Improving Network Security with Low-Cost and Easy-to-Adopt Solutions

Security is always a big concern. According to the statistics, there are over 80,000 cyberattacks per day or over 30 million attacks per year. To make the Internet safe, both the industry and academia propose many solutions. However, these security solutions mainly concentrate on being effective, and ignore the other two features: deployment cost and usability. Therefore, though many works have been proposed to improve security, attacks still happen frequently.

Our goal is to improve network security with low-cost and easy-to-adopt solutions. In this thesis, we choose Distributed Denial-of-Services (DDoS) attack and I/O path malware attack as two representatives. Fueled by IoT botnets and DDoS-for-Hire services, DDoS attacks have reached a record high volume, and launching such attacks is increasingly easy and cheap. We speculate the main reasons why existing solutions still leave DDoS as the top threat are 1) Commercial DDoS protection services are costly. 2) Solutions that require upgrading the core Internet architecture turned out to be extremely difficult to deploy. Similarly, modern operating systems enable user-level malware to log a user's keystrokes or scrape a user's screen output, which usually contains user sensitive data. Solutions with trusted hardware, virtual machines, and mobile phone facilitation all have high costs of deployment and usability for non-expert users.

In this thesis, we present our low-cost and easy-to-adopt solutions to these two attacks. Specifically, 1) Dynashield, an on-demand DDoS defense architecture built on top of different cloud services. Dynashield introduces lower financial cost than Protection-as-a-Service product like Cloudflare, and is easier to adopt than network architecture based solutions. 2) Switchman, a framework to protect a user's I/O paths against user-level malware attacks stealing sensitive privacy data. Switchman helps non-expert users protect their sensitive data. It is easier to adopt than trusted hardware solutions like Intel SGX, and has higher usability compared to VM and additional devices based solutions.