University of Twente Student Theses

Login

Automated DDoS Attack Fingerprinting by Mimicking the Actions of a Network Operator

Hove, K.W. van (2019) Automated DDoS Attack Fingerprinting by Mimicking the Actions of a Network Operator.

[img] PDF
293kB
Abstract:A Distributed Denial of Service (DDoS) attack is an attempt to overload a service. The main data a network operator has access to during a DDoS attack is the network traffic. An experienced operator would easily identify the attack. To the best of our knowledge, no solutions are based on the knowledge of the network operator. We will propose a tool which we call the dissector that mimics the steps taken by a network operator to identify the key characteristics of an attack. These characteristics can be used for, but are not limited to, mitigation purposes. These key characteristics form a DDoS fingerprint. The results of our research show >90% of attack traffic being covered by the generated fingerprints, with next to no legitimate traffic being detected as malicious, whilst running in linear time.
Item Type:Essay (Bachelor)
Faculty:EEMCS: Electrical Engineering, Mathematics and Computer Science
Subject:54 computer science
Programme:Computer Science BSc (56964)
Link to this item:https://purl.utwente.nl/essays/78706
Export this item as:BibTeX
EndNote
HTML Citation
Reference Manager

 

Repository Staff Only: item control page