File(s) under permanent embargo

Reason: Restricted by author. A copy can be supplied under Section 51(2) of the Australian Copyright Act 1968 by submitting a document delivery request through your library or by emailing document.delivery@monash.edu

A holistic security approach for protecting government eServices against denial-of-service attack

thesis
posted on 06.02.2017, 03:14 by Alhabeeb, Mohammed Abdulaziz M
Security is one of the most important factors in providing eServices. This is particularly the case for organizations, including government departments, that provide critical systems. Denial-of-service (DoS) attacks are a threat to systems, individuals, organizations and society because they cause damage that is far-reaching. Protecting systems against DoS attack is a priority. To provide an acceptable level of protection for eServices against DoS attack, requirements need to be met in four key areas: functionality, security, decision accuracy and performance. A review of current models revealed that not one of the existing solutions for DoS attack satisfies all requirements. Our search for a solution to the DoS-attack problem began with an analysis of government eService business flows. We then designed a formal-analysis model to understand and describe the critical government systems. Following this, we built a comprehensive model (DoS-PIF) that integrates the three required protection tasks – packet filtering, attack detection and attack prevention – and that includes communication controls. In order to demonstrate the practical value of the model, a security approach, called the Holistic Approach for Securing and Protecting Critical Government eService Systems (HASP-CGeSS), was derived and realized. In order to implement the communication control in HASP-CGeSS, we proposed a Token-Filtering Technique (TFT) to provide an authentication and filtration layer for packet filtering. TFT offers fast packet filtering through the use of packet headers. We then designed the Token-Filtering-Technique Protocol (TFTP) to prevent DoS attack. Our subsequent evaluation indicated that the TFTP enhances packet-filtering rates, prevents the spoofing of communication sources, filters packets without needing to decrypt them, protects systems from modified and malformed packets, can manage communication timing and free the client from unproductive processing, provides stateful features in a stateless connection and provides efficient communication control between comparative communication controls. In addition, the results show that the proposed protocol is efficient and DoS-resistant for legitimate users and under seven types of DoS-attack scenarios. Furthermore, the results show that (unlike other solutions) the size of the proposed repeat-communications list does not limit the number of clients. Finally, the protocol filters DoS attacks faster than existing protocols and consequently creates greater resource availability in a system because of the reduced time required to filter DoS attacks. This research has proposed a number of innovative security advances to protect critical government systems. The outcomes of the research justify continuing investigation in this domain for the betterment of citizens, organisations, government and society.

History

Campus location

Australia

Principal supervisor

Bala Srinivasan

Year of Award

2012

Department, School or Centre

Caulfield School of IT

Course

Doctor of Philosophy

Degree Type

DOCTORATE

Faculty

Faculty of Information Technology