In English

Overlay Networks and Distributed Denial of Service Attacks: Overview, study and evaluation of an application-enabled approach.

Negin Fathollah Nejad Asl ; Ricardo Moscoso Romero
Göteborg : Chalmers tekniska högskola, 2010. 126 s.
[Examensarbete på avancerad nivå]

Distributed denial-of-service attack (DDoS) as one of the most common Internet attacks today is an attempt to prevent legitimate network traffic from reaching the target and consequently to disable all services that this resource provides to the victim. The most common method to perpetrate DDoS attack is flooding the network with malicious packets to exhaust the network resources. This work is based on the fact that many network-based applications commonly open some known port(s) to communicate with their users; therefore, making themselves vulnerable to DoS or DDoS attacks. One of the main approaches to perform DDoS attack is to leverage the distributed network architecture (peer to peer networks) to create huge armies of zombies. These zombies are used to flood the victim with legitimate traffic. As there are large number of attacker machines in this method, defending against this attack is extremely complex. As peer to peer networks have become very important as one of the most popular content-delivery systems recently, the issue of defense against DDoS attack which use peer to peer network as their weapon turned into a big concern. Considering this problem the main goal of this dissertation, after understanding the DoS and DDoS attacks deeply, is to simulate a DDoS defense system using a “pseudo-random port-hopping”” approach (called HOPERAA and BIG WHEEL algorithm) using ns-2, and analyze its performance under different circumstances. This “port hopping” approach is based on the work developed in [5]. The idea of this approach is to implement a solution capable of establishing a communication among the involved parties as well as hoping in a synchronized manner from port to port. The analysis and evaluations performed in this dissertation include the overhead created by implementing the defense algorithm in a network under different defined conditions. Also the algorithms‟ behavior has been studied under variable clock drifts between the parties in the network. Simulating and analyzing the performance of these algorithms showed that this defense method behaves as expected and the results are consistent with the description given in [5].



Publikationen registrerades 2010-06-03. Den ändrades senast 2013-04-04

CPL ID: 122264

Detta är en tjänst från Chalmers bibliotek