A survey of defense mechanisms against distributed denial of service (DDOS) flooding attacks

Distributed Denial of Service (DDoS) flooding attacks are one of the biggest concerns for security professionals. DDoS flooding attacks are typically explicit attempts to disrupt legitimate users' access to services. Attackers usually gain access to a large number of computers by exploiting their vulnerabilities to set up attack armies (i.e., Botnets). Once an attack army has been set up, an attacker can invoke a coordinated, large-scale attack against one or more targets. Developing a comprehensive defense mechanism against identified and anticipated DDoS flooding attacks is a desired goal of the intrusion detection and prevention research community. However, the development of such a mechanism requires a comprehensive understanding of the problem and the techniques that have been used thus far in preventing, detecting, and responding to various DDoS flooding attacks. In this paper, we explore the scope of the DDoS flooding attack problem and attempts to combat it. We categorize the DDoS flooding attacks and classify existing countermeasures based on where and when they prevent, detect, and respond to the DDoS flooding attacks. Moreover, we highlight the need for a comprehensive distributed and collaborative defense approach. Our primary intention for this work is to stimulate the research community into developing creative, effective, efficient, and comprehensive prevention, detection, and response mechanisms that address the DDoS flooding problem before, during and after an actual attack. © 1998-2012 IEEE

Journal of Telecommunications and Information Technology, 2014, nr 4

kwartalni

Support infrastructures for multimedia services with guaranteed continuity and QoS

Advances in wireless networking and content delivery systems are enabling new challenging provisioning scenarios where a growing number of users access multimedia services, e.g., audio/video streaming, while moving among different points of attachment to the Internet, possibly with different connectivity technologies, e.g., Wi-Fi, Bluetooth, and cellular 3G. That calls for novel middlewares capable of dynamically personalizing service provisioning to the characteristics of client environments, in particular to discontinuities in wireless resource availability due to handoffs. This dissertation proposes a novel middleware solution, called MUM, that performs effective and context-aware handoff management to transparently avoid service interruptions during both horizontal and vertical handoffs. To achieve the goal, MUM exploits the full visibility of wireless connections available in client localities and their handoff implementations (handoff awareness), of service quality requirements and handoff-related quality degradations (QoS awareness), and of network topology and resources available in current/future localities (location awareness). The design and implementation of the all main MUM components along with extensive on the field trials of the realized middleware architecture confirmed the validity of the proposed full context-aware handoff management approach. In particular, the reported experimental results demonstrate that MUM can effectively maintain service continuity for a wide range of different multimedia services by exploiting handoff prediction mechanisms, adaptive buffering and pre-fetching techniques, and proactive re-addressing/re-binding

Design and implementation aspects of open source next generation networks (NGN) test-bed software toolkits

Informations- und Kommunikationstechnologien bilden seit langem das immer wichtiger werdende Rückgrat der weltweiten Wirtschaft und Telekommunikation, in der speziell Telekommunikationsnetze und -dienste einen elementaren Anteil tragen. Durch die Konvergenz von Telekommunikations- und Internettechnologien hat sich die Telekommunikationslandschaft in der letzten Dekade drastisch verändert. Bislang geschlossene Telekommunikationsumgebungen haben sich imWandel zum sogenannten Next Generation Network (NGN) hinsichtlich unterstützter Zugangsnetztechnologien und angebotener multimedialer Anwendungen sowie der eingesetzten Protokolle und Dienste zu komplexen, hochdynamischen, Multi-Service Infrastrukturen gewandelt. Die Kontrollschicht solcher NGNs ist dabei von übergeordneter Bedeutung, da diese zwischen den Zugangsnetzen und den Anwendungen sitzt. Der Einsatz und die Optimierung des IP-Multimedia Subsystem (IMS) wurde in diesem Kontext Jahrelang erforscht und diskutiert und es repräsentiert heute die weltweit anerkannte Kontrollplattform für feste und mobile Telekommunikationsnetze. Die Forschung an Protokollen und Diensten in diesen NGN Umgebungen ist aufgrund der Konvergenz von Technologien, Anwendungen und Business Modellen sowie der hohen Dynamik aber kurzen Innovationszyklen hochkomplex. Der frühzeitigen Zugang zu herstellerunabhängigen – aber dicht an der Produktwelt angelehnten - Validierungsinfrastrukturen, sogenannten offenen Technologietest-beds, kurz Test-beds, ist daher für Forschungs- und Entwicklungsabteilungen unerlässlich Die vorliegende Dissertation beschreibt die umfangreiche Forschungsarbeit des Autors auf dem Gebiet der offenen NGN Test-beds über die letzten neun Jahre und konzentriert sich dabei auf Entwurf, Entwicklung und Bereitstellung des Open Source IMS Core Projekt, das seit Jahren die Grundlage für eine Vielzahl von NGN Test-beds und zahllose NGN Forschungs- und Entwicklungsprojekte im akademischen als auch Industrienahen Umfeld rund um den Globus darstellt. Dabei wird ein großer Schwerpunkt auf die Anforderungen hinsichtlich Flexibilität, Leistung, Funktionalitätsumfang und Interoperabilität, sowie elementare Designprinzipien von Test-bedwerkzeugen gelegt. Die Arbeit beschreibt und bewertet darüberhinaus den Einsatz von Open Source Prinzipien und veranschaulicht die Vorteile dieses Ansatzes hinsichtlich Einfluss und Nachhaltigkeit der Forschung anhand des Aufbaus einer globalen Open Source IMS Core (OpenIMSCore) Forschungs-Community. Außerdem veranschaulicht die Arbeit zum Ende die Wiederverwendbarkeit der wesentlichen angewendeten Designprinzipien an anderen maßgeblich durch den Autor entwickelten Test-bed Werkzeugen, insbesondere dem Open Evolved Packet Core (OpenEPC) für die nahtlose Integration verschiedener Breitbandnetztechnologien.Information and Communication Technologies provide for a long time already the backbone of telecommunication networks, such that communication services represent an elementary foundation of today’s globally connected economy. The telecommunication landscape has experienced dramatic transformations through the convergence of the Telecom and the Internet worlds. The previously closed telecommunication domain is currently transforming itself through the so-called NGN evolution into a highly dynamic multiservice infrastructure, supporting rich multimedia applications, as well as providing comprehensive support for various access technologies. The control layer of such NGNs is then of paramount importance, as representing the convergent mediator between access and services. The use and the optimization of the IP-Multimedia Subsystem (IMS) was researched and considered in this domain for many years now, such that today it represents the world-wide recognized control platform for fixed and mobile NGNs. Research on protocols and services for such NGN architectures, due to the convergence of technologies, applications and business models, as well as for enabling highly dynamic and short innovation cycles, is highly complex and requires early access to vendor independent - yet close to real life systems - validation environments, the so-called open technology test-beds. The present thesis describes the extensive research of the author over the last nine years in the field of open NGN test-beds. It focuses on the design, development and deployment of the Open Source IMS Core project, which represents since years the foundation of numerous NGN test-beds and countless NGN Research & Development projects in the academia as well as the industry domain around the globe. A major emphasis is given for ensuring flexibility, performance, reference functionality and inter-operability, as well as satisfying elementary design principles of such test-bed toolkits. The study also describes and evaluates the use of Open Source principles, highlighting the advantages of using it in regard to the creation, impact and sustainability of a global OpenIMSCore research community. Moreover, the work documents that the essential design principles and methodology employed can be reused in a generic way to create test-bed toolkits in other technology domains. This is shown by introducing the OpenEPC project, which provides for seamless integration of different mobile broadband technologies

Integrating Context-Awareness in the IP Multimedia Subsystem for Enhanced Session Control and Service Provisioning Capabilities

The 3GPP-defined IP Multimedia Subsystem (IMS) is becoming the de-facto standard for IP-based multimedia communication services. It consists of an overlay control and service layer that is deployed on top of IP-based mobile and fixed networks. This layer encompasses a set of common functions (e.g. session control functions allowing the initiation/modification/termination of sessions) and service logics that are needed for the seamless provisioning of IP multimedia services to users, via different access technologies. As it continues to evolve, the IMS still faces several challenges including: the enabling of innovative and personalized services that would appeal to users and increase network operators' revenues; its interaction with other types of networks (e.g. wireless sensor networks) as means to enhance its capabilities; and the support of advanced QoS schemes that would manage the network resources in an efficient and adaptive manner. The context-awareness concept, which comes from the pervasive computing field, signifies the ability to use situational information (or context) in support to operations and decision making and for the provision of relevant services to the user. Context-awareness is considered to enhance users' experience and is seen as an enabler to adaptability and service personalization - two capabilities that could play important roles in telecommunication environments. This thesis focuses on the introduction of the context-awareness technology in the IMS, as means to enhance its session control and service provisioning capabilities. It starts by presenting the necessary background information, followed by a derivation of requirements and a review of the related work. To ensure the availability of contextual information within the network, we then propose an architecture for context information acquisition and management in the IMS. This architecture leverages and extends the 3GPP presence framework. Building on the capabilities of this architecture, we demonstrate how the managed information could be integrated in IMS operations, at the control and service levels. Showcasing control level integration, we propose a novel context-aware call differentiation framework as means to offer enhanced QoS support (for sessions/calls) in IMS-based networks. This framework enables the differentiation between different categories of calls at the IMS session control level, via dynamic and adaptive resource allocation, in addition to supporting a specialized charging model. Furthermore, we also propose a framework for enhanced IMS emergency communication services. This framework addresses the limitations of existing IP-based emergency solutions, by offering three main improvements: a QoS-enhanced emergency service; a context-aware personalized emergency service; and a conferencing-enhanced emergency service. We demonstrate the use of context awareness at the IMS service level using two new context-aware IMS applications. Finally, to validate our solutions and evaluate their performance, we build various proof-of-concept prototypes and OPNET simulation model