skip to main content
OSTI.GOV title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: INCENTIVE-DRIVEN DEFENSE AGAINST LARGE-SCALE DDOS ATTACKS

Authors:
 [1];  [1]
  1. Los Alamos National Laboratory
Publication Date:
Research Org.:
Los Alamos National Lab. (LANL), Los Alamos, NM (United States)
Sponsoring Org.:
USDOE
OSTI Identifier:
1225576
Report Number(s):
LA-UR-07-1223
DOE Contract Number:
AC52-06NA25396
Resource Type:
Conference
Resource Relation:
Conference: 20TH IEEE COMPUTER SECURITY FOUNDATIONS SYMPOSIUM (CSF 20) ; 200707 ; VENICE
Country of Publication:
United States
Language:
English
Subject:
99 GENERAL AND MISCELLANEOUS

Citation Formats

YAN, GUANHUA, and EIDENBENZ, STEPHAN J. INCENTIVE-DRIVEN DEFENSE AGAINST LARGE-SCALE DDOS ATTACKS. United States: N. p., 2007. Web.
YAN, GUANHUA, & EIDENBENZ, STEPHAN J. INCENTIVE-DRIVEN DEFENSE AGAINST LARGE-SCALE DDOS ATTACKS. United States.
YAN, GUANHUA, and EIDENBENZ, STEPHAN J. Thu . "INCENTIVE-DRIVEN DEFENSE AGAINST LARGE-SCALE DDOS ATTACKS". United States. doi:. https://www.osti.gov/servlets/purl/1225576.
@article{osti_1225576,
title = {INCENTIVE-DRIVEN DEFENSE AGAINST LARGE-SCALE DDOS ATTACKS},
author = {YAN, GUANHUA and EIDENBENZ, STEPHAN J.},
abstractNote = {},
doi = {},
journal = {},
number = ,
volume = ,
place = {United States},
year = {Thu Feb 22 00:00:00 EST 2007},
month = {Thu Feb 22 00:00:00 EST 2007}
}

Conference:
Other availability
Please see Document Availability for additional information on obtaining the full-text document. Library patrons may search WorldCat to identify libraries that hold this conference proceeding.

Save / Share:
  • A lead contractor integrated service alliance was formed for the development drilling program of the Xijiang 24-3 and 30-2 fields in the South China Sea. The scope of the alliance covered the drilling and completion of all development wells (approximately 30), to include most drilling and completion services and management and coordination of subordinate services and logistics. The paper reviews the scope and structure of the Alliance and the incentive program, and compares projected benefits with actual performance achieved. The paper focuses on four key aspects: The Xijiang Development Plan; the role of the service alliance within the development plan,more » addressing Phillips` vision and goals for the alliance, and how the alliance was structured; the actual performance achieved from the Alliance; and some views on potential applications for Alliances of this type in the future.« less
  • This report summarizes the activities conducted under the DOE-OE funded project DEOE0000674, where ABB Inc. (ABB), in collaboration with University of Illinois at Urbana-Champaign (UIUC), Bonneville Power Administration (BPA), and Ameren-Illinois (Ameren-IL) pursued the development of a system of collaborative defense of electrical substation’s intelligent electronic devices against cyber-attacks (CODEF). An electrical substation with CODEF features will be more capable of mitigating cyber-attacks especially those that seek to control switching devices. It leverages the security extensions of IEC 61850 to empower existing devices to collaborate in identifying and blocking malicious intents to trip circuit breakers, mis-coordinate devices settings, even thoughmore » the commands and the measurements comply with correct syntax. The CODEF functions utilize the physics of electromagnetic systems, electric power engineering principles, and computer science to bring more in depth cyber defense closer to the protected substation devices.« less
  • Do In this paper presents recent advances in technology have made low-cost, low-power wireless sensors with efficient energy consumption. A network of such nodes can coordinate among themselves for distributed sensing and processing of certain data. For which, we propose an architecture to provide a stateless solution in sensor networks for efficient routing in wireless sensor networks. This type of architecture is known as Tree Cast. We propose a unique method of address allocation, building up multiple disjoint trees which are geographically inter-twined and rooted at the data sink. Using these trees, routing messages to and from the sink nodemore » without maintaining any routing state in the sensor nodes is possible. In this paper, we introduce the wormhole attack, a severe attack in ad hoc networks that is particularly challenging to defend against. The wormhole attack is possible even if the attacker has not compromised any hosts and even if all communication provides authenticity and confidentiality. In the wormhole attack, an attacker records packets (or bits) at one location in the network, tunnels them to another location, and retransmits them there into the network. The wormhole attack can form a serious threat in wireless networks, especially against many sensor network routing protocols and location-based wireless security systems. For example, most existing ad hoc network routing protocols, without some mechanism to defend against the wormhole attack, would be unable to find routes longer than one or two hops, severely disrupting communication. We present a new, general mechanism, called packet leashes, for detecting and thus defending against wormhole attacks, and we present a specific protocol, called TIK, that implements leashes.« less
  • The operation of cyber infrastructures relies on both cyber and physical components, which are subject to incidental and intentional degradations of different kinds. Within the context of network and computing infrastructures, we study the strategic interactions between an attacker and a defender using game-theoretic models that take into account both cyber and physical components. The attacker and defender optimize their individual utilities expressed as sums of cost and system terms. First, we consider a Boolean attack-defense model, wherein the cyber and physical sub-infrastructures may be attacked and reinforced as individual units. Second, we consider a component attack-defense model wherein theirmore » components may be attacked and defended, and the infrastructure requires minimum numbers of both to function. We show that the Nash equilibrium under uniform costs in both cases is computable in polynomial time, and it provides high-level deterministic conditions for the infrastructure survival. When probabilities of successful attack and defense, and of incidental failures are incorporated into the models, the results favor the attacker but otherwise remain qualitatively similar. This approach has been motivated and validated by our experiences with UltraScience Net infrastructure, which was built to support high-performance network experiments. In conclusion, the analytical results, however, are more general, and we apply them to simplified models of cloud and high-performance computing infrastructures.« less