Dedication To Yuning and Kayla, for always supporting my endeavors. v Acknowledgements First and foremost, I would like to thank my advisor and dissertation chairman, Andrew B. Whinston who played an indispensable role in my intellectual development. I am truly grateful for his thoughtful insights into research as well as the invaluable constant support along the difficult trail of finishing my...

The exponential increase of the traffic volume makes Distributed Denial-of-Service (DDoS) attacks a top security threat to service providers. Existing DDoS defense mechanisms lack resources and flexibility to cope with attacks by themselves, and by utilizing other’s companies resources, the burden of the mitigation can be shared. Technologies as blockchain and smart contracts allow distributing...

This paper addresses possible Distributed Denial-of-Service (DDoS) attacks toward the wireless Internet including the Wireless Extended Internet, the Wireless Portal Network, and the Wireless Ad Hoc network. We propose a conceptual model for defending against DDoS attacks on the wireless Internet, which incorporates both cooperative technological solutions and economic incentive mechanisms buil...

Flooding-based DDoS attacks is a very common way to attack a victim machine by directly or indirectly sending a large amount of malicious traffic to it. Stochastic Fairness Queueing (SFQ) is a typical implementation of Fair Queueing. This paper focuses on exploring the feasibility of mitigating flooding-based DDoS attacks by queueing disciplines. A comparative study is made between SFQ and FCFS...

Resource depletion is a universal indicator of Distributed Denial of Service (DDoS) attacks. In this paper, we propose a ratio based control algorithm for detection and throttling of DDoS attacks. We use the sliding mode control (SMC) control theory to formulate and optimize the traffic control conditions for DDoS defense. A cluster-based control model is developed for the environment of an ope...

This paper addresses possible Distributed Denial-of-Service (DDoS) attacks toward the wireless Internet including the Wireless Extended Internet, the Wireless Portal Network, and the Wireless Ad Hoc network. We propose a conceptual model for defending against DDoS attacks on the wireless Internet, which incorporates both cooperative technological solutions and economic incentive mechanisms buil...

Corresponding Author: Parminder Singh Bawa National Advanced IPv6 Centre, Universiti Sains Malaysia, Penang, Malaysia Email: [email protected] Abstract: Many organizations and service providers have started shifting from traditional server-cluster infrastructure to cloud-based infrastructure. The threat of Distributed Denial of Service (DDoS) attack continues to wreak havoc in these cloud i...

Denial of Service (DoS) attacks and Distributed Denial of Service (DDoS) attacks accounted for more losses than Internet financial fraud and viruses combined (CSI/FBI 2003). The Internet has been exposed as being particularly vulnerable to Denial of Service Attacks. This has stimulated research into DDoS and the consequent development of many techniques which aim to control them. This paper aim...

Internet DDoS attacks are prevalent but hard to defend against, partially due to the volatility of the attacking methods and patterns used by attackers. Understanding the latest of DDoS attacks can provide new insights for effective defense. But most of existing understandings are based on indirect traffic measures (e.g., backscatters) or traffic seen locally (e.g., in an ISP or from a botnet)....

The wireless adhoc networks are highly vulnerable to distributed denial of service (DDoS) attacks because of its unique characteristics such as open network architecture and shared wireless medium. A denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack) is an attempt to make a computer resource unavailable to its legitimate users. The denial of service (DOS...