| Summary: | This dissertation studies several security issues in data networks, to reveal the vulnerability, to propose defense mechanisms, to provide better tools for analysis, and to develop good security architecture. This dissertation consists of the following three parts: (1) Internet-like topologies which capture the inherent properties are desirable for studying the resilience of Internet against malicious attack or normal failure. A novel hierarchical Internet topology generator is proposed to capture the inherent properties of Internet topology: power law degree distribution and hierarchical structure. (2) An analysis on the inherent trust built in TCP shows that the client could stretch a TCP connection tens of times and keep occupying the resource in the server with little abnormality to be detected. This could be potentially used in denial of service attack. (3) Some security setting like Bounded Storage Model calls for high-speed random number generating, while the current real random number generator would not be able to offer. A hybrid random-bit sequence generated by a pseudo-random number generator with the parameters specified randomly might be useful in this setting. A study on hybrid system using Linear Congruential Recurrence is presented, and hopefully it will provide insight for the study on hybrid system using one-way function.
|
|---|
