Architectural Solutions for Preventing Distributed Denial of Service Attacks
防止分布式拒绝服务攻击的架构解决方案
基本信息
- 批准号:0208946
- 负责人:
- 金额:$ 19.63万
- 依托单位:
- 依托单位国家:美国
- 项目类别:Standard Grant
- 财政年份:2002
- 资助国家:美国
- 起止时间:2002-08-01 至 2005-07-31
- 项目状态:已结题
- 来源:
- 关键词:
项目摘要
Denial of service attacks flood a web-site with so many requests that it can no longer respond. Computers connected to the Internet are vulnerable to being used unwittingly in mounting a distributed denial of service (DDoS) attack on a victim web-site. Past countermeasures based on software patches or re-compilation are often ignored by users, leaving many systems vulnerable. This research first proposes a classification of the various denial of service attacks and countermeasures, then defines architectural solutions in the core (non-optional) hardware and software of future machines. The vulnerabilities of computers, which allow DDoS attack networks to be set up, are studied. Low overhead architectural features in the core hardware of computers are investigated which hinder attack networks from being set up in the first place, or detect and prevent the execution of potentially hostile code. Malicious parties often employ buffer overflow attacks to gain entry to a computer by corrupting procedure return addresses. This research investigates features like a secure return address stack (SRAS) in the processor architecture as a new defense against such buffer overflow exploits. The proposed research approach is unique in providing defenses in the client platforms rather than only in the servers or routers, and in building more trusted architecture in the core hardware, rather than only in software layers. Since application code need not be changed nor re-compiled, both legacy and future software can enjoy the security benefits of hardware architectural solutions. Since DDoS attacks pose a serious threat to the availability of critical Internet services, this research can contribute to the overall security of the Internet while increasing the trust that owners may have in their interconnected information appliances.
拒绝服务攻击使网站充斥着如此多的请求,以至于它无法再响应。连接到互联网的计算机很容易在无意中被用于在受害者网站上发起分布式拒绝服务(DDoS)攻击。 过去基于软件补丁或重新编译的对策往往被用户忽视,使许多系统容易受到攻击。 本研究首先提出了各种拒绝服务攻击和对策的分类,然后定义架构解决方案的核心(非可选)的硬件和软件的未来机器。 研究了允许建立DDoS攻击网络的计算机漏洞。 研究了计算机核心硬件中的低开销体系结构特征,这些特征首先阻碍了攻击网络的建立,或者检测和防止潜在恶意代码的执行。 恶意方经常使用缓冲区溢出攻击,通过破坏过程返回地址来进入计算机。 本研究调查的功能,如安全返回地址栈(SRAS)的处理器架构作为一种新的防御这种缓冲区溢出漏洞。 所提出的研究方法是独特的,在客户端平台提供防御,而不是只在服务器或路由器,并在核心硬件,而不是只在软件层建立更可信的架构。 由于应用程序代码不需要更改或重新编译,因此遗留和未来的软件都可以享受硬件架构解决方案的安全优势。 由于DDoS攻击对关键互联网服务的可用性构成严重威胁,因此这项研究可以有助于互联网的整体安全,同时增加所有者对其互联信息设备的信任。
项目成果
期刊论文数量(0)
专著数量(0)
科研奖励数量(0)
会议论文数量(0)
专利数量(0)
数据更新时间:{{ journalArticles.updateTime }}
{{
item.title }}
{{ item.translation_title }}
- DOI:
{{ item.doi }} - 发表时间:
{{ item.publish_year }} - 期刊:
- 影响因子:{{ item.factor }}
- 作者:
{{ item.authors }} - 通讯作者:
{{ item.author }}
数据更新时间:{{ journalArticles.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ monograph.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ sciAawards.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ conferencePapers.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ patent.updateTime }}
Ruby Lee其他文献
Scoping security issues for interactive grids
确定交互式网格的安全问题范围
- DOI:
10.1109/acssc.2003.1291937 - 发表时间:
2003 - 期刊:
- 影响因子:0
- 作者:
Jeffrey S. Dwoskin;Sujoy Basu;V. Talwar;Raj Kumar;Fred Kitson;Ruby Lee - 通讯作者:
Ruby Lee
Lenders’ Environmental Monitoring: Evidence From Environmental Covenants in Private Loan Contracts
贷款人的环境监测:私人贷款合同中环境契约的证据
- DOI:
10.1177/0148558x241257973 - 发表时间:
2024 - 期刊:
- 影响因子:0
- 作者:
Ruby Lee;Mark Zakota - 通讯作者:
Mark Zakota
Ruby Lee的其他文献
{{
item.title }}
{{ item.translation_title }}
- DOI:
{{ item.doi }} - 发表时间:
{{ item.publish_year }} - 期刊:
- 影响因子:{{ item.factor }}
- 作者:
{{ item.authors }} - 通讯作者:
{{ item.author }}
{{ truncateString('Ruby Lee', 18)}}的其他基金
SaTC: STARSS: Small: Collaborative: Design and Security Verification of Next-Generation Open-Source Processors
SaTC:STARSS:小型:协作:下一代开源处理器的设计和安全验证
- 批准号:
1814190 - 财政年份:2018
- 资助金额:
$ 19.63万 - 项目类别:
Standard Grant
STARSS: Small: Collaborative: Practical and Scalable Security Verification of Security-Aware Hardware Architectures
STARSS:小型:协作:安全感知硬件架构的实用且可扩展的安全验证
- 批准号:
1526493 - 财政年份:2015
- 资助金额:
$ 19.63万 - 项目类别:
Standard Grant
CSR: Small: Cloud Security on Demand
CSR:小:按需云安全
- 批准号:
1218817 - 财政年份:2012
- 资助金额:
$ 19.63万 - 项目类别:
Standard Grant
SHF: Small: Rethinking Computer Architecture for Secure and Resilient Systems
SHF:小型:重新思考安全和弹性系统的计算机架构
- 批准号:
0917134 - 财政年份:2009
- 资助金额:
$ 19.63万 - 项目类别:
Standard Grant
Collaborative Research: SecureCore for Trustworthy Commodity Computing and Communications
协作研究:用于可信商品计算和通信的 SecureCore
- 批准号:
0430487 - 财政年份:2005
- 资助金额:
$ 19.63万 - 项目类别:
Continuing Grant
ITR: Architectures and Design Methodologies for Secure Low-Power Embedded Systems
ITR:安全低功耗嵌入式系统的架构和设计方法
- 批准号:
0326372 - 财政年份:2003
- 资助金额:
$ 19.63万 - 项目类别:
Standard Grant
Instruction Set Architecture for Pervasive Security
用于普遍安全的指令集架构
- 批准号:
0105677 - 财政年份:2001
- 资助金额:
$ 19.63万 - 项目类别:
Continuing Grant
相似海外基金
Exploiting the polysaccharide breakdown capacity of the human gut microbiome to develop environmentally sustainable dishwashing solutions
利用人类肠道微生物群的多糖分解能力来开发环境可持续的洗碗解决方案
- 批准号:
2896097 - 财政年份:2027
- 资助金额:
$ 19.63万 - 项目类别:
Studentship
REU Site: CyberAI: Cybersecurity Solutions Leveraging Artificial Intelligence for Smart Systems
REU 网站:CyberAI:利用人工智能实现智能系统的网络安全解决方案
- 批准号:
2349104 - 财政年份:2024
- 资助金额:
$ 19.63万 - 项目类别:
Standard Grant
Learning to create Intelligent Solutions with Machine Learning and Computer Vision: A Pathway to AI Careers for Diverse High School Students
学习利用机器学习和计算机视觉创建智能解决方案:多元化高中生的人工智能职业之路
- 批准号:
2342574 - 财政年份:2024
- 资助金额:
$ 19.63万 - 项目类别:
Standard Grant
Engineering Nature-based Solutions to Tackle Antimicrobial Resistance
工程基于自然的解决方案来解决抗菌素耐药性
- 批准号:
EP/Y003101/1 - 财政年份:2024
- 资助金额:
$ 19.63万 - 项目类别:
Research Grant
Microbiome applications and technological hubs as solutions to minimize food loss and waste - FOODGUARD
微生物组应用和技术中心作为减少粮食损失和浪费的解决方案 - FOODGUARD
- 批准号:
10094820 - 财政年份:2024
- 资助金额:
$ 19.63万 - 项目类别:
EU-Funded
Techno-economic Feasibility Study of ClimaHtech innovative clean maritime solutions
ClimaHtech 创新清洁海事解决方案的技术经济可行性研究
- 批准号:
10098100 - 财政年份:2024
- 资助金额:
$ 19.63万 - 项目类别:
Collaborative R&D
RestoreDNA: Development of scalable eDNA-based solutions for biodiversity regulators and nature-related disclosure
RestoreDNA:为生物多样性监管机构和自然相关披露开发可扩展的基于 eDNA 的解决方案
- 批准号:
10086990 - 财政年份:2024
- 资助金额:
$ 19.63万 - 项目类别:
Collaborative R&D
Digital Solutions For Accelerated Battery Testing
加速电池测试的数字解决方案
- 批准号:
10107050 - 财政年份:2024
- 资助金额:
$ 19.63万 - 项目类别:
EU-Funded
An Integrated Life-course Approach for Person-centred Solutions and Care for Ageing with Multi-morbidity in the European Regions - STAGE; Stay Healthy Through Ageing
欧洲地区以人为本的解决方案和针对多种疾病的老龄化护理的综合生命全程方法 - STAGE;
- 批准号:
10112787 - 财政年份:2024
- 资助金额:
$ 19.63万 - 项目类别:
EU-Funded
Developing solutions for temperature-related health impacts in the UK
为英国与温度相关的健康影响开发解决方案
- 批准号:
NE/Y503253/1 - 财政年份:2024
- 资助金额:
$ 19.63万 - 项目类别:
Research Grant