Embed Size (px)
Citation preview
DESIGN AND IMPLEMENTATION OF A DDOS TESTBED
SUBMITTED TO: SUBMITTED BY: DR. KRISHAN SALUJA JATIN SINGH
Contents1. About Internet Malware2. Introduction to Dos/DDoS3. Architecture of DDoS4. Motivation5. Experimental techniques6. Graph7. Comparison b/w Experimental techniques8. Real time testbed9. Hardware and Software used10.CORE11. Tools used in this project12.Future Scope
Internet Malware
▪ Viruses
▪ Worms
▪ Trojan Horse
▪ DoS
▪ DDoS
▪ Phishing
DEFINING DOS/DDOS
Denial of service attack(DoS) is an intentional attempt by malicious users / attackers to completely disrupt or degrade availability of service / resource to legitimate / authorized users.
Distributed denial of service attack(DDoS) is a well coordinated attack on the availability of services of a given target system or network that is launched indirectly through many compromised computing systems by sending a stream of Useless traffic meant to explode victim / network resources.
DDOS Attack Architecture
MOTIVATION BEHIND THE INCREASING DDOS ATTACKS
Name and Fame amongst attackers communityFinancial ProfitPolitical RevengeEasy and free availability of user friendly attack toolsBusiness Competitors
1.Mathematical models2.Simulation models3.Emulation models4.Real time
Experimental techniques
EXPERIMENTAL TECHNIQUES
Comparison b/w Experimental techniques
▪ Mathematical model
▪ Simulated model ▪ Emulated model
• Models for OS, APPs, Platforms and Conditions
• Models for Key OS , Mechanisms , Algorithms , Kernel Apps
• Virtual Platforms• Synthetic conditions
• Real Apps• Real Platforms• Real OS• Synthetic
Conditions
• Real time model
• Real OS• Real Apps• Real Platforms• Real Conditions
Real time testbed
HARDWARE AND SOFTWARE USED
HARDWARE1. D-LINK 2800 SERIES
ROUTER2. D-LINK L2,L3 SWITCHES3. DESKTOPS INSTALLED WITH
UBUNUTU 14.04
SOFTWARE1. APACHE WEB SERVER2. SNIFFER- WIRESHARK3. EMULATOR- CORE ,NS-34. TOOLS USED- HULK,HTTP
FLOODER, HPING3,CORAL REEF5. OS- UBUNTU 14.04
CORE
Abbreviated as Common Open Research Emulator.The CORE project provides an iso image called VCORE than
can run in Virtual Box.The file used for running is very large almost 600
megabytes. CORE can also be run on a virtual machine on PC or laptop.
Start Screen of CORE
Drag nodes
ASSIGN IPv4 Addresses
Start the topology
lTools and flooder used in topology to generate Trafficooder used in topology to generate traffic
1. HULK
Unique pattern is generated at each and every request, with the intention of increasing the load on the servers as well as evading any intrusion detection and prevention systems.
Uses User Agent Strings to trick Webserver. Have capability to bypass captcha validation.
2. SLOWRIS
A Slow Loris attack waits for sockets to be released by legitimate requests before consuming them one by one.
Slow Loris sends subsequent HTTP headers for each request, but never actually completes the request. Ultimately, the targeted server’s maximum concurrent connection pool is filled, and additional (legitimate) connection attempts are denied.
CONTINUED….
3. HTTP FLODDER
Python based tool Generate application layer traffic(HTTP traffic) Uses multiple threading to open multiple connection to target node Capability to spoof IP addresses
4. D-ITG(Distributed Internet Traffic Generator)
Accepted World Wide as legitimate traffic generator Supports generation of VoIP , Game (Counter Strike & Quake 3)traffic. Capable of generating traffic patterns similar to that of flash traffic. Highly customizable can explicitly specify packet size , Inter-Departure Time ….
Future Scope of our Project
Detect and defend of DDOS attack Impact measure(response time ,throughput ,transaction rate) Different type of attack can be launched( ICMP , HTTP, UDP ,
TCP, SYN )
THANK YOU
Any Queries….
