Simulation of Internet DDoS Attacks and Defense

  title={Simulation of Internet DDoS Attacks and Defense},
  author={Igor Kotenko and A. V. Ulanov},
  booktitle={Information Security Conference},
The paper considers the software simulation tool DDoSSim which has been developed for comprehensive investigation of Internet DDoS attacks and defense mechanisms. [] Key Method The taxonomy of input and output parameters for simulation is outlined. The main DDoSSim components are specified. One of the experiments on protection against DDoS attacks demonstrates some DDoSSim possibilities. We consider different phases of defense operations – learning, decision making and protection, including adaptation to the…

Investigation of Cooperative Defense against DDoS

A new approach and a simulation environment which have been developed for comprehensive investigation of Internet Distributed Denial of Service attacks and defense are considered and several cooperative defense mechanisms against DDoS are evaluated.

Packet Level Simulation of Cooperative Distributed Defense against Internet Attacks

  • Igor KotenkoA. Ulanov
  • Computer Science
    16th Euromicro Conference on Parallel, Distributed and Network-Based Processing (PDP 2008)
  • 2008
The paper outlines a framework and software tool intended for simulation of the Internet attacks and defense mechanisms against them based on packet-level simulation and agent-oriented approach and intended to evaluate and compare different cooperative distributed defense mechanisms.

Multi-agent Framework for Simulation of Adaptive Cooperative Defense Against Internet Attacks

The paper represents the architecture and software implementation of simulation environment that combines discrete-event simulation, multi-agent approach and packet-level simulation of various Internet protocols that allows to simulate complex attack and defense scenarios.

Towards a bayesian network game framework for evaluating DDoS attacks and defense

A non-standard game-theoretic framework that facilitates evaluation of DDoS attacks and defense is proposed, and it is demonstrated that this framework sheds light on the interplay between decision makings of both the attacker and the defender as well as how they affect the outcomes ofDDoS attack and defense games.

Software Environment for Simulation and Evaluation of a Security Operation Center

This paper presents an approach and software simulation environment for comprehensive investigation of the Security Operation Center (SOCBox) system which is in essence an intrusion detection “metasystem”.

DDoS attack isolation using moving target defense

  • Vaishali KansalM. Dave
  • Computer Science
    2017 International Conference on Computing, Communication and Automation (ICCCA)
  • 2017
A moving target defense mechanism that involves isolation of insiders from innocent clients by using attack proxies is proposed with the aim of maximizing attack isolation while minimizing the total number of proxies used.

Modelling and simulation of DDOS Attack using SimEvents

This research work simulates a DDoS attack using MATLAB's SimEvents with the aim of finding the quantitative measure of its effect on the victim, and reveals that when a warm-up phase is added to the simulation of the ser ver failure, the utilization suddenly increases due to the fact that the attacker seizes the opportunity of the slow recover y of the server to further overwhelm it and eventua lly push it into saturation.

Testing a distributed denial of service defence mechanism using red teaming

This paper looks at the the interaction between the attacker and the defender in a Red Team/Blue Team exercise and proposes a quantitative decision framework which is able to provide optimal solutions to defend against well-organized and sophisticated attacks.

Generation of DDoS Attack Dataset for Effective IDS Development and Evaluation

The aim of the paper is to simulate a cloud environment by OMNET++ simulation tool, with different DDoS attack types, to test an effective algorithm, techniques and procedures of DDoS attacks.

Simulating DDOS attacks on the us fiber-optics internet infrastructure

  • Sumeet Kumar
  • Computer Science
    2017 Winter Simulation Conference (WSC)
  • 2017
This research has designed a test-bed that mirrors the Internet infrastructure of the US and can simulate the Internet traffic flow patterns for different attack targets, and estimates the degradation in the quality-of-service and the number of users impacted in two attack scenarios.



An Active Distributed Defense System to Protect Web Applications from DDOS Attacks

According to the simulation experiments, this system is effective in that it is able to defend web applications against attacks, and can avoid overall network congestion and provide more resources to legitimate web users.

A taxonomy of DDoS attack and DDoS defense mechanisms

This paper presents two taxonomies for classifying attacks and defenses in distributed denial-of-service (DDoS) and provides researchers with a better understanding of the problem and the current solution space.

Distributed Defense Against DDoS Attacks

A distributed system for DDoS defense, called DefCOM, which spans source, victim and core networks and cooperate via an overlay to detect and stop attacks, and offers a framework for existing security systems to join the overlay and cooperate in the defense.

Programming routers to improve network secu-rity

A novel approach to deal with Distributed DoS attacks in the Internet is presented, and a model for an Active Security System is proposed, comprising a number of components that actively cooperate in order to effectively react to a wide range of attacks.

SOS: an architecture for mitigating DDoS attacks

This work evaluates the likelihood that an attacker can successfully launch a DoS attack against an SOS-protected network, and demonstrates that such an architecture reduces the likelihood of a successful attack to minuscule levels.

Perimeter-based defense against high bandwidth DDoS attacks

This paper proposes two perimeter-based defense mechanisms for Internet service providers (ISPs) to provide the antiDDoS service to their customers and demonstrates analytically and by simulations that the proposed defense mechanisms react quickly in blocking attack traffic while achieving high survival ratio for legitimate traffic.

Protection from distributed denial of service attacks using history-based IP filtering

This paper introduces a practical scheme to defend against distributed denial of service (DDoS) attacks based on IP source address filtering, and presents several heuristic methods to make the IP address database accurate and robust.

Proactively Detecting Distributed Denial of Service Attacks Using Source IP Address Monitoring

This paper proposes a simple but robust scheme to detect denial of service attacks by monitoring the increase of new IP addresses and demonstrates that with the combination of monitoring per flow speed, this scheme can detect all types of DDoS attacks.

On the effectiveness of route-based packet filtering for distributed DoS attack prevention in power-law internets

This paper describes and evaluates route-based distributed packet filtering (DPF), a novel approach to distributed DoS (DDoS) attack prevention, and shows that DPF achieves proactiveness and scalability, and there is an intimate relationship between the effectiveness of DPF at mitigating DDoS attack and power-law network topology.

An Evaluation of Different IP Traceback Approaches

A comparison between some of the most promising traceback techniques proposed to solve the problem of identifying the sources of a denial of service attack concludes that there are two main disadvantages of the proposed approaches.