E-Locus - Institutional Repository of the University of Crete - Τυχαιοποίηση του Χώρου Δικτυακών Διευθύνσεων: Ένα Μέσο Προληπτικής ’μυνας Ενάντια σε Hitlist Worms

Home Τυχαιοποίηση του Χώρου Δικτυακών Διευθύνσεων: Ένα Μέσο Προληπτικής ’μυνας Ενάντια σε Hitlist Worms

Results - Details

[Add to Basket]

Identifier

uch.csd.msc//2005antonatos

Title

Τυχαιοποίηση του Χώρου Δικτυακών Διευθύνσεων: Ένα Μέσο Προληπτικής ’μυνας Ενάντια σε Hitlist Worms

Alternative Title

Network Address Space Randomization: A Proactive Defense Against Hitlist Worms

Creator

Antonatos, Spiros

Abstract

Worms are self-replicating malicious programs that represent a major security threat for the Internet, as they can infect and damage a large number of vulnerable hosts at timescales where human responses are unlikely to be effective. Sophisticated worms that use precomputed hitlists of vulnerable targets are especially hard to contain, since they are harder to detect, and spread at rates where even automated defenses may not be able to react in a timely fashion. This thesis examines a new proactive defense mechanism called Network Address Space Randomization (NASR) whose objective is to harden networks specifically against hitlist worms. The idea behind NASR is that hitlist information could be rendered stale if nodes are forced to frequently change their IP addresses. NASR limits or slows down hitlist worms and forces them to exhibit features that make them easier to contain at the perimeter. We explore the design space for NASR and present a prototype implementation as well as preliminary experiments examining the effectiveness and limitations of the approach.

Issue date

2005-11-01

Date available

2006-01-23

Collection

School/Department--School of Sciences and Engineering--Department of Computer Science--Post-graduate theses

Type of Work--Post-graduate theses

Views

444

Digital Documents
	Download document View document Views : 2