SCOLD: Secure Collective Defense Project


This project is formerly named as SCID: Secure Collective Internet Defense. 
 

Goal:

The goal of the project is to investigate techniques for enhancing Internet security and protecting the Internet Infrastructure through collective defense. The current DDoS tools can gather massive compromised network nodes for a collective attack. This project seeks to develop equivalent collective defense mechanisms in Internet to guard against the intrusions and collective attacks. The collective defense mechanisms will involve the structure and procedures for multi-organization corporation, the design of new Internet protocols with security in mind, the design of systems and protocols for intrusion prevention, detection, handling, tolerance, and the design of secure protocols for exchanging defense information and for coordinating defenses.

Current Focus:

The current focus of the project is to explore the use of alternate gateways and a collection of proxy servers for intrusion tolerance and implements IDIP for intrusion push back. It also involved with modify Bind9/secure DNS update with new kind of indirect route entries.

Status:

• SCOLD testbed viewgraph 1 and graph 2, A2D2 testbed viewgraph, SCOLD alternate route graph 1 and graph 2
  
• Indirect Route through IP tunnel
• Daemon Process for Indirect Route
• Libresolve for Indirect Route
• DNS update
  
• Doc/
• Src/
  
• SCOLD presentation
• SCOLD mid term report full version
• SCOLD final report
• SCOLD Presentation at TPAC Forum 2003

Team:

• C. Edward Chow, PI

• Yu Cai.

• Dave Wilkinson

• Sarah Jelinek

Related Resources:

• Security Related Research Projects at UCCS Netwrok Research lab.
• Bind9
• Angela Cearns's master thesis (Autonomous Anti-DDoS Project).
• IP tunnel
• Snort
• DNS message
• DNS and BIND, 4th Edition
• IDIP
• Install Ethereal GUI
• AutoRPM installation
• Other literatures found in survey and our NISSC proposal writing.

Paper for sever selection algorithms:

• "Surveying Formal and Practical Approaches for Optimal Placement of Replicas on the Web"
• All the referenced paper in "Surveying Formal and Practical Approaches for Optimal Placement of Replicas on the Web"
•  L. Qiu, V. N. Padmanabhan, and G. M. Voelker, "On the placement of web server replicas," Proc. of IEEE INFOCOM, Mar. 2001
• S. Jamin, C. Jin, D. Raz, Y. Shavitt, and L. Zhang, "On the placement of internet instrumentation," Proc. of IEEE INFOCOM, Mar. 2000
• P. Krishnan, D. Raz, and Y. Shavitt, "The cache location problem," ACM/IEEE Transactions on Networking, vol. 8, no. 5, Oct. 2000.

Sponsors:

This project is currently supported by a grant from NISSC.