IDEALS Home University of Illinois at Urbana-Champaign logo The Alma Mater The Main Quad

Secure resource management in networks

Show full item record

Bookmark or cite this item: http://hdl.handle.net/2142/34416

Files in this item

File Description Format
PDF Kim_Dongho.pdf (2MB) (no description provided) PDF
Title: Secure resource management in networks
Author(s): Kim, Dongho
Director of Research: Hu, Yih-Chun
Doctoral Committee Chair(s): Hu, Yih-Chun
Doctoral Committee Member(s): Caesar, Matthew; Kumar, P. R.; Vaidya, Nitin
Department / Program: Electrical & Computer Eng
Discipline: Electrical & Computer Engr
Degree Granting Institution: University of Illinois at Urbana-Champaign
Degree: Ph.D.
Genre: Dissertation
Subject(s): Security Internet Wireless Network Denial of service (DoS) defense
Abstract: This dissertation reports research conducted in two aspects of secure network resource management: strengthening security by proposing a defense architecture with stronger security property and increasing deployability. In the first part of this dissertation, we reveal a new threat called false feedback attack in wireless networks using channel-aware protocols. Our simulations show that an attacker overclaiming its channel condition is able to completely steal other benign users' service opportunity under a high-efficiency scheduler. A fair scheduler can mitigate this attack but cannot provide high efficiency. We propose a new secure channel estimation scheme to maintain security while achieving high efficiency at the same time. Our analysis and simulations show that our scheme prohibits any incentive for an attacker performing false feedback attack and gives higher throughput than PF scheduler, a representative fair scheduler. In the second part, we present CRAFT, a collusion-resistant DoS (denial of service) defense. CRAFT defends against a colluding receiver who intentionally allows a colluding sender to send excessive traffic. Our basic idea is that a CRAFT router securely emulates TCP operation. Our simulations show that CRAFT guarantees service availability even with colluding attackers. Our prototype system shows the feasibility of CRAFT. In the third part, we present Mirage, a deployable DoS defense. Prior defenses require other network operators to deploy the same defense mechanism. Mirage does not impose this requirement. Our analysis and prototype system show that Mirage does not require other network operators' deployment and is feasible with commodity PCs.
Issue Date: 2012-09-18
URI: http://hdl.handle.net/2142/34416
Rights Information: Copyright 2012 Dongho Kim
Date Available in IDEALS: 2012-09-18
Date Deposited: 2012-08
 

This item appears in the following Collection(s)

Show full item record

Item Statistics

  • Total Downloads: 109
  • Downloads this Month: 5
  • Downloads Today: 0

Browse

My Account

Information

Access Key