University of Twente Student Theses
Fingerprint-Based Automated Rule Generation for DDoS Mitigation using the Berkeley Packet Filter
Koelewijn, Dirk (2019) Fingerprint-Based Automated Rule Generation for DDoS Mitigation using the Berkeley Packet Filter.
|
PDF
1MB |
| Abstract: | Distributed Denial of Service (DDoS) attacks have becomemore and more present in our everyday society, both in-creasing significantly in numbers and intensity. Althoughmore advanced methods for DDoS mitigation are emerg-ing, there exists nearly no research on kernel level DDoSmitigation. Therefore, we designed a method to automat-ically generate extended Berkeley Packet Filter programsfor DDoS mitigation, based on DDoS attack fingerprintsfrom DDoSDB.org. We show that existing work only fo-cuses on the performance of eBPF and that no research ex-ist on DDoS mitigation using eBPF or similar techniques.Furthermore, we present a method to convert fingerprintsto eBPF rules, as well as a method to reduce the size offingerprints while maintaining as much precision as pos-sible. Finally, we show that our method has an overallaccuracy of over 95%, a true positive rate of at least 93%and a true negative rate for over 98% on more than 90%of the simulated attacks. |
| Item Type: | Essay (Bachelor) |
| Faculty: | EEMCS: Electrical Engineering, Mathematics and Computer Science |
| Subject: | 54 computer science |
| Programme: | Computer Science BSc (56964) |
| Link to this item: | https://purl.utwente.nl/essays/77806 |
| Export this item as: | BibTeX EndNote HTML Citation Reference Manager |
Show download statistics for this publication
Show download statistics for this publicationRepository Staff Only: item control page