| Summary: | 碩士 === 義守大學 === 資訊管理學系碩士班 === 97 === This thesis discusses a variety of denial of service (DoS) attacks, such as flooding attacks, distributed denial of service (DDoS) attacks and intrusion detection systems (IDS), and applies an ant system (AS) algorithm to the network routing and DoS traceback problems. As we known, hackers always attempt to paralyze or destroy the network services of a target host by scanning protocol flaws or loopholes continuously on a firewall system. Once they got enough information about the vulnerabilities of network security for the aimed server, they start an effective network attack that results in the server’s services come to a halt and, as a result, client users can not access to the server system. Accordingly, this thesis uses the AS algorithm, which is inspired by the foraging behavior of real ants with distributing the pheromones on the path in order to attract ants to pass through the path, is implemented to detect the possible attack route and traceback the source host used by the hacker.
First, this work implements analyzes the network routing and a stage coach problem, and then to simulate the problems to evaluate the present numerical processes. Some parameters includs pheromone, distance (or octet) and local updating rule are used in the AS. This study analyzes network routers with 9, 14, 52, 70 and 280 nodes, a stage coach problem with 10 nodes, DoS traceback problems with 20 to 40 nodes, and the cases without octet nodes. Due to the records of listing the information of packet transmission consume a large number of memory spaces and decay the performance of the operating system, some routers did not list all of the routers’ records containing packet transmission. Moreover, this study conducts the experimental cases which lack of the integrity of network flows in order to compare the efficiency of traceback using with/without integrity information in finding the best path.
|
|---|
