D-SCAP: DDoS Attack Traffic Generation Using Scapy Framework

  • Guntupalli Manoj KumarEmail author
  • A. R. Vasudevan
Conference paper
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 750)


Bots are harmful processes controlled by a Command and Control (C&C) infrastructure. A group of bots is known as botnet to launch different network attacks. One of the most prominent network attacks is Distributed Denial of Service (DDoS) attack. Bots are the main source for performing the harmful DDoS attacks. In this paper, we introduce a D-SCAP (DDoS Scapy framework based) bot to generate high volumes of DDoS attack traffic. The D-SCAP bot generates and sends continuous network packets to the victim machine based on the commands received from the C&C server. The DDoS attack traffic can be generated for cloud environment. The D-SCAP bot and the C&C server are developed using Python language and Scapy framework. The D-SCAP bot is compared with the existing well-known DDoS bots.


Bots Botnet C&C server D-SCAP DDoS 


  1. 1.
    Rajab, M., Zarfoss, J., Monrose, F., Terzis, A.: A multifaceted approach to understanding the botnet phenomenon. In: Proceedings of 6th ACM SIGCOMM Conference on Internet Measurement (IMC’06), pp. 41–52 (2006)Google Scholar
  2. 2.
    Zhang, L., Yu, S., Wu, D., Watters, P.: A survey on latest botnet attack and defense. In: 2011 IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), pp. 53–60. IEEE (2011)Google Scholar
  3. 3.
    Kalpika, R., Vasudevan, A.R.: Detection of zeus bot based on host and network activities. In: International Symposium on Security in Computing and Communication, pp. 54–64. Springer, Singapore (2017)Google Scholar
  4. 4.
    Mahmoud, M., Nir, M., Matrawy, A.: A survey on botnet architectures, detection and defences. IJ Netw. Secur. 17(3), 264–281 (2015)Google Scholar
  5. 5.
    Oikarinen, J., Reed, D.: Internet relay chat protocol. RFC1459 (1993)Google Scholar
  6. 6.
    Lee, J.-S., Jeong, H.C., Park, J.H., Kim, M., Noh, B.N.: The activity analysis of malicious http-based botnets using degree of periodic repeatability. In: SECTECH’08. International Conference on Security Technology, pp. 83–86. IEEE (2008)Google Scholar
  7. 7.
  8. 8.
    Hachem, N., Mustapha, Y.B., Granadillo, G.G., Debar, H.: Botnets: lifecycle and taxonomy. In: Proceedings of the Conference on Network and Information Systems Security (SAR-SSI), pp. 1–8 (2011)Google Scholar
  9. 9.
    Choi, H., Lee, H., Kim, H.: BotGAD: detecting botnets by capturing group activities in network traffic. In: Proceedings of the Fourth International ICST Conference on Communication System Software and Middleware, p. 2. ACM (2009)Google Scholar
  10. 10.
    Bailey, M., Cooke, E., Jahanian, F., Yunjing, X., Karir, M.: A survey of botnet technology and defenses. In: Proceedings of the Cybersecurity Applications & Technology Conference for Homeland Security (CATCH), pp. 299–304 (2009)Google Scholar
  11. 11.
    Guri, M., Mirsky, Y., Elovici, Y.: 9-1-1 DDoS: attacks, analysis and mitigation. In: 2017 IEEE European Symposium on Security and Privacy (EuroS&P), pp. 218–232. IEEE (2017)Google Scholar
  12. 12.
    Zargar, S.T., Joshi, J., Tipper, D.: A survey of defense mechanisms against distributed denial of service (ddos) flooding attacks. IEEE Commun. Surv. Tutorials 15(4), 2046–2069 (2013)Google Scholar
  13. 13.
    Kaur, H., Behal, S., Kumar, K.: Characterization and comparison of distributed denial of service attack tools. In: 2015 International Conference on Green Computing and Internet of Things (ICGCIoT), pp. 1139–1145. IEEE (2015)Google Scholar
  14. 14.
    Specht, S.M., Lee, R.B.: Distributed denial of service: taxonomies of attacks, tools, and countermeasures. In: ISCA PDCS, pp. 543–550 (2004)Google Scholar
  15. 15.
  16. 16.
  17. 17.
  18. 18.
  19. 19.
    Thing, V.L., Sloman, M., Dulay, N.: A survey of bots used for distributed denial of service attacks. In: IFIP International Information Security Conference, pp. 229–240. Springer, Boston, MA (2007)Google Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2019

Authors and Affiliations

  1. 1.TIFAC-CORE in Cyber Security, Amrita School of EngineeringAmrita Vishwa VidyapeethamCoimbatoreIndia

Personalised recommendations