Mechanisms and Implementations for Enhancing System Security and Service Availability
| Autor: | Ming-Wei Wu, 吳明蔚 |
|---|---|
| Rok vydání: | 2008 |
| Druh dokumentu: | 學位論文 ; thesis |
| Popis: | 96 Nowadays, numerous clients are connected to Internet to access the applications offered by the servers, and has encountered various problems that significantly affect their user experiences. These problems are typically 1) the security concerns for spyware infection, 2) the connectivity issues in Peer-to-Peer (P2P) communications, and 3) the dependability of mail servers as well as the productivity of mail recipients. This thesis aims to propose a suite of mechanisms that offer better security to client system and improved availability to Internet servers. First, a Stateful Threat-Aware Removal System (STARS) is proposed and implemented that at run time monitors critical system behaviors, and ensures that removed spyware does not recover after deletion (so called self-healing). Second, a Hidden Markov Model (HMM) is trained based on visible observations of spyware behaviors. The constructed HMM represents the likelihood of transitions between security states and indicates the risk level of spyware invasion. Third, in order to resolve the visibility problem between peers that used private IPv4 addresses, a scalable port forwarding (SPF) design is proposed and implemented, which introduces negligible time and space complexity. SPF enables a legacy Network Address Translation (NAT) device to significantly improve its connectivity and scalability by 1) lessening the race condition of P2P traversals, 2) multiplexing the port numbers to exceed theoretical upper bound 65,535 and 3) allowing more servers to bind to a specific port. Lastly, bulk volume of spam mails delivering to mail transfer agents (MTA), which is similar to the effect of denial of services (DoS) attacks, dramatically reduces the dependability and efficiency of networking systems. While there is no silver bullet to deter spammers and eliminate spam mails, a spam-resistible mail agent (SRMA) that employed a multi-faceted approach to have most advantages and the least disadvantages of existing anti-spam solutions. |
| Databáze: | Networked Digital Library of Theses & Dissertations |
| Externí odkaz: |
|