Distributed Denial of Service (DDoS) attacks are performed from multiple agents towards a single victim. Essentially, all attacking agents generate multiple packets towards the victim to overwhelm it with requests, th...Distributed Denial of Service (DDoS) attacks are performed from multiple agents towards a single victim. Essentially, all attacking agents generate multiple packets towards the victim to overwhelm it with requests, thereby overloading the resources of the victim. Since it is very complex and expensive to conduct a real DDoS attack, most organizations and researchers result in using simulations to mimic an actual attack. The researchers come up with diverse algorithms and mechanisms for attack detection and prevention. Further, simulation is good practice for determining the efficacy of an intrusive detective measure against DDoS attacks. However, some mechanisms are ineffective and thus not applied in real life attacks. Nowadays, DDoS attack has become more complex and modern for most IDS to detect. Adjustable and configurable traffic generator is becoming more and more important. This paper first details the available datasets that scholars use for DDoS attack detection. The paper further depicts the a few tools that exist freely and commercially for use in the simulation programs of DDoS attacks. In addition, a traffic generator for normal and different types of DDoS attack has been developed. The aim of the paper is to simulate a cloud environment by OMNET++ simulation tool, with different DDoS attack types. Generation normal and attack traffic can be useful to evaluate developing IDS for DDoS attacks detection. Moreover, the result traffic can be useful to test an effective algorithm, techniques and procedures of DDoS attacks.展开更多
A Distributed Denial of Service Attack (DDoS) is an attack in which multiple systems compromised by a Trojan are maliciously used to target a single system. The attack leads to the denial of a certain service on the t...A Distributed Denial of Service Attack (DDoS) is an attack in which multiple systems compromised by a Trojan are maliciously used to target a single system. The attack leads to the denial of a certain service on the target system. In a DDoS attack, both the target system and the systems used to perform the attack are all victims of the attack. The compromised systems are also called Botnets. These attacks occur on networked systems, among them the cloud computing facet. Scholars have tried coming up with separate mechanisms for detecting and preventing such attacks long before they occur. However, as technology progresses in advancement so do the attack mechanisms. In cloud computing, security issues affect various stakeholders who plan on cloud adoption. DDoS attacks are such serious concerns that require mitigation in the cloud. This paper presents a survey of the various mechanisms, both traditional and modern, that are applied in detecting cloud-based DDoS attacks.展开更多
文摘Distributed Denial of Service (DDoS) attacks are performed from multiple agents towards a single victim. Essentially, all attacking agents generate multiple packets towards the victim to overwhelm it with requests, thereby overloading the resources of the victim. Since it is very complex and expensive to conduct a real DDoS attack, most organizations and researchers result in using simulations to mimic an actual attack. The researchers come up with diverse algorithms and mechanisms for attack detection and prevention. Further, simulation is good practice for determining the efficacy of an intrusive detective measure against DDoS attacks. However, some mechanisms are ineffective and thus not applied in real life attacks. Nowadays, DDoS attack has become more complex and modern for most IDS to detect. Adjustable and configurable traffic generator is becoming more and more important. This paper first details the available datasets that scholars use for DDoS attack detection. The paper further depicts the a few tools that exist freely and commercially for use in the simulation programs of DDoS attacks. In addition, a traffic generator for normal and different types of DDoS attack has been developed. The aim of the paper is to simulate a cloud environment by OMNET++ simulation tool, with different DDoS attack types. Generation normal and attack traffic can be useful to evaluate developing IDS for DDoS attacks detection. Moreover, the result traffic can be useful to test an effective algorithm, techniques and procedures of DDoS attacks.
文摘A Distributed Denial of Service Attack (DDoS) is an attack in which multiple systems compromised by a Trojan are maliciously used to target a single system. The attack leads to the denial of a certain service on the target system. In a DDoS attack, both the target system and the systems used to perform the attack are all victims of the attack. The compromised systems are also called Botnets. These attacks occur on networked systems, among them the cloud computing facet. Scholars have tried coming up with separate mechanisms for detecting and preventing such attacks long before they occur. However, as technology progresses in advancement so do the attack mechanisms. In cloud computing, security issues affect various stakeholders who plan on cloud adoption. DDoS attacks are such serious concerns that require mitigation in the cloud. This paper presents a survey of the various mechanisms, both traditional and modern, that are applied in detecting cloud-based DDoS attacks.
