Lecture Series at the Laboratory For Telecommunications Sciences (LTS): "Detection of Distributed Denial of Service Attacks"

Thu Aug 09, 2012 2:00 PM

By Dr. Mehdi Kalantari Khandani, Department of Electrical and Computer Engineering, University of Maryland, College Park.

Location: LTS Auditorium, Laboratory of Telecommunications Sciences, 8080 Greenmead Drive, College Park, MD 20740

Distributed Denial of Service (DDoS) attacks can disable critical network services for legitimate users, and pose an increasingly costly problem for business. As one of many examples of DDoS attacks, on April 27, 2007, massive DDoS attacks targeted the entire Internet infrastructure in Estonia, a pioneer "e-government" and one of the most wired countries in Europe. For a period of 24 hours, the attacks resulted in a complete outage of government and many other services such as emergency operators, travel agencies, and financial institutes across Estonia. As the Internet continues to become ever more important in the conduct of commerce, government and communications, it is imperative to develop techniques that can detect and mitigate DDoS attacks. In this talk, we review different types of DDoS attacks. In order to provide defense mechanism, the first important step is to provide an effective detection tool. We discuss different detection tools that differentiate traffic that belongs to a DDoS attack from the ordinary traffic on a network link. The talk discusses responsiveness test, which provides an intrusive but reliable method to estimate ratio of DDoS traffic within an aggregate of traffic. As an alternative method, the presentation will discuss another method based on Baysean filtering, which uses observations on individual TCP connections to optimize filters that are used to eliminate DDoS traffic.

Dr. Mehdi Kalantari Khandani is an assistant research scientist at the Electrical and Computer Engineering Department of the University of Maryland (UMD). He received his BSc and MSc degrees in Electrical Engineering from the Sharif University of Technology, Tehran, Iran in 1996 and 1998 respectively. He received his PhD in Electrical and Computer Engineering in 2005 from the University of Maryland. Dr. Kalantari's research interests include Communication Theory, Internet Security and in particular Distributed Denial of Service (DDoS) defense, and developing low cost scalable remote monitoring solutions for protecting transportation infrastructure. Dr. Kalantari founded MacroPhage Networks in 2004 (with Prof. Mark Shayman). The mission of MacroPhage Networks was to offer products with superior performance in protecting the Internet infrastructure against DDoS attacks. After developing the prototype of the MacroPhage Internet security the company was renamed RioRey Inc. RioRey is a leading provider of DDoS security for the Internet. Dr. Kalantari received Dean's Honor Award at the Shariff University of Technology in 1996, Business Plan Competition Award at UMD in 2004 and 2008, Award for Entrepreneurship at UMD in 2006, SAIC Venture Accelerator Award in 2008 and Vodafone Wireless Innovation Award in 2010.