1
DDoS Attack on GENI Ilker Ozcelik and Richard Brooks* Clemson University Detecting a DDoS Attack is not the solution for Internet security. After gaining better knowledge of DDoS Attacks, and detection methods, we will look for ways to develop countermeasures to eventually make networks immune to DDoS Attacks. Abstract Research Objectives Our study has four goals; Obtaining time series from real Internet data for future experiments. Testing Openflow slice isolation. Testing detection schemes using real background traffic. Verifying necessary DDoS attack traffic equation. Fig 1. DDoS Attack Use of Glab/GENI Infrastructure In our experiments we will use openflow switches, end nodes and NetFPGAs on Clemson University Network. After getting results from our initial tests on campus we are planning to scale the experiments on GENI. Future Work Experiments In our experiments we will use two openflow enabled switches to manage the network traffic and two NetFPGA to collect data. In the first step of the experiment we will collect the number of packet and volume information from campus internet traffic to use as background traffic in future experiments. Researchers have been using the synthetic network traffic to justify their detection algorithms. In the second step of our experiment, we will use the realistic background traffic, and test the effectiveness of the theoretical DDoS detection algorithms. 1 st DFG/GENI Doctoral Consortium, San Juan, PR March 13 th -15 th , 2011 In today’s world the Internet is an environment where people not only communicate but also share knowledge, do business, attend school, and even socialize. As a result of growing dependence on the Internet, one of the biggest concerns of Internet users is security. Unfortunately, the number of security incidents increases exponentially every year. A Distributed Denial-of-Service attack (DDoS attack) disables network services to legitimate users by flooding them. The recent attacks on trusted financial websites, Mastercard and PayPal, are an example of the need for security against DDoS attacks. One of the major problems with Distributed Denial of Service attacks is how difficult it is to detect the source of the attack, because of the many components involved. In this study, we will obtain the Internet traffic signature to use as background traffic in future experiments. By using the real background traffic we will investigate the effectiveness of theoretical DDoS Attack detection techniques on GENI. We will also evaluate the equation of Necessary Traffic for DDoS Attack proposed by Dingankar and Brooks. Fig 4. Experiment Sets Fig 2. Max-flow and min-cut for directed graph Fig 3. Live and Synthetic Packet Time Series It is important to understand the requirements of a DoS attack in order to come up with effective countermeasure methods. It is evident that sending more packets than min-cut of the network can handle, cripples the network. Based on this idea, in the final step of our experiment, we will evaluate the equation of the Necessary Traffic for DDoS Attack proposed by Dingankar and Brooks.

DDoS Attack on GENI

  • Upload
    pomona

  • View
    219

  • Download
    0

Embed Size (px)

DESCRIPTION

DDoS Attack on GENI. 1 st DFG/GENI Doctoral Consortium, San Juan, PR March 13 th -15 th , 2011. Ilker Ozcelik and Richard Brooks* Clemson University. Abstract. Research Objectives Our study has four goals; Obtaining time series from real Internet data for future experiments. - PowerPoint PPT Presentation

Citation preview

Page 1: DDoS Attack on GENI

DDoS Attack on GENI

Ilker Ozcelik and Richard Brooks*Clemson University

Detecting a DDoS Attack is not the solution for Internet security. After gaining better knowledge of DDoS Attacks, and detection methods, we will look for ways to develop countermeasures to eventually make networks immune to DDoS Attacks.

Abstract Research Objectives

Our study has four goals;

• Obtaining time series from real Internet data for future experiments.

• Testing Openflow slice isolation.

• Testing detection schemes using real background traffic.

• Verifying necessary DDoS attack traffic equation.

Fig 1. DDoS Attack

Use of Glab/GENI Infrastructure

In our experiments we will use openflow switches, end nodes and NetFPGAs on Clemson University Network. After getting results from our initial tests on campus we are planning to scale the experiments on GENI.

Future Work

Experiments

In our experiments we will use two openflow enabled switches to manage the network traffic and two NetFPGA to collect data. In the first step of the experiment we will collect the number of packet and volume information from campus internet traffic to use as background traffic in future experiments.

Researchers have been using the synthetic network traffic to justify their detection algorithms. In the second step of our experiment, we will use the realistic background traffic, and test the effectiveness of the theoretical DDoS detection algorithms.

1st DFG/GENI Doctoral Consortium,

San Juan, PRMarch 13th-15th, 2011

In today’s world the Internet is an environment where people not only communicate but also share knowledge, do business, attend school, and even socialize. As a result of growing dependence on the Internet, one of the biggest concerns of Internet users is security. Unfortunately, the number of security incidents increases exponentially every year.A Distributed Denial-of-Service attack (DDoS attack) disables network services to legitimate users by flooding them. The recent attacks on trusted financial websites, Mastercard and PayPal, are an example of the need for security against DDoS attacks. One of the major problems with Distributed Denial of Service attacks is how difficult it is to detect the source of the attack, because of the many components involved. In this study, we will obtain the Internet traffic signature to use as background traffic in future experiments. By using the real background traffic we will investigate the effectiveness of theoretical DDoS Attack detection techniques on GENI. We will also evaluate the equation of Necessary Traffic for DDoS Attack proposed by Dingankar and Brooks.

Fig 4. Experiment Sets

Fig 2. Max-flow and min-cut for directed graph

Fig 3. Live and Synthetic Packet Time Series

It is important to understand the requirements of a DoS attack in order to come up with effective countermeasure methods. It is evident that sending more packets than min-cut of the network can handle, cripples the network. Based on this idea, in the final step of our experiment, we will evaluate the equation of the Necessary Traffic for DDoS Attack proposed by Dingankar and Brooks.

Attack Spotlight: Multi-vector DDoS Attacks

Attack Spotlight: Multi-vector DDoS Attacks

Technology
Our My first DDoS attack - O'Reilly Mediaassets.en.oreilly.com/1/event/74/Our First DDoS attack Presentation... · Our My first DDoS attack ... my base_packages puppet module class

Our My first DDoS attack - O'Reilly Mediaassets.en.oreilly.com/1/event/74/Our First DDoS attack Presentation... · Our My first DDoS attack ... my base_packages puppet module class

Documents
Mitigating DDoS attack leveraging AWS environment

Mitigating DDoS attack leveraging AWS environment

Technology
CDNetworks Q2 2017 DDoS Attack Trends Report Attack... · CDNetworks Q2 2017 DDoS Attack Trends Report ... hacking group “Armada Collective ... attacks were included in addition

CDNetworks Q2 2017 DDoS Attack Trends Report Attack... · CDNetworks Q2 2017 DDoS Attack Trends Report ... hacking group “Armada Collective ... attacks were included in addition

Documents
Ddos attack definitivo

Ddos attack definitivo

Technology
DDoS Attack Traceback and Beyond

DDoS Attack Traceback and Beyond

Documents
How to Mitigate DDoS Attack?

How to Mitigate DDoS Attack?

Technology
A Taxonomy of DDoS Attack and DDoS Defense Mechanisms

A Taxonomy of DDoS Attack and DDoS Defense Mechanisms

Documents
DDoS Attack Detection & Mitigation in SDN

DDoS Attack Detection & Mitigation in SDN

Engineering
DDOS WEAPONS & ATTACK VECTORS - A10 Networks

DDOS WEAPONS & ATTACK VECTORS - A10 Networks

Documents
ATLAS Q3 2014 DDoS Attack Trends

ATLAS Q3 2014 DDoS Attack Trends

Technology
Protecting Web Services from DDOS Attack

Protecting Web Services from DDOS Attack

Investor Relations
Under DDoS Attack?

Under DDoS Attack?

Education
21984417 DDOS Attack Tools

21984417 DDOS Attack Tools

Documents
Velocity 2011 - Our first DDoS attack

Velocity 2011 - Our first DDoS attack

Technology
Breaking the DDoS Attack Chain

Breaking the DDoS Attack Chain

Documents
DDoS Attack Preparation and Mitigation

DDoS Attack Preparation and Mitigation

Technology
SNMP Reflected Amplification DDoS Attack Mitigation

SNMP Reflected Amplification DDoS Attack Mitigation

Documents
Attack Profiling for Ddos - Thesis

Attack Profiling for Ddos - Thesis

Documents
DNS DDoS Attack and Risk

DNS DDoS Attack and Risk

Technology
Cyber Attack Analysis : Part I DDoS

Cyber Attack Analysis : Part I DDoS

Documents
26. a Taxonomy of Ddos Attack and Ddos Defense Mechanisms

26. a Taxonomy of Ddos Attack and Ddos Defense Mechanisms

Documents
Ddos attack with_tcp_syn_flooding

Ddos attack with_tcp_syn_flooding

Documents
F5 Silverline DDoS Protection | F5 Product Datasheet€¦ · using real-time, DDoS attack detection and mitigation in the cloud. Protect against all DDoS attack vectors Engineered

F5 Silverline DDoS Protection | F5 Product Datasheet€¦ · using real-time, DDoS attack detection and mitigation in the cloud. Protect against all DDoS attack vectors Engineered

Documents
DDoS Attacks Against Global Markets DDoS Cyber-Attack Prolexic PPT PDF

DDoS Attacks Against Global Markets DDoS Cyber-Attack Prolexic PPT PDF

Documents
DDoS Attack Mitigation Guide FortiDDoS

DDoS Attack Mitigation Guide FortiDDoS

Documents
AKAMAI WHITE PAPER Making a DDoS Protection Plan 8 Best ... · What to Expect from a DDoS attack 1 What to Expect under DDoS Attack: Panic 1 How the DDoS Attack Landscape has Changed

AKAMAI WHITE PAPER Making a DDoS Protection Plan 8 Best ... · What to Expect from a DDoS attack 1 What to Expect under DDoS Attack: Panic 1 How the DDoS Attack Landscape has Changed

Documents
Radware DoS / DDoS Attack Mitigation System

Radware DoS / DDoS Attack Mitigation System

Documents
Lecture 29: Bots, Botnets, DDoS Attacks, and DDoS Attack ...Delivery Networks (CDN) for DDoS Attack Mitigation 29.7.2 DDoS Attack Mitigation with Manual 65 Reconfiguration of BGP

Lecture 29: Bots, Botnets, DDoS Attacks, and DDoS Attack ...Delivery Networks (CDN) for DDoS Attack Mitigation 29.7.2 DDoS Attack Mitigation with Manual 65 Reconfiguration of BGP

Documents
Ddos ve bootnet Attack

Ddos ve bootnet Attack

Documents