A Principle of a Data Synthesizer for Performance Test of Anti-DDOS Flood Attacks
نویسندگان
چکیده
Distributed denial-of-service (DDOS) flood attacks remain a big issue in network security. Real events of DDOS flood attacks show that an attacked site (e.g., server) usually may not be overwhelmed immediately at the moment attack packets arrive at that site but sometime late. Therefore, a site has a performance to resist DDOS flood attacks. To test such a performance, data synthesizer is desired. This paper introduces a principle to synthesize packet series according to a given value of the Hurst parameter for performance test of anti-DDOS flood attacks. Key-Words: Long-range dependent traffic, testing, distributed denial-of-service flood attacks, synthesizing traffic, intrusion tolerance
منابع مشابه
HF-Blocker: Detection of Distributed Denial of Service Attacks Based On Botnets
Abstract—Today, botnets have become a serious threat to enterprise networks. By creation of network of bots, they launch several attacks, distributed denial of service attacks (DDoS) on networks is a sample of such attacks. Such attacks with the occupation of system resources, have proven to be an effective method of denying network services. Botnets that launch HTTP packet flood attacks agains...
متن کاملExperimental Evaluation of Juniper Network's Netscreen-5GT Security Device against Layer4 Flood Attacks
Cyber attacks are continuing to hamper working of Internet services despite increased use of network security systems such as firewalls and Intrusion protection systems (IPS). Recent Distributed Denial of Service (DDoS) attacks on Dec 8, 2010 by Wikileak supporters on Visa and Master Card websites made headlines on prime news channels all over the world. Another famous DDoS attacks on Independe...
متن کاملF-STONE: A Fast Real-Time DDOS Attack Detection Method Using an Improved Historical Memory Management
Distributed Denial of Service (DDoS) is a common attack in recent years that can deplete the bandwidth of victim nodes by flooding packets. Based on the type and quantity of traffic used for the attack and the exploited vulnerability of the target, DDoS attacks are grouped into three categories as Volumetric attacks, Protocol attacks and Application attacks. The volumetric attack, which the pro...
متن کاملNote on Studying Change Point of LRD Traffic Based on Li's Detection of DDoS Flood Attacking
Distributed denial-of-service DDoS flood attacks remain great threats to the Internet. To ensure network usability and reliability, accurate detection of these attacks is critical. Based on Li’s work on DDoS flood attack detection, we propose a DDoS detection method by monitoring the Hurst variation of long-range dependant traffic. Specifically, we use an autoregressive system to estimate the H...
متن کاملMcAfee SecurityCenter Evaluation under DDoS Attack Traffic
During the Distributed Denial of Service (DDoS) attacks, computers are made to attack other computers. Newer Firewalls now days are providing prevention against such attack traffics. McAfee SecurityCenter Firewall is one of the most popular security software installed on millions of Internet connected computers worldwide. “McAfee claims that if you have installed McAfee SecurityCentre with anti...
متن کامل