Doctor of Philosophy
School of Computer Science and Software Engineering - Faculty of Informatics
Lu, Liang, Network attacks and securing streaming content, Doctor of Philosophy thesis, School of Computer Science and Software Engineering - Faculty of Informatics, University of Wollongong, 2010. http://ro.uow.edu.au/theses/3158
Despite many years of eﬀort by the industry as well as the research community, attacks on computer systems via access networks are still a severe threat. In the battle against network attacks, ﬁrewalls and Intrusion Detection Systems (IDSs) have played one of the most important roles. However, conventional ﬁrewalls and IDSs have technical limitations and as such have diﬃculties dealing with emerging network applications, a notable example of which being streaming content. Besides, conﬁguring ﬁrewall rule tables for large networks with complex security requirements is a diﬃcult and error prone task.
In this thesis, we study the behavior of streaming content applications and look into techniques for enhancing ﬁrewalls/IDSs capabilities to cater for this new network application requirement. To assist system administrators to correctly implement organisational policies, we also develop a method of representing a ﬁrewall rule table that allows comparison of two tables, and provide an algorithm that determines if two tables are equivalent.
Even enhanced with techniques we provided, conventional ﬁrewalls/IDSs themselves still have diﬃculties dealing with complicated network threats and challenges. A notable example is multi-stage attacks where each stage itself does not violate security policy and is not detected by ﬁrewalls/IDSs.
A new mechanism, namely attack graphs, has emerged to model and defend against multi-stage attacks. However like any other new technologies, attack graphs have technical limitations such as sizing or scaling issues. In this thesis, we present our contribution to the area of ranking attack graphs. Our contribution lies in two major areas: accurate ranking of attack graphs, and eﬃcient ranking by an artiﬁcial intelligence approach.
02Whole.pdf (2858 kB)