language: zh-TW
• Published: 2003
• Online Access: http://ndltd.ncl.edu.tw/handle/59450525833634111613

碩士 === 大葉大學 === 資訊管理學系碩士班 === 91 === Today, computer networks become increasingly, and the attacks have grown in complexity and automation. Successful distributed denial of service attacks can put e-commerce-based organizations out of business. As the capabilities of IDSs advance, attackers may attempt to penetrate more valuable targets before disabling organizations’ IDSs. Thus, the preventive defense has been merged to improve the performance of intrusion detection systems (IDSs). In this thesis, we investigate effective methods for detecting and responding to DDoS attacks. We find that the existing hierarchical IDS architectures are prone to have single points of failure that are easily discovered by an attacker. To solve the problem of finding attackers and improving IDS’s weakness, we present an integrated scheme that is resistant to distributed denial of service attacks. First, we propose a cooperative intrusion detection System (CIDS) that consists of packet filtering, traceback of DDoS attack and network monitoring schemes. Second, CIDS can frustrate attackers by mobile agents’ fault-tolerant ability, and backup hosts that it intruded. Finally, we present formal proofs using the logical reasoning to validated our attack-resistant model. We also analyze the computational complexity of the proposed algorithm, and further implement the mobile agent based program. The results derived in the thesis consolidate the feasibility of our proposed schemes.