| dc.contributor.advisor | Karen R. Sollins. | en_US |
| dc.contributor.author | Hansen, Richard E., M. Eng. Massachusetts Institute of Technology | en_US |
| dc.contributor.other | Massachusetts Institute of Technology. Dept. of Electrical Engineering and Computer Science. | en_US |
| dc.date.accessioned | 2008-05-19T14:58:13Z | |
| dc.date.available | 2008-05-19T14:58:13Z | |
| dc.date.copyright | 2007 | en_US |
| dc.date.issued | 2007 | en_US |
| dc.identifier.uri | http://hdl.handle.net/1721.1/41539 | |
| dc.description | Thesis (M. Eng.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2007. | en_US |
| dc.description | This electronic version was submitted by the student author. The certified thesis is available in the Institute Archives and Special Collections. | en_US |
| dc.description | Includes bibliographical references (p. 97-103). | en_US |
| dc.description.abstract | Distributed denial-of-service (DDoS) attacks can easily cripple victim hosts or networks, yet effective defenses remain elusive. Normal anycast can be used to force the diffusion of attack traffic over a group of several hosts to increase the difficulty of saturating resources at or near any one of the hosts. However, because a packet sent to the anycast group may be delivered to any member, anycast does not support protocols that require a group member to maintain state (such as TCP). This makes anycast impractical for most applications of interest. This document describes the design of Stateful Anycast, a conceptual anycast-like network service based on IP anycast. Stateful Anycast is designed to support stateful sessions without losing anycast's ability to defend against DDoS attacks. Stateful Anycast employs a set of anycasted proxies to direct packets to the proper stateholder. These proxies provide DDoS protection by dropping a session's packets upon group member request. Stateful Anycast is incrementally deployable and can scale to support many groups. | en_US |
| dc.description.statementofresponsibility | by Richard E. Hansen. | en_US |
| dc.format.extent | 103 p. | en_US |
| dc.language.iso | eng | en_US |
| dc.publisher | Massachusetts Institute of Technology | en_US |
| dc.rights | M.I.T. theses are protected by
copyright. They may be viewed from this source for any purpose, but
reproduction or distribution in any format is prohibited without written
permission. See provided URL for inquiries about permission. | en_US |
| dc.rights.uri | http://dspace.mit.edu/handle/1721.1/7582 | en_US |
| dc.subject | Electrical Engineering and Computer Science. | en_US |
| dc.title | Stateful anycast for distributed DDoS mitigation | en_US |
| dc.title.alternative | Stateful anycast for distributed denial-of-service mitigation | en_US |
| dc.type | Thesis | en_US |
| dc.description.degree | M.Eng. | en_US |
| dc.contributor.department | Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science | |
| dc.identifier.oclc | 219641263 | en_US |
