Testing for denial of service vulnerabilities, the effects of attacks and mitigation strategies all require the construction of a dedicated testbed facility. Although the tools for launching such attacks are widely available, for example the Stacheldraht, Trinoo and Phatbot tools [15, p. 87], and although the attacks themselves are well understood, the simulation on a small scale in the laboratory of a large and complex system (the Internet) is fraught with difficulty.
KeywordsVirtual Machine Physical Machine Traffic Source Background Traffic Simple Network Management Protocol
- 1.The Swiss Education and Research Network. 2001. Default TTL values in TCP/IP. http://www.map.meteoswiss.ch/map-doc/ftp-probleme.htm. Accessed 1 Feb 2011.
- 2.The Network Simulator – ns-2. 2011. http://www.isi.edu/nsnam/ns/: Accessed 1 Feb 2011.
- 3.Apache. 2011. Apache flood. http://httpd.apache.org/test/flood/.
- 4.Benzel, T., B. Braden, T. Faber, J. Mircovic, S. Schwab, K. Sollins, and J. Wroclawski. 2009. Current developments in DETER cybersecurity testbed technology. In Proceedings of the Cybersecurity Applications and Technology Conference For Homeland Security (CATCH 2009), Washington, Mar 2009.Google Scholar
- 5.Benzel, T., R. Braden, D. Kim, C. Neuman, A. Joseph, K. Sklower, R. Ostrenga, and S. Schwab. 2007. Design, deployment, and use of the DETER testbed. In DETER Community Workshop on Cyber-Security and Test, Berkeley, Aug 2007.Google Scholar
- 6.Beverly, R. and K. Sollins. 2008. An internet protocol address clustering algorithm. In Proceedings of USENIX Tackling Computer Systems Problems with Machine Learning Techniques, San Diego, Dec 2008.Google Scholar
- 7.Blackert, W.J., D.M. Gregg, A.K. Castner, R.L. Hom, R.M. Jokerst, and E.M. Kyle. 2003. Distributed denial of service defense attack tradeoff analysis (DDOS-DATA) demonstration overview. In Proceedings of the DARPA Information Survivability Conference and Exposition (DISCEX’03), vol. II, 66–67, Apr 2003.Google Scholar
- 8.Botta, A., A. Dainotti, and A. Pescape. 2007. Multi-protocol and multi-platform traffic generation and measurement. In INFOCOM 2007 DEMO Session, Alaska, May 2007.Google Scholar
- 9.Calvet, J., J.M. Fernandez, P.-M. Bureau, and J.-Y. Marion. 2010. Large-scale malware experiments why, how, and so what? In Proceedings of Virus Bulletin Conference, 241–247, Sept 2010.Google Scholar
- 10.Gelenbe, E., M. Gellman, and G. Loukas. 2005. An autonomic approach to denial of service defence. In Proceedings of the Sixth IEEE International Symposium on a World of Wireless Mobile and Multimedia Networks, 537–541, 2005.Google Scholar
- 11.Huang, Y.I., J.D. Tygar, H.Y. Lin, L.Y. Yeh, H.Y. Tsai, K. Sklower, S.P. Shieh, C.C. Wu, P.H. Lu, S.Y. Chien, Z.S. Lin, L.W. Hsu, C.W. Hsu, C.T. Hsu, Y.C. Wu, and M.S. Leong. 2008. SWOON: A testbed for secure wireless overlay networks. In CSNET ’08 Workshop on Cyber Security Experimentation and Test, Berkeley, July 2008.Google Scholar
- 12.Iakobashvili, R. and M. Moser. 2007. Curl-loader. http://curl-loader.sourceforge.net/. Accessed 11 Jan 2011.
- 13.Jin, C., H. Wang, and K.G. Shin. 2003. Hop-count filtering: An effective defense against spoofed traffic. In Proceedings of the 10th ACM Conference on Computer and Communications Security, Washington, 30–41, Oct 2003.Google Scholar
- 14.Kotenko, I.V. and A.V. Ulanov. 2006. Software testbed and experiments for exploring counteraction of attack and defense agents in the internet. In Proceedings of the International Security and Counteracting Terrorism Conference, 80–93, Lomonosov Moscow State University Intellectual Center, 2006.Google Scholar
- 15.Mirkovic, J., S. Dietrich, D. Dittrich, and P. Reiher. 2005. Internet denial of service attack and defense mechanisms. Upper Saddle River: Prentice Hall.Google Scholar
- 16.Mirkovic, J., S. Fahmy, P. Reiher, and R.K. Thomas. 2009. How to test DoS defenses. In Cybersecurity Applications and Technology Conference for Homeland Security, 103–117, Washington, 2009.Google Scholar
- 17.Mirkovic, J., A. Hussain, B. Wilson, S. Fahmy, P. Reiher, R. Thomas, W.-M. Yao, and S. Schwab. 2007. Towards user-centric metrics for denial-of-service measurement. In Proceedings of the 2007 Workshop on Experimental Computer Science, San Diego, Jun 2007.Google Scholar
- 18.Mirkovic, J., B. Wilson, A. Hussain, S. Fahmy, P. Reiher, R. Thomas, and S. Schwab. 2007. Automating DDoS experimentation. In Deter Community Workshop on Cyber Security Experimentation and Testing, Jul 2007.Google Scholar
- 20.Rajab, M.A., J. Zarfoss, F. Monrose, and A. Terzis. 2007. My botnet is bigger than yours (maybe, better than yours): Why size estimates remain challenging. In HotBots’07 Proceedings of the First Conference on First Workshop on Hot Topics in Understanding Botnets, Berkeley, Apr 2007.Google Scholar
- 22.Schmidt, D., S. Suriadi, A. Tickle, A. Clark, G. Mohay, E. Ahmed, and J. Mackie. 2010. A distributed denial of service testbed. In What Kind of Information Society? Governance, Virtuality, Surveillance, Sustainability, Resilience. Proceedings of 1st IFIP TC 11 International Conference, CIP 2010 Held as Part of WCC 2010, eds. Australia, J. Berleur, M.D. Hercheui, and L.M. Hilty, 338–349, Sept 2010.Google Scholar
- 23.Schwab, S., B. Wilson, C. Ko, and A. Hussain. 2007. SEER: A security experimentation enviRonment for DETER. http://www.usenix.org/event/deter07/tech/full_papers/schwab/schwab.pdf. Accessed 16 Feb 2011.
- 24.Sommers, J. and P. Barford. 2004. Self-configuring network traffic generation. In Proceedings of ACM Internet Measurement Conference, Sicily, Oct 2004.Google Scholar
- 25.Stone-Gross, B. 2009. Your botnet is my botnet: Analysis of a botnet takeover. In Proceedings of the ACM CCS, 635–647, Chicago, 9–13 Nov 2009.Google Scholar
- 26.Swain, B.R. and B. Sahoo. 2009. Mitigating DDOS attack and saving computational time using a probabilistic approach and HCF method. In IEEE International Advanced Computing Conference (IACC2009), 1170–1172, 6–7 Mar 2009.Google Scholar
- 27.Ting, Y.A., D. Ma, and K. Levitt. 2005. NTGC: A tool for network traffic generation control and coordination. http://wwwcsif.cs.ucdavis.edu/~tingy/NTGC.pdf. Accessed 16 Feb 2011.
- 29.White, B., J. Lepreau, L. Stoller, R. Ricci, S. Guruprasad, M. Newbold, M. Hibler, C. Barb, and A. Joglekar. 2002. An integrated experimental environment for distributed systems and networks. In Proceedings of the 5th Symposium on Operating Systems Design and Implementation, 255–270, New York, Dec 2002.Google Scholar
- 30.Wu, Z. and Z. Chen. 2006. A three-layer defense mechanism based on web servers against distributed denial of service attacks. In First International Conference on Communications and Networking in China, 1–5, 2006.Google Scholar