2010 MRes projects
- A feasibility study of the use of ground penetrating radar and metal oxide semiconductor sensors on a mobile platform for security applications
- The use of forensic evidence in the prosecution of terrorism cases in Britain
- Scintillation materials for the detection of special nuclear materials (SNMs)
- Looking beyond borders: Identification, information and the diffusion of conflicts.
- How hard can it be?: A study investigating user trust decisions in e-commerce
- Non-contact object localisation for automated 'on-belt- tomosynthesis
- Immmunising the Internet
- Investigating forward scatter radar for maritime target detection using statistical and comparative study
- The spatial distribution of post-blast RDX residue: Forensic implications
- Factors influencing intelligence analysts performance in using Bayesian and automated analysis of competing hypotheses
- Secure digital archive search using a probably approximately correct architecture
- Constraints and prospects of the application of scientific rigour to conflict early warning in Africa
- Prediction of crime patterns emerging from simulated search trajectories of individual offenders
- Download warnings: A rational rejection of security advice?
- The effectiveness of vehicle security devices to prevent car crime in Chile
- Inferring user behaviour despite wireless network encryption
- A feasibility study of the use of ground penetrating radar and metal oxide semiconductor sensors on a mobile platform for security applications
 |
 |
 |
 |
Immmunising the Internet
22 February 2012
This research is being funded by the China Scholarship Council. Existing approaches in securing the Internet are insufficient and now new and more innovative ways for dealing with the increasing cyber-threats are necessary. This study explores the possibility of immunising the Internet.
The immune system and Internet security systems have many similarities in terms of the scale and complexity of the system they are protecting, the evolving nature of the threats, and the potentially catastrophic result of defence failures. By drawing analogies between the immune system and Internet security systems, we identify six immune paradigms that could be applied in designing better Internet se-curity systems. They are Danger-driven defence, Coordinated defence, Progressive increase in precision, Distributed defence and shared responsibility, Evolution and gradual development, and Spontaneous defence and artificial vaccination.
We then propose an Internet Immunisation Architecture (IIA) based on the identified immune paradigms. It is expected to serve as a blueprint for immunising the Internet against various traffic-flooding-based malicious network activities. Next we design an example application of the Internet Im-munisation Architecture (IIA) for countering Distributed Denial-of-Service (DDoS) attacks - currently one of the most prevalent threats in contemporary networks. Lastly, we conduct simulations in three generic DDoS attack scenarios to test the performance of the example application. Results from the simulations demonstrated the IIA can be effective and efficient in defending DDoS attacks.
The immune paradigms identified in this dissertation have been demonstrated to be a promising approach for improving network security in a series of simulations.
