Distributed denial of service attack defence simulation based on honeynet technology

  • Xiaoying Wang
  • Na Guo
  • Fangping GaoEmail author
  • Jilin Feng
Original Research


Distributed denial of service (DDoS) is one of the main threats of Internet security, and the detection and prevention of DDoS has always been a hot issue in network security research. DDoS detection and defence systems have many shortcomings such as high false positive rate, low execution efficiency, and lack of linkage between detection and defence. Therefore, eliminating false positives, improving execution efficiency, and enhancing the linkage between detection and defence processes have always been the focuses of research. A preventive defence mechanism based on honeynet technology in the paper is presented without more additional equipment which does not rely on resource advantages, and is equally effective with less effort. Firstly, the in-depth analysis and discussion of detection and defence problems are illustrated by combining with the principle and characteristics of the attack, and systematically analyzing and classifing the detection and defence problems. Next, a distributed denial of service attack defence based on honeynet technology is proposed. Finally, algorithm and the effectiveness of the method are proved by simulation experiments.


Distributed denial of service Attack defence simulation Honeynet technology 



The work is partially supported by (1) Langfang Science and Technology Research Self-financing Project, Research on Network Abnormal Behavior Analysis Technology Based on Traffic Precursor Observation System Flow Detection (Grant no. 2015013011), (2) Hebei Science and Technology Plan Project, Research on APT Attack Detection Algorithm Based on Big Data Analysis (Grant no. 16210705), (3) Shanghai Key Laboratory of Integrated Administration Technologies for Information Security, Research on Path Marking Method of Malicious Code Attack Based on CampusNetwork (Grant no. AGK201704), (4) Research on the basic research business expenses of the central colleges and universities, based on the full-campus network DNS, the key technology of malicious domain name automatic detection (Grant no. ZY20180123).


  1. Anagnostopoulos M, Kambourakis G, Gritzalis S (2016) New facets of mobile botnet: architecture and evaluation. Int J Inf Secur 15(5):455–473Google Scholar
  2. Cross M, Dubouis L, Mangin M (2017) Defining flare in osteoarthritis of the hip and knee: a systematic literature review—OMERACT virtual special interest group. J Rheumatol 44(12):161–171Google Scholar
  3. Dou C, Zhang Z, Dong Y (2017) MAS-based hierarchical distributed coordinate control strategy of virtual power source voltage in low-voltage microgrid. IEEE Access 3(2):1–15Google Scholar
  4. Du JW, Zhang X, Zhou Y (2013) Active defense security model in the application of network deception system design. Appl Mech Mater 347–350:2860–2864Google Scholar
  5. Gao HH, Chu DQ, Duan YC (2017a) The probabilistic model checking based service selection method for business process modeling. J Softw Eng Knowl Eng 27(6):897–923Google Scholar
  6. Gao HH, Duan YC, Miao HK, Yin YY (2017b) An approach to data consistency checking for the dynamic replacement of service process. IEEE Access 5(1):11700–11711Google Scholar
  7. Gomez C, Arciamoret A, Crowcroft J (2017) TCP in the Internet of Things: from ostracism to prominence. IEEE Internet Comput 2(9):1–12Google Scholar
  8. Hassan A, Eltayieb N, Elhabob R, Li FG (2018) An efficient certificateless user authentication and key exchange protocol for client-server environment. J Ambient Intell Hum Comput 9(6):1713–1727Google Scholar
  9. Jiang YZ, Chung FL, Ishibuchi H (2015a) Multitask TSK fuzzy system modeling by mining intertask common hidden structure. IEEE Trans Cybern 45(3):548–561Google Scholar
  10. Jiang YZ, Chung FL, Wang ST, Deng ZH, Wang J, Qian PJ (2015b) Collaborative fuzzy clustering from multiple weighted views. IEEE Trans Cybern 45(4):688–701Google Scholar
  11. Jiang YZ, Deng ZH, Chung FL, Wang G, Qian PJ, Choi KS, Wang ST (2017) Recognition of epileptic EEG signals using a novel multi-view TSK fuzzy system. IEEE Trans Fuzzy Syst 25(1):3–20Google Scholar
  12. Khan MA, Khan S, Shams B (2016) Distributed flood attack detection mechanism using artificial neural network in wireless mesh networks. Secur Commun Netw 9(15):2715–2729Google Scholar
  13. Kuang B, Zhao X, Zhou C (2016) The role of UDP-glucuronic acid decarboxylase (UXS) in xylan biosynthesis in Arabidopsis. Mol Plant 9(8):1119–1129Google Scholar
  14. Mohammadi R, Javidan R, Conti M, SLICOTS (2017) An SDN-based lightweight countermeasure for TCP SYN flooding attacks. IEEE Trans Netw Serv Manag 14(2):487–497Google Scholar
  15. Osanaiye O, Choo KKR, Dlodlo M (2016) Distributed denial of service (DDoS) resilience in cloud: review and conceptual cloud DDoS mitigation framework. J Netw Comput Appl 67(C):147–165Google Scholar
  16. Prasad KM, Reddy ARM, Rao KV, BIFAD (2017) Bio-inspired anomaly based http-flood attack detection. Wirel Pers Commun 97(1):281–308Google Scholar
  17. Qian PJ, Jiang YZ, Deng ZH, Hu LZ, Sun SW, Wang ST, Raymond F, Jr Muzic (2016) Cluster prototypes and fuzzy memberships jointly leveraged cross-domain maximum entropy clustering. IEEE Trans Cybern 46(1):181–193Google Scholar
  18. Qian PJ, Jiang YZ, Wang ST, Su KH, Wang J, Hu LZ, Raymond F, Jr Muzic (2017a) Affinity and penalty jointly constrained spectral clustering with all-compatibility, flexibility, and robustness. IEEE Trans Neural Netw Learn Syst 28(5):1123–1138Google Scholar
  19. Qian PJ, Zhao KF, Jiang YZ, Su KH, Deng ZH, Wang ST, Raymond F, Jr Muzic (2017b) Knowledge-leveraged transfer fuzzy c-means for texture image segmentation with self-adaptive cluster prototype matching. Knowl Based Syst 130:33–50Google Scholar
  20. Ren J, Xu Y (2018) A compartmental model to explore the interplay between virus epidemics and honeynet potency. Appl Math Model 59:86–99MathSciNetGoogle Scholar
  21. Saied A, Overill RE, Radzik T (2016) Detection of known and unknown DDoS attacks using artificial neural networks. Neurocomputing 172(C):385–393Google Scholar
  22. Sharma A, Singh R, Pandey G (2013) Detection and prevention from black hole attack in AODV protocol for MANET. Int J Comput Appl 50(5):1–4Google Scholar
  23. Somani G, Gaur MS, Sanghi D (2016) DDoS attacks in cloud computing: collateral damage to non-targets. Comput Netw 109:157–171Google Scholar
  24. Sombolestan SM, Rasooli A, Khodaygan S (2018) Optimal path-planning for mobile robots to find a hidden target in an unknown environment based on machine learning. J Ambient Intell Hum Comput 10(5):1841–1850Google Scholar
  25. Stalans LJ, Finn MA (2016) Understanding how the internet facilitates crime and deviance. Victims Offenders Int J Evid Based Res Policy Pract 11(4):1–8Google Scholar
  26. Stone-Gross B, Cova M, Gilbert B (2011) Analysis of a botnet takeover. IEEE Secur Privacy 9(1):64–72Google Scholar
  27. Tapaswi S, Mahboob A, Shukla AS (2014) Markov chain based roaming schemes for honeypots. Wirel Pers Commun 78(2):995–1010Google Scholar
  28. Taylor SJE (2019) Distributed simulation: state-of-the-art and potential for operational research. Eur J Oper Res 273:37–47Google Scholar
  29. Wen CY, Juan YH, Yang AS (2017) Enhancement of city breathability with half open spaces in ideal urban street canyons. Build Environ 112:322–336Google Scholar
  30. Xin W, Myeongwon O, Katsumi S (2016) Gel-free/label-free proteomic analysis of root tip of soybean over time under flooding and drought stresses. J Proteom 130:42–55Google Scholar
  31. Yang Y, Mi J (2011) Design and implementation of distributed intrusion detection system based on honeypot. Comput Knowl Technol 100:303–308Google Scholar

Copyright information

© Springer-Verlag GmbH Germany, part of Springer Nature 2019

Authors and Affiliations

  • Xiaoying Wang
    • 1
  • Na Guo
    • 1
  • Fangping Gao
    • 1
    Email author
  • Jilin Feng
    • 1
  1. 1.School of Information EngineeringInstitute of Disaster PreventionSanheChina

Personalised recommendations