跳到主要內容

臺灣博碩士論文加值系統

(44.220.247.152) 您好!臺灣時間:2024/09/16 20:50
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果 :::

詳目顯示

: 
twitterline
研究生:洪瑞奕
研究生(外文):Ruei-yih Hung
論文名稱(外文):Migmod: A Mechanism to Establish a TCP/IP Connection under DDoS Attacks
指導教授:許富皓許富皓引用關係
指導教授(外文):Fu-hao Hsu
學位類別:碩士
校院名稱:國立中央大學
系所名稱:資訊工程學系
學門:工程學門
學類:電資工程學類
論文種類:學術論文
論文出版年:2019
畢業學年度:107
語文別:英文
論文頁數:43
中文關鍵詞:分散式阻斷服務攻擊即時移轉可載入核心模組三向交握
外文關鍵詞:Distributed Denial-of-Service attackLive migrationLoadable Kernel ModuleThree-way handshake
相關次數:
  • 被引用被引用:0
  • 點閱點閱:117
  • 評分評分:
  • 下載下載:0
  • 收藏至我的研究室書目清單書目收藏:0
近年來,分散式阻斷服務攻擊的威脅性不斷增加。然而,目前對分散式阻斷服務攻擊尚未有一套完善的方法,能夠在轉移服務時同時保持連線,並即時將新連線導向新的目標。在本研究中,將基於一套可能夠在轉移服務時同時保持連線的系統上,提出一個能即時將新連線導向新的目標的方法,進一步提升在分散式阻斷服務攻擊發生時,受該系統保護的服務的存活性。
在此篇論文中,我們將會簡單的介紹我們的動機與目標,接著介紹我們所使用的基礎系統。接著我們會介紹加入了新機制的系統的運作概念與系統架構。然後講述實作的細節。最後是效能的分析與討論。
In recent years, Distributed Denial-of-Service (DDoS) attacks have become more and more threatening. However, there has not been a perfect methodology can keep connections alive during migrating services, and permit new connections to new host immediately at the same time. In this work, we based on a system that can keep connections alive during migrating services then propose a new mechanism to permit new connections to new host immediately, and thus improve the service availability during DDoS attack.
In this thesis, we will talk about our motivation and purpose. Then we will introduce the base system we are going to use. After that, we will present the principle of Migmod, its system structure, and implementation details. At the end, we will discuss the performance evaluation and future works.
中文摘要 i
Abstract ii
誌謝 iii
Contents iv
List of figures vi
List of tables viii
Chapter 1 Introduction 1
Chapter 2 Background 3
2.1 Method for Live Migrating Virtual Machine (LMVM) 3
Chapter 3 System Principle 5
Chapter 4 System Structure 7
4.1 System Overview 7
4.1.1 Connection Handler 8
4.1.2 DDoS Detector 8
4.1.3 Packet Handler 8
4.1.4 SYN Checker 8
4.1.5 Firewall 9
4.1.6 Informer 9
4.2 Connection with Migmod under Normal Situation 10
4.3 Migrate Connection with Migmod under DDoS Attacks 12
4.4 Transfer with Migmod under DDoS Attacks 14
Chapter 5 Implementation 18
5.1 Design Overview 18
5.2 Connect to a Unprotected Server 19
5.3 CCH Connect to a Protected Server 20
5.4 CCH Workflow when the Server does not Response 21
5.5 Connect to Protected Server through Proxy 1 being DDoS Attacked 22
Chapter 6 Evaluation 23
6.1 System Specification 23
6.2 Existed Functionality Test 23
6.3 Connect to Protected Server under Normal Situation 24
6.4 Connect to Protected Server under Simulate DDoS Attacks 26
Chapter 7 Discussion 27
7.1 Redundant Component 27
7.2 Connect to a Unprotected Server 27
7.3 Multiple Transfer 28
7.4 System Compatibility 28
Chapter 8 Conclusion 29
Reference 30
[1] “DDoS attacks in Q1 2019” May 2019, https://securelist.com/ddos-report-q1-2019/90792/ (Accessed on 7/22/2019)
[2] Manos Antonakakis, Tim April, Michael Bailey, Matthew Bernhard, Elie Bursztein, Jaime Cochran, Zakir Durumeric, J. Alex Halderman, Luca Invernizzi, Michalis Kallitsis, Deepak Kumar, Chaz Lever, Zane Ma, Joshua Mason, Damian Menscher, Chad Seaman, Nick Sullivan, Kurt Thomas, Yi Zhou., “Understanding the Mirai Botnet,” In Proc. 26th USENIX Security Symposium, Aug 2017.
[3] Hsu et al., “Method for live migrating virtual machine,” February 20, 2018, http://patft.uspto.gov/netacgi/nph-Parser?Sect1=PTO2&Sect2=HITOFF&p=1&u=%2Fnetahtml%2FPTO%2Fsearch-bool.html&r=1&f=G&l=50&co1=AND&d=PTXT&s1=9898319&OS=9898319&RS=9898319 (Accessed on 7/22/2019)
[4] C. Clark, K. F., S. Hand, J. G. Hansen, E. Jul, C. Limpach, I. Pratt, A. Warfield., “Live Migration of Virtual Machines,” NSDI'05 Proceedings of the 2nd conference on Symposium on Networked Systems Design & Implementation, vol. 2, pp.273-286, May 2005.
[5] ZhiYao Zhong, “Handover: A Mechanism to Improve the Availability of Network Services after Live Migration under Private Networks,” National Central University, Master's degree, Jun 2016.
連結至畢業學校之論文網頁點我開啟連結
註: 此連結為研究生畢業學校所提供,不一定有電子全文可供下載,若連結有誤,請點選上方之〝勘誤回報〞功能,我們會盡快修正,謝謝!
QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top