Chapter 1Introduction1.1 Denial of Service Attacks(DoS)1.2 Distributed Denial Of Service Attacks(DDoS)Figure 1.2 Typical DDoS Architecture [C03]Chapter 2DDoS Defense2.1 Intrusion Detection2.2 Intrusion Prevention2.3 Intrusion ResponseChapter 3Autonomous Anti-DDoS Network (A2D2) And Beyond3.1 A2D2 designFigure 3.1 – A2D2 Implementation [A02]3.2 And Beyond – A Technical Primer3.2.1 Intrusion Detection and Isolation Protocol (IDIP)Figure 3.2.1-1 – IDIP Nodes [NB02]Figure 3.2.1-2 IDIP Community [NB02]Figure 3.2.1-3 Attack Scenario [NB02]Figure 3.2.1-4 IDIP Neighborhood Local Response [NB02]Figure 3.2.1-5 IDIP Remote Boundary Controller Response [NB02]Figure 3.2.1-6 IDIP Remote Boundary Controller Response (continued) [NB02]Figure 3.2.1-7 IDIP Intrusion Reporting [NB02]Figure 3.2.1-8 IDIP Discovery Coordinator Optimal Response [NB02]3.2.1.1 IDIP Discovery CoordinatorFigure 3.2.1.1-1 Discovery Coordinator Application View [NB02-1]3.2.1.2 Service Location ProtocolChapter 4Anti-DDoS Network V2.0 (A2D2-2)4.1 A2D2 – Bringing it all together4.1.1 IDIP and SnortFigure 4.1.1-1 A2D2-2 Local Network Architecture4.1.2 IDIP, SLP and A2D2-2Figure 4.1.2-1 Alternate Routes and DDoS Attack [C03]Figure 4.1.2-2 Effect of Alternate Routes during DDoS attack [C03]Figure 4.1.2-3 A2D2-2 & SLP to Generate Alternate Routes4.1.3 Future work for A2D2-++ (To Infinity And Beyond!)ReferencesSarah JelinekCS691Spring Semester, 2003Semester Project ReportAutonomous Anti-DDoS Network V2.0A2D2-2CHAPTER 1....................................................................................................................................................3INTRODUCTION..............................................................................................................................................31.1 DENIAL OF SERVICE ATTACKS(DOS)................................................................................................31.2 DISTRIBUTED DENIAL OF SERVICE ATTACKS(DDOS)......................................................................3FIGURE 1.2 TYPICAL DDOS ARCHITECTURE [C03]......................................................................................5CHAPTER 2....................................................................................................................................................6DDOS DEFENSE............................................................................................................................................62.1 INTRUSION DETECTION...........................................................................................................................62.2 INTRUSION PREVENTION.........................................................................................................................62.3 INTRUSION RESPONSE.............................................................................................................................6CHAPTER 3....................................................................................................................................................7AUTONOMOUS ANTI-DDOS NETWORK (A2D2) AND BEYOND....................................................................73.1 A2D2 DESIGN..........................................................................................................................................7FIGURE 3.1 – A2D2 IMPLEMENTATION [A02] ..............................................................................................83.2 AND BEYOND – A TECHNICAL PRIMER...................................................................................................83.2.1 Intrusion Detection and Isolation Protocol (IDIP).........................................................................8FIGURE 3.2.1-1 – IDIP NODES [NB02].........................................................................................................9FIGURE 3.2.1-2 IDIP COMMUNITY [NB02]...............................................................................................10FIGURE 3.2.1-3 ATTACK SCENARIO [NB02]...............................................................................................11FIGURE 3.2.1-4 IDIP NEIGHBORHOOD LOCAL RESPONSE [NB02].............................................................12FIGURE 3.2.1-5 IDIP REMOTE BOUNDARY CONTROLLER RESPONSE [NB02]............................................12FIGURE 3.2.1-6 IDIP REMOTE BOUNDARY CONTROLLER RESPONSE (CONTINUED) [NB02].....................13FIGURE 3.2.1-7 IDIP INTRUSION REPORTING [NB02]................................................................................13FIGURE 3.2.1-8 IDIP DISCOVERY COORDINATOR OPTIMAL RESPONSE [NB02]........................................143.2.1.1 IDIP Discovery Coordinator..................................................................................................14FIGURE 3.2.1.1-1 DISCOVERY COORDINATOR APPLICATION VIEW [NB02-1]............................................163.2.1.2 Service Location Protocol......................................................................................................17CHAPTER 4..................................................................................................................................................18ANTI-DDOS NETWORK V2.0 (A2D2-2).....................................................................................................184.1 A2D2 – BRINGING IT ALL TOGETHER...................................................................................................184.1.1 IDIP and Snort..............................................................................................................................18FIGURE 4.1.1-1 A2D2-2 LOCAL NETWORK ARCHITECTURE......................................................................194.1.2 IDIP, SLP and A2D2-2..................................................................................................................19FIGURE 4.1.2-1 ALTERNATE ROUTES AND DDOS ATTACK [C03]...............................................................20FIGURE 4.1.2-2 EFFECT OF ALTERNATE ROUTES DURING DDOS ATTACK [C03]........................................21FIGURE 4.1.2-3 A2D2-2 & SLP TO GENERATE ALTERNATE ROUTES.........................................................224.1.3 Future work for A2D2-++ (To Infinity And
View Full Document