Data Traffic Modeling During Global Cyberattacks

Автор: Volodymyr Mosorov, Andrzej Kosowski, Roman Kolodiy, Zenoviy Kharkhalis

Журнал: International Journal of Computer Network and Information Security(IJCNIS) @ijcnis

Статья в выпуске: 11 vol.7, 2015 года.

Бесплатный доступ

The article analyses the possibilities and techniques of modeling global cyber-attacks on an internetwork of small countries. The authors study the Distributed Denial of Service (DDoS) attack against Estonian internetwork, which took place in 2007, in an open-source Nessi2 simulator environment, as DDoS appears to be the most common type of informational attack on resources used todeay. Such a modeling can be replicated with a certain degree of accuracy because the most of powerful attacks have been relatively well-documented. The article covers the most lifelike attack scenarios accomplished by sophisticated modeling of underlying traffic cases. Conclusions drawn from the simulation show that even large-scale DDoS attacks can be successfully modeled using limited resources only. Future research directions, motivated by the research, underlying this article, are highlighted at the end.

Еще

Denial-of-Service attack, network simulator, data traffic, attack modelling, attack scenarios

Короткий адрес: https://sciup.org/15011470

IDR: 15011470

Список литературы Data Traffic Modeling During Global Cyberattacks

  • Xiang Y., Zhou W., Chowdhury M., A Survey of Active and Passive Defence Mechanisms against DDoS Attacks. Technical Report, TR C04/02, School of Information Technology, Deakin University, Australia, March 2004.
  • Specht S. and Lee R., Distributed Denial of Service: Taxonomies of Attacks, Tools, and Countermeasures // Proceedings of the 17th International Conference on Parallel and Distributed Computing Systems, 2004 International Workshop on Security in Parallel and Distributed Systems, 2004 September. – P. 543 – 550.
  • http://dictionary.reference.com/browse/botnet (acc. May, 31, 2014).
  • Host icon by Everaldo Coelho, reposted under GNU Free Documentation License Version 2.1, http://upload.wikimedia.org/wikipedia/commons/thumb/7/77/Computer_n_screen.svg/500px-Computer_n_screen.svg.png (acc. Nov 30, 2013)
  • Server icon by George Shuklin, reposted under GNU Free Documentation License Version 2.1, http://upload.wikimedia.org/wikipedia/commons/7/7c/Server-tower.svg (acc. Nov 30, 2013).
  • http://sourceforge.net/projects/nsnam/files/ (acc. Nov 15, 2013).
  • http://www.isi.edu/nsnam/ns/ (acc. Nov 19, 2013).
  • NS-3 official website, http://www.nsnam.org/ (acc. Nov 19, 2013).
  • Kuhl M., Kistner J., Costantini K., Sudit M., Cyber Attack Modelling and Simulation for Network Security Analysis // Proceedings of the 2007 Winter Simulation Conference P. 1180-1188.
  • Cisco Packet Tracer Datasheet, http://www.cisco.com/web/learning/netacad/course_catalog/docs/ Cisco_PacketTracer_DS.pdf (acc. Nov 19, 2013).
  • http://pcl.cs.ucla.edu/projects/glomosim/ (acc. Nov 19, 2013).
  • SCALABLE Network Technologies home page, http://www.scalable-networks.com/products/qualnet/ (acc. Nov 19, 2013).
  • http://tetcos.com/software.html (acc. Nov 19, 2013).
  • http://www.opnet.com/solutions/network_planning_operations/ (acc. Nov 19, 2013).
  • http://www.ece.gatech.edu/research/labs/MANIACS/GTNetS/feature_set.html (acc. Nov 19, 2013).
  • Karsten Bsufka and Rainer Bye, NeSSi2 Ver. 2.0.0-beta.3 Manual http://www.nessi2.de/fileadmin/Dateien/NeSSi/2.0.0-beta.3/NeSSi2Manual.pdf (acc. Nov 19, 2013).
  • http://www.nessi2.de/ (acc. Nov 16, 2013).
  • This has been changed in the newest version (beta3), where all link types indicate bandwidth [author's note].
  • Cotton, M., Vegoda, L., "Special Use IPv4 Adresses", ICANN, IETF, January 2013, http://tools.ietf.org/html/rfc5735 (acc. Nov 17, 2013)
  • Davis, J., "Hackers take down the most wired country in Europe", Wired Magazine, August 21, 2007, http://www.wired.com/politics/security/magazine/15-09/ff_estonia (acc. Sep, 12 2013).
  • "Facts about e-Estonia", Estonian Informatics Center, http://www.ria.ee/27525 (acc. Sep 30, 2013).
  • Based on Eesti Statistika population statistics, http://pub.stat.ee/px-web.2001/Dialog/varval.asp?ma=Po0291&lang=1 (acc. Nov 19, 2013).
  • Map of municipalities of Estonia (edited) – public domain image, http://commons.wikimedia.org/wiki/File:Estonia_municipalities.png (acc. Nov 21, 2013).
  • Based on Eesti Statistika population statistics, http://pub.stat.ee/px-web.2001/Dialog/varval.asp?ma=PO0222&path=../I_Databas/Population/01Population_indicators_
  • and_composition/04Population_figure_and_composition/&lang=1 (acc. Nov 23, 2013).
  • http://www.stat.ee/main-indicators (acc. Nov 23, 2013).
  • http://www.merlyn.demon.co.uk/critdate.htm (acc. Nov 24, 2013).
  • http://download.oracle.com/javase/6/docs/api/java/lang/System.html#nanoTime%28%29(acc. Nov 24, 2013).
  • http://download.oracle.com/javase/1.4.2/docs/api/java/lang/OutOfMemoryError.html(acc. Nov 24, 2013).
  • BredoLab downed botnet linked with Spamit.com, InfoSecurity Magazine, November 1, 2010, http://www.infosecurity-magazine.com/view/13620/bredolab-downed-botnet-linked-with-spamitcom/ (acc. Nov 24, 2013).
  • Poppe, Y., "Evolution of transoceanic lambdas. A GLIF capacity supplier perspective", 23th APAN Meeting, January 22-26, 2007, http://www.apan.net/meetings/manila2007/presentations/backbone/lambdas-YP.ppt (acc. Nov 24, 2013).
Еще
Статья научная