Automated alerting for black hole routing

Download
Author
Puri, Vinay
Date
2007-09Advisor
Xie, Geoffrey
Fulp, J. D.
Metadata
Show full item recordAbstract
Distributed/Denial of Service (D/DoS) attacks are the most common and easy-tolaunch attacks against a computer or network. Once a D/DoS attack is recognized, there are several methods available to mitigate its impact. One of the methods is to drop the attacker's traffic at the edge of the network via Null Routing-also called Black Hole Routing (BHR). BHR is more efficient than the creation and processing of access control lists. Prior work has validated the effectiveness of BHR in mitigating D/DoS attacks in a setting where the defense is activated manually. This research built upon that work and developed a proof-of-concept automated BHR process integrated with Snort, an open source Intrusion Detection System (IDS), to facilitate a faster reaction to a D/DoS attack. A real test bed consisting of Cisco routers was created to evaluate the performance of the developed system. The results demonstrated that the automation of BHR is both possible and desirable in mitigating D/DoS attacks.
Rights
This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.Collections
Related items
Showing items related by title, author, creator and subject.
-
Regulating nation-state cyber attacks in counterterrorism operations
Garcia, Colleen Elizabeth. (Monterey, California. Naval Postgraduate School, 2010-06);In August 2008, a military conflict between Georgia and Russia occurred in South Ossetia and Abkhazia. Russian military action in this conflict was immediately preceded by a number of cyber attacks against a variety of ... -
A SEQUENCE-AWARE INTRUSION DETECTION SYSTEM FOR ETHERNET/IP INDUSTRIAL CONTROL NETWORKS
Wetzel, Jonathan L. (Monterey, CA; Naval Postgraduate School, 2020-09);Industrial control systems (ICS) regulate and monitor critical cyber-physical systems such as the power grid and manufacturing plants. ICS networks are also vulnerable to cyber attacks, and existing defenses against these ... -
Causes of improvement in the security environment of Iraq, 2006-2009
Wheeler, Seth A. (Monterey, California. Naval Postgraduate School, 2009-12);Popular consensus exists that the 2007 surge of U.S. forces in Iraq led to an improved security environment. The surge was designed to reduce violence and improve security by protecting the Iraqi population - a change ...