Date of Award
Doctor of Philosophy (PhD)
Electrical and Computer Engineering
B. Earl Wells
W. David Pan
Gregg L. Vaughn
Sivaguru S. Ravindran
Denial of service attacks--Prevention., TCP/IP (Computer network protocol), Computer security.
Remote cyber attacks can be started from unlimited distance. These remote attacks include special actions which allow attackers to compromise remote systems. During the first step of attacks, reconnaissance step, attackers attempt to gather information about their intended target(s). For network-based systems, figuring out the IP address(es) of the target(s) is critical to the success of the attack. The use of static IP addresses leaves the target vulnerable in two ways. First, they are discoverable. Second, after accessing the target, the attacker can maintain this access for a long time. So an effective defense is a mechanism to change the IP addresses randomly and dynamically (IP hopping). These mechanisms are called Moving Target Defenses (MTDs). By utilizing MTM6D, this dissertation proposes (1) a method to dynamically change the IP address of a server to make it difficult for an attacker to find the server, (2) a hybrid scheme to establish a framework for supporting secure VPNs, and (3) a lossless method for IP-based control systems that can also prevent black hole attacks and bandwidth depletion DDoS attacks. The IP-based control system plays a critical role in being able to move towards the next generation flight control systems that can be used in emergency events like terrorist attempts to hijack an aircraft. MTM6D can protect these systems against remote attacks by providing dynamic IP addresses on both aircraft and the ground station. MTM6D can also be used as an anticensorship method. Many people around the world are not able to freely access information over the Internet. In this dissertation a framework for anticensorship technology is proposed that can be implemented on the side of the information purveyors. The primary objective is to develop a framework for combating censorship, which makes it too expensive and impractical for the adversary to censor targeted web sites. Lab-based tests are used to measure performance overheads, and, based on the findings, targeted optimizations are performed to consider practical deployment scenarios. The end result is a robust solution that may also be combined with existing anti-censorship methods.
Heydari, Vahid, "Moving target defense based on mobile IPv6" (2017). Dissertations. 127.