University of Twente Student Theses

Login

Fingerprint-Based Automated Rule Generation for DDoS Mitigation using the Berkeley Packet Filter

Koelewijn, Dirk (2019) Fingerprint-Based Automated Rule Generation for DDoS Mitigation using the Berkeley Packet Filter.

[img] PDF
1MB
Abstract:Distributed Denial of Service (DDoS) attacks have becomemore and more present in our everyday society, both in-creasing significantly in numbers and intensity. Althoughmore advanced methods for DDoS mitigation are emerg-ing, there exists nearly no research on kernel level DDoSmitigation. Therefore, we designed a method to automat-ically generate extended Berkeley Packet Filter programsfor DDoS mitigation, based on DDoS attack fingerprintsfrom DDoSDB.org. We show that existing work only fo-cuses on the performance of eBPF and that no research ex-ist on DDoS mitigation using eBPF or similar techniques.Furthermore, we present a method to convert fingerprintsto eBPF rules, as well as a method to reduce the size offingerprints while maintaining as much precision as pos-sible. Finally, we show that our method has an overallaccuracy of over 95%, a true positive rate of at least 93%and a true negative rate for over 98% on more than 90%of the simulated attacks.
Item Type:Essay (Bachelor)
Faculty:EEMCS: Electrical Engineering, Mathematics and Computer Science
Subject:54 computer science
Programme:Computer Science BSc (56964)
Link to this item:http://purl.utwente.nl/essays/77806
Export this item as:BibTeX
EndNote
HTML Citation
Reference Manager

 

Repository Staff Only: item control page