DDoS attacks traffic and flash crowds traffic simulation with a hardware test center platform

Jie Wang, Raphael C.W. Phan, John N. Whitley, David J. Parish

Research output: Chapter in Book/Report/Conference proceedingConference PaperResearchpeer-review

3 Citations (Scopus)

Abstract

DDoS attacks are one of the top security problems affecting networks and disrupting services to legitimate users. The first vital step in dealing with this problem is the network's ability to detect such attacks. To that end, it is important that an intrusion detection mechanism be able to differentiate between real DDoS traffic and Flash Crowds traffic, the latter of which constitutes sudden bursts of legitimate network activity. To train and analyze detection mechanisms, researchers typically simulate the DDoS traffic in the testbed; while for Flash Crowds, most researchers replay the web server captures obtained from third parties. This paper proposes the design of a special testbed-based simulation method with Spirent Test Center hardware platform, to simulate both DDoS traffic and Flash Crowds traffic. We give empirical results, including the simulation of four kinds of DDoS traffic including UDP Flooding attack, ICMP Flooding attack, TCP SYN Flooding attack and App-DDoS attack.

Original languageEnglish
Title of host publicationWorld Congress on Internet Security, WorldCIS-2011
PublisherIEEE, Institute of Electrical and Electronics Engineers
Pages15-20
Number of pages6
ISBN (Print)9780956426376
DOIs
Publication statusPublished - 2011
Externally publishedYes
EventWorld Congress on Internet Security 2011 - London, United Kingdom
Duration: 21 Feb 201123 Feb 2011
https://ieeexplore.ieee.org/xpl/conhome/5743110/proceeding (Proceedings)

Conference

ConferenceWorld Congress on Internet Security 2011
Abbreviated titleWorldCIS 2011
Country/TerritoryUnited Kingdom
CityLondon
Period21/02/1123/02/11
Internet address

Cite this