Date of Award
2017
Document Type
Dissertation
Degree Name
Doctor of Philosophy (PhD)
Department
Electrical and Computer Engineering
Committee Chair
Seong-Moo Yoo
Committee Member
Tommy Morris
Committee Member
B. Earl Wells
Committee Member
W. David Pan
Committee Member
Gregg L. Vaughn
Committee Member
Sivaguru S. Ravindran
Subject(s)
Denial of service attacks--Prevention, TCP/IP (Computer network protocol), Computer security
Abstract
Remote cyber attacks can be started from unlimited distance. These remote attacks include special actions which allow attackers to compromise remote systems. During the first step of attacks, reconnaissance step, attackers attempt to gather information about their intended target(s). For network-based systems, figuring out the IP address(es) of the target(s) is critical to the success of the attack. The use of static IP addresses leaves the target vulnerable in two ways. First, they are discoverable. Second, after accessing the target, the attacker can maintain this access for a long time. So an effective defense is a mechanism to change the IP addresses randomly and dynamically (IP hopping). These mechanisms are called Moving Target Defenses (MTDs). By utilizing MTM6D, this dissertation proposes (1) a method to dynamically change the IP address of a server to make it difficult for an attacker to find the server, (2) a hybrid scheme to establish a framework for supporting secure VPNs, and (3) a lossless method for IP-based control systems that can also prevent black hole attacks and bandwidth depletion DDoS attacks. The IP-based control system plays a critical role in being able to move towards the next generation flight control systems that can be used in emergency events like terrorist attempts to hijack an aircraft. MTM6D can protect these systems against remote attacks by providing dynamic IP addresses on both aircraft and the ground station. MTM6D can also be used as an anticensorship method. Many people around the world are not able to freely access information over the Internet. In this dissertation a framework for anticensorship technology is proposed that can be implemented on the side of the information purveyors. The primary objective is to develop a framework for combating censorship, which makes it too expensive and impractical for the adversary to censor targeted web sites. Lab-based tests are used to measure performance overheads, and, based on the findings, targeted optimizations are performed to consider practical deployment scenarios. The end result is a robust solution that may also be combined with existing anti-censorship methods.
Recommended Citation
Heydari, Vahid, "Moving target defense based on mobile IPv6" (2017). Dissertations. 127.
https://louis.uah.edu/uah-dissertations/127