Abstract
The Denial of Service Testing Framework (dosTF) being developed as part of the joint India-Australia research project for ’Protecting Critical Infrastructure from Denial of Service Attacks’ allows for the construction, monitoring and management of emulated Distributed Denial of Service attacks using modest hardware resources. The purpose of the testbed is to study the effectiveness of different DDoS mitigation strategies and to allow for the testing of defense appliances. Experiments are saved and edited in XML as abstract descriptions of an attack/defense strategy that is only mapped to real resources at run-time. It also provides a web-application portal interface that can start, stop and monitor an attack remotely. Rather than monitoring a service under attack indirectly, by observing traffic and general system parameters, monitoring of the target application is performed directly in real time via a customised SNMP agent.
Chapter PDF
Similar content being viewed by others
References
Leyden, J.: Conficker botnet growth slows at 10m infections. The Register 26/1/09 (2009), http://www.theregister.co.uk/2009/01/26/conficker_botnet/
Chapman, S.: Massive 2 Million PCs Botnet Uncovered. Computerworld, UK, 23/4/09 (2009), http://www.cio.com/article/490454/Massive_2_Million_PCs_Botnet_Uncovered
Van Buskirk, E.: Facebook Confirms Denial-of-Service Attack. Wired, 6/8/09 (2009), http://www.wired.com/epicenter/2009/08/facebook-apparently-attacked-in-addition-to-twitter/
Nakashima, E., Krebs, B., Harden, B.: U.S., South Korea Targeted in Swarm Of Internet Attacks. The Washington Post, 9/7/09 (2009), http://www.washingtonpost.com/wp-dyn/content/article/2009/07/08/AR2009070800066.html
Worldwide Infrastructure Security Report. Arbor Networks (2009), http://www.arbornetworks.com/report
White, B., Stoller, L., Ricci, R., Guruprasad, S., Newbold, M., Hibler, M., Barb, C., Joglekar, A.: An Integrated Experimental Environment for Distributed Systems and Networks. In: Proc. of the Fifth Symposium on Operating Systems Design and Implementation, Boston, MA, pp. 255–270 (2002)
Lam, H.-Y., Li, C.-P., Chanson, S.T., Yeung, D.-Y.: A Coordinated Detection and Response Scheme for Distributed Denial-of-Service Attacks. In: IEEE International Conference on Communications, ICC 2006, vol. 5, pp. 2165–2170 (2006)
Blackert, W.J., Gregg, D.M., Castner, A.K., Kyle, E.M., Hom, R.L., Jokerst, R.M.: Analyzing Interaction Between Distributed Denial of Service Attacks And Mitigation Technologies. In: Proceedings of DARPA Information Survivability Conference and Exposition, April 22-24, vol. 1, pp. 26–36 (2003)
Chertov, R., Fahmy, S., Shroff, N.B.: Emulation versus Simulation: A Case Study of TCP-Targeted Denial of Service Attacks. In: Proceedings of 2nd International Conference on Testbeds and Research Infrastructures for the Development of Networks and Communities. TRIDENTCOM, pp. 315–325 (March 2006)
Mircovic, J., Fahmy, S., Reiher, P., Thomas, R.K.: How to Test DoS Defences. In: Proceedings of the Cybersecurity Applications & Technology Conference For Homeland Security, CATCH (2009)
Peterson, L., Bavier, A., Fiuczynski, M.E., Muir, S.: Experiences Building PlanetLab. In: OSDI 2006: 7th USENIX Symposium on Operating Systems Design and Implementation, pp. 351–366 (2006)
Benzel, T., Braden, R., Kim, D., Neuman, C., Joseph, A., Sklower, K.: Experience with Deter: A Testbed for Security Research. In: Proceedings of 2nd International Conference on Testbeds and Research Infrastructures for the Development of Networks and Communities. TRIDENTCOM, pp. 378–388 (March 2006)
Mircovic, J., Reiher, P., Thomas, R., Schwab, S.: Automating DDoS Experimentation. In: Proceedings of the DETER Workshop (August 2007)
Bolla, R., Bruschi, R.: RFC 2544 Performance Evaluation for a Linux Based Open Router. In: Proc. of the 2006 IEEE Workshop on High Performance Switching and Routing (HPSR 2006), Poznan, Poland, pp. 9–14 (June 2006)
Yu, J., Lee, H., Kim, M.-S., Park, D.: Traffic flooding attack detection with SNMP MIB using SVM. Computer Communications 31, 4212–4219 (2008)
Mircovic, J., Hussain, A., Fahmy, S., Reiher, P., Thomas, R.K.: Accurately Measuring Denial of Service in Simulation and Testbed Experiments. IEEE Transactions on Dependable and Secure Computing 6(2), 81–95 (2009)
Bray, T., Paoli, J., Sperberg-McQueen, C.M., Maler, E., Yergeau, F.: Extensible Markup Language (XML) 1.0, 5 edn. (2008), http://www.w3c.org/TR/REC-xml
Botta, A., Dainotti, A., Pescapè, A.: Multi-protocol and multi-platform traffic generation and measurement. In: INFOCOM 2007 DEMO Session, Anchorage (May 2007), http://www.grid.unina.it/software/ITG/
Shneidermann, B.: Designing the User Interface: Strategies for Effective Human-Computer Interaction, 3rd edn. Addison-Wesley, Reading (1998)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 IFIP
About this paper
Cite this paper
Schmidt, D. et al. (2010). A Distributed Denial of Service Testbed. In: Berleur, J., Hercheui, M.D., Hilty, L.M. (eds) What Kind of Information Society? Governance, Virtuality, Surveillance, Sustainability, Resilience. HCC CIP 2010 2010. IFIP Advances in Information and Communication Technology, vol 328. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-15479-9_32
Download citation
DOI: https://doi.org/10.1007/978-3-642-15479-9_32
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-15478-2
Online ISBN: 978-3-642-15479-9
eBook Packages: Computer ScienceComputer Science (R0)