Diego Zamboni scite author profile

This paper analyzes a network-based denial of service attack for IF (Inteme.t Protocol) The paper contributes a detailed analysis of the SYN flooding attack and a discussion of existing and proposed countermeasures. Furthermore, we introduce a new solution approach, explain its design, and evaluate its perfonnance. Our approach offers protection against SYN flooding for all hosts connected to the same local area network, independent of their operating system or networking stack implementation. It is highly portable, configurable, extensible, and neither requires special hardware, nor modifications in routers or protected end systems.attacks cun be launched with little effort. Presently, it is difficult to trace an attack uack to its originator.Several possible solutions to this attack have been proposed by others, und some implemented. We have developed an active monitoring tool that classifies IP source addresses with high probability as being falsified or genuine. Our approach finds connection establishment protocol messages that are coming from forged IP addresses, and takes actions to ensure that the resulting illegitimate half-open connections arc reset immediately. This paper is organized as follows. Section 2 describes backgroWld material, such as the IP and TCP protocols. Section 3 explains the SYN flooding attack. Section 4 discusses existing approaches to solve this problem, such as configuration improvements and firewall-based approaches. The technical details of our approach are described in Section 5, followed by a performance evaluation in Section 6. Sections 7 and B outline future work issues and present conclusions.

show abstract

An architecture for intrusion detection using autonomous agents

Balasubramaniyan

et al.

View full text Add to dashboard Cite

Intrusion detection using autonomous agents

2000

View full text Add to dashboard Cite

AAFID is a distributed intrusion detection architecture and system, developed in CERIAS at Purdue University. AAFID was the ®rst architecture that proposed the use of autonomous agents for doing intrusion detection. With its prototype implementation, it constitutes a useful framework for the research and testing of intrusion detection algorithms and mechanisms. We describe the AAFID architecture and the existing prototype, as well as some design and implementation experiences and future research issues. Ó

show abstract

Cloud security is not (just) virtualization security

et al. 2009

View full text Add to dashboard Cite

Cloud infrastructure commonly relies on virtualization. Customers provide their own VMs, and the cloud provider runs them often without knowledge of the guest OSes or their configurations. However, cloud customers also want effective and efficient security for their VMs. Cloud providers offering security-as-a-service based on VM introspection promise the best of both worlds: efficient centralization and effective protection. Since customers can move images from one cloud to another, an effective solution requires learning what guest OS runs in each VM and securing the guest OS without relying on the guest OS functionality or an initially secure guest VM state.We present a solution that is highly scalable in that it (i) centralizes guest protection into a security VM, (ii) supports Linux and Windows operating systems and can be easily extended to support new operating systems, (iii) does not assume any a-priori semantic knowledge of the guest, (iv) does not require any a-priori trust assumptions into any state of the guest VM. While other introspection monitoring solutions exist, to our knowledge none of them monitor guests on the semantic level required to effectively support both white-and black-listing of kernel functions, or allows to start monitoring VMs at any state during run-time, resumed from saved state, and cold-boot without the assumptions of a secure start state for monitoring.

show abstract

Taming Virtualization

Carbone

Lee

Zamboni

2008

IEEE Secur. Privacy Mag.

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Diego Zamboni

Analysis of a denial of service attack on TCP

An architecture for intrusion detection using autonomous agents

Intrusion detection using autonomous agents

Cloud security is not (just) virtualization security

Taming Virtualization

Contact Info

Product

Resources

About