|
Identifier |
uch.csd.msc//2005antonatos |
Title |
Τυχαιοποίηση του Χώρου Δικτυακών Διευθύνσεων: Ένα Μέσο Προληπτικής ’μυνας Ενάντια σε Hitlist Worms |
Alternative Title |
Network Address Space Randomization: A Proactive Defense Against Hitlist Worms |
Creator |
Antonatos, Spiros
|
Abstract |
Worms are self-replicating malicious programs that represent a major security threat for the Internet, as they can infect and damage a large number of vulnerable hosts at timescales where human responses are unlikely to be effective. Sophisticated worms that use precomputed hitlists of vulnerable targets are especially hard to contain, since they are harder to detect, and spread at rates where even automated defenses may not be able to react in a timely fashion. This thesis examines a new proactive defense mechanism called Network Address Space Randomization (NASR) whose objective is to harden networks specifically against hitlist worms. The idea behind NASR is that hitlist information could be rendered stale if nodes are forced to frequently change their IP addresses. NASR limits or slows down hitlist worms and forces them to exhibit features that make them easier to contain at the perimeter. We explore the design space for NASR and present a prototype implementation as well as preliminary experiments examining the effectiveness and limitations of the approach.
|
Issue date |
2005-11-01 |
Date available |
2006-01-23 |
Collection
|
School/Department--School of Sciences and Engineering--Department of Computer Science--Post-graduate theses
|
|
Type of Work--Post-graduate theses
|
Views |
444 |