USING GRAPHIC NETWORK SIMULATOR 3 FOR DDOS ATTACKS SIMULATION
Keywords:GNS3, DDoS attack, network simulator
AbstractDistributed Denial of Service (DDoS) attacks are still one of the major cybersecurity threats and the focus of much research on developing DDoS attack mitigation and detection techniques. Being able to model DDoS attacks can help researchers develop effective countermeasures. Modeling DDoS attacks, however, is not an easy task because modern DDoS attacks are huge and simulating them would be impossible in most cases. That’s why researchers use tools like network simulators for modeling DDoS attacks. Simulation is a widely used technique in networking research, but it has suffered a loss of credibility in recent years because of doubts about its reliability. In our previous works we used discrete event simulators to simulate DDoS attacks, but our results were often different from real results. In this paper, we apply our approach and use Graphical Network Simulator-3(GNS3) to simulate an HTTP server’s performance in a typical enterprise network under DDoS attack. Also, we provide references to related work.
M. Mazurek, P. Dymora, “Network anomaly detection based on the statistical selfsimilarity factor for HTTP protocol,” Przeglad elektrotechniczny, Issue 1, pp. 127-130, 2014.
T. Peng, C. Leckie, R. Kotagiri, “Proactively detecting DDoS attack using source IP address monitoring,” in Proceedings of the International Conference on Networking 2004, Athens, Greece, May 9-14, 2004, pp. 771-783.
M. Y. Su, G. J. Yu, C. Y. Lin, “A real-time network intrusion detection system for large-scale attacks based on an incremental mining approach,” Communication Computers & Security, Vol. 28, Issue 5, pp. 301-309, 2009.
D. Mahajan, M. Sachdeva, “DDoS attack prevention and mitigation techniques,” International Journal of Computer Applications, Vol. 67, Issue 19, pp. 21-24, 2013.
S.R.S. Rao, Denial of Service attacks and mitigation techniques: Real time implementation with detailed analysis, The SANS Institute, Essex, 2011, 57 p.
N. Z. Bawany, J. A. Shamsi, K. Salah, “DDoS attack detection and mitigation using SDN: Methods, practices, and solutions,” Arabian Journal for Science and Engineering, Vol. 42, Issue 2, pp. 425-441, 2017.
M. Sung, J. Xu, “IP traceback-based intelligent packet filtering: a novel technique for defending against Internet DDoS attacks,” IEEE Transactions on Parallel and Distributed Systems, Vol. 14, Issue 9, pp. 861-872, 2003.
X.-J. Wang, X.-Y. Wang, “Topology assisted deterministic packet marking for IP traceback,” The Journal of China Universities of Posts and Telecommunications, Vol. 17, Issue 2, pp. 116-121, 2010.
A. Balyk, U. Iatsykovska, M. Karpinski, Y. Khokhlachova, A. Shaikhanova, L. Korkishko, “A survey of modern IP traceback methodologies,” in Proceedings of the 2015 IEEE 8th International Conference on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications, (IDAACS’2015), Warsaw, Poland, September 24–26, 2015, Vol. 1, pp. 484-488.
I. Kotenko, Agent-Based Modelling and Simulation of Network Cyber-Attacks and Co-operative Defence Mechanisms, in: Aitor Goti (Eds.), Discrete Event Simulations, Sciyo, Rijeka, 2010, pp. 223-246.
S. Bezobrazov, A. Sachenko, M. Komar, V. Rubanau, “The methods of artificial intelligence for malicious applications detection in Android OS,” International Journal of Computing, Vol. 15, Issue 3, pp. 184-190, 2016.
I.V. Kotenko, A.A. Chechulin, “A cyber attack modeling and impact assessment framework,” in Proceedings of the 5th International Conference on Cyber Conflict 2013 (CyCon 2013), Tallinn, Estonia, June 5, 2013, pp. 119-142.
G. F. Lucio, M. Paredes-Farrera, E. Jammeh, M. Fleury, M. J. Reed, “OPNET-modeler and NS-2: Comparing the accuracy of network simulators for packet-level analysis using a network testbed,” in Proceedings of the 3rd WEAS International Conference on Simulation, Modelling and Optimization (ICOSMO 2003), Singapore, December 5-7, 2003, Vol. 2, pp. 700-707.
A. Rachedi, S. Lohier, S. Cherrier, I. Salhi, “Wireless network simulators relevance compared to a real testbed in outdoor and indoor environments,” International Journal of Autonomous and Adaptive Communications Systems, Vol. 55, Issue 1, pp. 88-101, 2012.
A. Balyk, “A survey of the main approaches for DDoS attack simulation,” in Proceedings of the 2016 International Conference Information Protection and Security of Information Systems, Lviv, Ukraine, June 02-03, 2016, pp. 54-55. (in Ukrainian)
A. Balyk, M. Karpinski “Using riverbed modeler for DDoS attack simulation,” in Proceedings of the IV International Conference for students and PhD students engineer of XXI century, Bielsko-Biala, Poland, December 02, 2016, pp. 53-58.
E. Weingärtner, H. Vom Lehn, K. Wehrle, “A performance comparison of recent network simulators,” in Proceedings of the 2009 IEEE International Conference on Communications, Dresden, Germany, June 14-18, 2009, pp. 1287-1291.
M. H. Kabir, S. Islam, J. Hossain, S. Hossain, “Detail comparison of network simulators,” International Journal of Scientific & Engineering Research, Vol. 5, Issue 10, pp. 203-218, 2014.
J.N. Davies, P. Comerford, V. Grout, M.V. Verovko, S.S. Stasiuk, “Comparison of network simulators in IP networks,” Journal Mathematical Machines and Systems, Issue 4, pp. 3-11, 2014. (in Ukrainian)
J. Singh, K. Kumar, M. Sachdeva, N. Sidhu, “DDoS attack’s simulation using legitimate and attack real data sets,” International Journal of Scientific & Engineering Research, Vol. 3, Issue 6, pp. 1-5, 2012.
How to Cite
LicenseInternational Journal of Computing is an open access journal. Authors who publish with this journal agree to the following terms:
• Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
• Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
• Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work.