Date of Award

8-2007

Document Type

Thesis

Degree Name

Master of Science (MS)

Legacy Department

Computer Science

Advisor

Martin, James

Committee Member

Grossman , Harold

Committee Member

Smotherman , Mark

Abstract

Over 48 million end users worldwide utilize cable modems as their means of accessing the Internet at high speeds. The United States accounts for 54% of those users. Networks which provide access via cable modems utilize Data Over Cable Service Interface Specifications (DOCSIS) as their means of network management. As availability to the Internet increases (especially at high speeds supported by broadband access), so does the opportunity for malicious activity against users utilizing the Internet. Denial-of-service (DoS) attacks are one form of malicious activity and one of the most common. In commonplace Ethernet-based wired networks, a DoS attack requires relatively high levels of computing and network resources to successfully deny service. In DOCSIS-based networks, high levels of computing and network resources aren't mandatory in order to sufficiently degrade a network segment, especially when the objective of the attack is to reduce the quality of Voice over Internet Protocol (VoIP) sessions. This phenomenon hinges on the Media Access Control layer protocol employed by DOCSIS used for managing access to the upstream transmission medium. Utilizing NS, a discrete event network simulator, we define and analyze a DoS attack that specifically targets DOCSISbased networks. The attack consumes a small portion of the downstream bandwidth available over a cable network but can severely impact upstream performance. While the DoS attack can have any objective, we focus on an attack on best effort VoIP sessions. The implications of this phenomenon are widespread as end users looking for cost-saving voice telecommunications services migrate to best effort VoIP such as provided by Vonage. The iii contribution of this research is the formulation of a DoS attack that exploits the relatively inefficient upstream channel in a DOCSIS system and analysis of the attack which explores the impact of the two attack parameters on VoIP performance. Those two attack parameters are the number of nodes attacked and the frequency at which each node is attacked.

Share

COinS