The goal of the project is to
investigate techniques for enhancing Internet security and protecting the
Internet Infrastructure through collective defense. The current DDoS tools can
gather massive compromised network nodes for a collective attack. This project
seeks to develop equivalent collective defense mechanisms in Internet to guard
against the intrusions and collective attacks. The collective defense mechanisms
will involve the structure and procedures for multi-organization corporation,
the design of new Internet protocols with security in mind, the design of
systems and protocols for intrusion prevention, detection, handling, tolerance,
and the design of secure protocols for exchanging defense information and for
coordinating defenses.
The current focus of the project is to explore the use of alternate gateways and a collection of proxy servers for intrusion tolerance and implements IDIP for intrusion push back. It also involved with modify Bind9/secure DNS update with new kind of indirect route entries.
Paper for sever selection algorithms:
This project is currently supported by a grant from NISSC.