Modelling and simulation of DDOS Attack using SimEvents

Abubakar Bala¹ , Yahya Osais²

Section:Research Paper, Product Type: Journal
Vol.1 , Issue.2 , pp.5-14, Jun-2013

Online published on Jun 30, 2013

Copyright © Abubakar Bala , Yahya Osais . This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
 

View this paper at   Google Scholar | DPI Digital Library

XML View     PDF Download

How to Cite this Paper

Abstract :
At the beginning of the 21st century, a new form of denial of service (DoS) attack emerged which is the Distributed DoS (DDoS). This new form of attack was launched on huge number of prominent websites such as yahoo, e-bay, Amazon, and buy.com, resulting in tremendous financial loses. DDoS attack has continued to increase over the years due to the rapid increase in internet users. Moreover, even more alarming is the fact that developers of DDoS tools have assumed unprecedented sophistication in their design methods, thus making their attacks highly destructive and undetectable. As a result of these reason and many others, researchers have focused their attention on the study of this new method of attack, they are particularly interested in studying its evolution, and with this knowledge they are being able to design anti-DDoS tools in order to prevent networks from falling into the clutches of DDoS attack. In this research work, a DDoS attack is simulated using MATLAB’s SimEvents, with the aim of finding the quantitative measure of its effect on the victim, experiments conducted in this study show that the server is scarcely utilized in its normal working condi-tions thus having high availability and low average utilization since it accepts requests only from legitimate clients. However, as the attacker launches an attack on the server, its utilization increases sharply and thus resulting in decrease in availability, this is because the server is flooded with illegal requests from the attacker as well as zombies from within the network domain. Additional study reveals that when a warm-up phase is added to the simulation of the server failure, the utilization suddenly increases due to the fact that the attacker seizes the opportunity of the slow recovery of the server to further overwhelm it and eventually push it into saturation.

Key-Words / Index Term :
Modelling, simulation, DDoS, DoS, SimEvents, MATLAB

References :
[1] A. Noureldien, “Protecting web servers from dos/ddos flooding attacks. a technical overview,� in International Conference on Web-Management for International Organisations. Proceedings. Geneva, 2002.
[2] I. Kotenko and A. Ulanov, “Simulation of internet ddos attacks and defense,� in Information Security, pp. 327–342, Springer, 2006.
[3] I. Kotenko, A. Alexeev, and E. Man’kov, “Formal framework for model-ing and simulation of ddos attacks based on teamwork of hackers-agents,� in Intelligent Agent Technology, 2003. IAT 2003. IEEE/WIC International Conference on, pp. 507–510, IEEE, 2003.
[4] L. Li and G. Lee, “Ddos attack detection and wavelets,� Telecommunica-tion Systems, vol. 28, no. 3-4, pp. 435–451, 2005.
[5] J. Ryan, M.-J. Lin, and R. Miikkulainen, “Intrusion detection with neural networks,� in Advances in neural information processing systems, pp. 943–949, MORGAN KAUFMANN PUBLISHERS, 1998.
[6] G. Khazan and M. A. Azgomi, “A distributed attack simulation for quan-titative security evaluation using SimEvents,� in Computer Systems and Applications, 2009. AICCSA 2009. IEEE/ACS International Conference on, pp. 382–385, IEEE, 2009.
[7] Mathworks,“Simevents,http://www.mathworks.com/help/simevents/release-notes.html.�