Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Domain-Driven Security’s take on Denial-of-Service (DoS) Attacks
KTH, School of Computer Science and Communication (CSC).
2016 (English)Independent thesis Advanced level (degree of Master (Two Years)), 20 credits / 30 HE creditsStudent thesisAlternative title
Domändriven säkerhet som skydd mot Denial-of-Service-attacker (Swedish)
Abstract [en]

Many companies and organisations today suffer from Denial-of-Service (DoS) attacks, which can have direct and indirect economical consequences. This thesis tackles this problem with a novel approach by utilising domain specific behaviour and knowledge. The goal is to distinguish malicious attacks from legitimate usage and to alter overall system behaviour at the event of a DoS attack. Distributed DoS attacks (DDoS) are examined as well as a category suggested in this thesis, namely Domain DoS attacks.

A simple e-commerce system is developed based on the principles of Domain-Driven Design in order to test the given approach. Five examples of DoS attacks are presented and tested towards the system. The results indicate that utilising domain behaviour is a suitable approach in order to mitigate DoS attacks, but it requires deep integration with the application itself.

Abstract [sv]

Många företag och organisationer lider idag av Denial-of-Service-attacker (DoS-attacker), som kan få direkta och indirekta ekonomiska konsekvenser. Denna avhandling ser nytänkande på detta problem genom att dra nytta av domänspecifikt beteende och kunskap. Målet är att skilja skadliga attacker från legitimt användande och att ändra systemets beteende i händelse av en DoS-attack. Distribuerade DoS-attacker (DDoS) undersöks så väl som en kategori föreslagen i denna avhandling, kallad Domän DoS-attacker.

Ett enkelt e-handelssystem utvecklas baserat på principer från domändriven design i syfte att testa den givna tesen. Fem exempel av DoS-attacker är presenterade och testade gentemot systemet. Resultaten indikerar att utnyttjandet av domänbeteende är ett lämpligt tillvägagångssätt för att avvärja DoS-attacker, men att det kräver djup integration med applikationen. 

Place, publisher, year, edition, pages
2016.
Keyword [en]
Denial-of-Service, DoS, DDoS, Domain DoS, Domain-Driven Design, Domain-Driven Security
National Category
Computer Science
Identifiers
URN: urn:nbn:se:kth:diva-189340OAI: oai:DiVA.org:kth-189340DiVA: diva2:945831
External cooperation
Omegapoint AB
Educational program
Master of Science in Engineering - Computer Science and Technology
Supervisors
Examiners
Available from: 2016-07-04 Created: 2016-07-03 Last updated: 2016-07-06Bibliographically approved

Open Access in DiVA

fulltext(1582 kB)196 downloads
File information
File name FULLTEXT01.pdfFile size 1582 kBChecksum SHA-512
bafa2c866b27304a0e97b5040c73da97b2b96200b9a9c3c0aafbef96be3350d25a16a71537b169a15ffd264e40ca1e7081f30b2a5c3d6532f5527975b41d3cbd
Type fulltextMimetype application/pdf

By organisation
School of Computer Science and Communication (CSC)
Computer Science

Search outside of DiVA

GoogleGoogle Scholar
Total: 196 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 708 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf