Arquitetura de um Simulador em Larga em Escala de Ataques Distribuídos de Negação de Serviço
Abstract
Distributed denial of service attacks are characterized by a coordinated action of a huge number of hosts that aims to overload a target system, compromising its availability. These attacks are neither based on software vulnerabilities nor on security architecture flaws. Instead, they are mainly based on the overload caused by an extremely large numbers of attackers. In this way, distributed denial of service attacks are among the hardest attacks to prevent, detect and respond. In the present work, we present a distributed denial of service attacks simulator that is able to reproduce a large variety of attack scenarios, which allows the characterization of networks and hosts resistance against such attacks.
References
BBC News, (2000), Yahoo attack exposes web weakness, http://news.bbc.co.uk/2/hi/science/nature/635444.stm.
Birsan, D., (2005), "On plug-ins and extensible architectures", Queue, v. 3, n. 2, p. 40–46.
Charalampos Z. Patrikakis, M. M., (2004), "Distributed Denial of Service Attacks", Internet Protocol Journal, v. 7, n. 4, p. 13–35.
CNET News, (1998), “Smurf” attack hits Minnesota, http://news.cnet.com/Smurfattack-hits-Minnesota/2100-1001_3-209209.html.
Collberg, C. S., Thomborson, C., (2002), "Watermarking, Tamper-proffing, and Obfuscation: Tools for Software Protection", IEEE Trans. Softw. Eng., v. 28, n. 8 (Aug.), p. 735–746.
Dalla Preda, M., Giacobazzi, R., (2009), "Semantics-based Code Obfuscation by Abstract Interpretation", J. Comput. Secur., v. 17, n. 6 (Dec.), p. 855–908.
Jelena Mirkovic, (2014), DDoS Benchmarks, http://www.isi.edu/~mirkovic/bench.
Leiderman, (2013), Justice for the PayPal WikiLeaks protesters: why DDoS is free speech, http://www.theguardian.com/commentisfree/2013/jan/22/paypalwikileaks-protesters-ddos-free-speech.
Li, D., Hu, Y., Hu, X., Ling, H., (2009), "Self-Checking Tamper-Proofing Based on Software Behavior Model". In: Fourth International Conference on Frontier of Computer Science and Technology, 2009. FCST ’09, p. 639–643
Mirkovic, J., Reiher, P., (2004), "A Taxonomy of DDoS Attack and DDoS Defense Mechanisms", SIGCOMM Comput. Commun. Rev., v. 34, n. 2 (Apr.), p. 39–53.
Paxson, V., (2001), "An Analysis of Using Reflectors for Distributed Denial-of-service Attacks", SIGCOMM Comput. Commun. Rev., v. 31, n. 3 (Jul.), p. 38–47.
Radware, (2013), DDoS Survival Handbook, http://security.radware.com/uploadedFiles/Resources_and_Content/DDoS_Handbook/DDoS_Handbook.pdf.
Stankovic, J., Wood, A., (2004), "A Taxonomy for Denial-of-Service Attacks in Wireless Sensor Networks", In: Ilyas, M., Mahgoub, I. [eds.] (eds), Handbook of Sensor Networks, CRC Press
Yu, S., Zhou, W., Doss, R., Jia, W., (2011), "Traceback of DDoS Attacks Using Entropy Variations", IEEE Transactions on Parallel and Distributed Systems, v. 22, n. 3 (Mar.), p. 412–425.
Birsan, D., (2005), "On plug-ins and extensible architectures", Queue, v. 3, n. 2, p. 40–46.
Charalampos Z. Patrikakis, M. M., (2004), "Distributed Denial of Service Attacks", Internet Protocol Journal, v. 7, n. 4, p. 13–35.
CNET News, (1998), “Smurf” attack hits Minnesota, http://news.cnet.com/Smurfattack-hits-Minnesota/2100-1001_3-209209.html.
Collberg, C. S., Thomborson, C., (2002), "Watermarking, Tamper-proffing, and Obfuscation: Tools for Software Protection", IEEE Trans. Softw. Eng., v. 28, n. 8 (Aug.), p. 735–746.
Dalla Preda, M., Giacobazzi, R., (2009), "Semantics-based Code Obfuscation by Abstract Interpretation", J. Comput. Secur., v. 17, n. 6 (Dec.), p. 855–908.
Jelena Mirkovic, (2014), DDoS Benchmarks, http://www.isi.edu/~mirkovic/bench.
Leiderman, (2013), Justice for the PayPal WikiLeaks protesters: why DDoS is free speech, http://www.theguardian.com/commentisfree/2013/jan/22/paypalwikileaks-protesters-ddos-free-speech.
Li, D., Hu, Y., Hu, X., Ling, H., (2009), "Self-Checking Tamper-Proofing Based on Software Behavior Model". In: Fourth International Conference on Frontier of Computer Science and Technology, 2009. FCST ’09, p. 639–643
Mirkovic, J., Reiher, P., (2004), "A Taxonomy of DDoS Attack and DDoS Defense Mechanisms", SIGCOMM Comput. Commun. Rev., v. 34, n. 2 (Apr.), p. 39–53.
Paxson, V., (2001), "An Analysis of Using Reflectors for Distributed Denial-of-service Attacks", SIGCOMM Comput. Commun. Rev., v. 31, n. 3 (Jul.), p. 38–47.
Radware, (2013), DDoS Survival Handbook, http://security.radware.com/uploadedFiles/Resources_and_Content/DDoS_Handbook/DDoS_Handbook.pdf.
Stankovic, J., Wood, A., (2004), "A Taxonomy for Denial-of-Service Attacks in Wireless Sensor Networks", In: Ilyas, M., Mahgoub, I. [eds.] (eds), Handbook of Sensor Networks, CRC Press
Yu, S., Zhou, W., Doss, R., Jia, W., (2011), "Traceback of DDoS Attacks Using Entropy Variations", IEEE Transactions on Parallel and Distributed Systems, v. 22, n. 3 (Mar.), p. 412–425.
Published
2014-07-28
How to Cite
MACHADO, Raphael; SANTOS, Matheus; SOARES, Henrique; OGASAWARA, Eduardo; DAVID, Fabio; SOARES, Rafael; GUIMARÃES, Bruno.
Arquitetura de um Simulador em Larga em Escala de Ataques Distribuídos de Negação de Serviço. In: INTEGRATED SOFTWARE AND HARDWARE SEMINAR (SEMISH), 41. , 2014, Brasília.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2014
.
p. 72-83.
ISSN 2595-6205.
