Abstract
DDoS attacks are one of the top security problems affecting networks and disrupting services to legitimate users. The first vital step in dealing with this problem is the network's ability to detect such attacks. To that end, it is important that an intrusion detection mechanism be able to differentiate between real DDoS traffic and Flash Crowds traffic, the latter of which constitutes sudden bursts of legitimate network activity. To train and analyze detection mechanisms, researchers typically simulate the DDoS traffic in the testbed; while for Flash Crowds, most researchers replay the web server captures obtained from third parties. This paper proposes the design of a special testbed-based simulation method with Spirent Test Center hardware platform, to simulate both DDoS traffic and Flash Crowds traffic. We give empirical results, including the simulation of four kinds of DDoS traffic including UDP Flooding attack, ICMP Flooding attack, TCP SYN Flooding attack and App-DDoS attack.
Original language | English |
---|---|
Title of host publication | World Congress on Internet Security, WorldCIS-2011 |
Publisher | IEEE, Institute of Electrical and Electronics Engineers |
Pages | 15-20 |
Number of pages | 6 |
ISBN (Print) | 9780956426376 |
DOIs | |
Publication status | Published - 2011 |
Externally published | Yes |
Event | World Congress on Internet Security 2011 - London, United Kingdom Duration: 21 Feb 2011 → 23 Feb 2011 https://ieeexplore.ieee.org/xpl/conhome/5743110/proceeding (Proceedings) |
Conference
Conference | World Congress on Internet Security 2011 |
---|---|
Abbreviated title | WorldCIS 2011 |
Country/Territory | United Kingdom |
City | London |
Period | 21/02/11 → 23/02/11 |
Internet address |