Exploring a Novel Framework for DoS/DDoS Attack Detection and Simulation in Contemporary Networks

Gottapu Sankara Rao*, P. Krishna Subbarao**
* Department of Computer Science and Engineering, Jawaharlal Nehru Technological University (JNTU), Andhra Pradesh, India.
** Department of Computer Science and Engineering, Gayatri Vidya Parishad College of Engineering (GVPCE), Andhra Pradesh, India.
Periodicity:January - March'2024
DOI : https://doi.org/10.26634/jse.18.3.20596

Abstract

Currently, the internet serves as the predominant means of communication and is utilized by a vast number of individuals worldwide. Simultaneously, the commercial aspect of the internet is contributing to a rise in susceptibility to cybercrimes, leading to a significant surge in the occurrence of distributed Denial of Service (DDoS) assaults over the last decade. DoS/DDoS assaults primarily target network resources such as network bandwidth, CPU time, memory consumption, web servers, and network switches. Network security is an essential and crucial problem in the modern interconnected society. Numerous studies have been undertaken by multiple researchers thus far in order to identify this attack. However, there is still room for improvement in past investigations. This paper presents a novel approach for detecting and simulating DoS/DDoS attacks in modern networking environments, introducing a new paradigm. It is done in a controlled environment. The primary focus of this work is to simulate an attacker's perspective of a DoS/DDoS attack by repeatedly sending huge SYN flood packets to a specific target or network server using the hping3 tool. On the server side, the proposed attacker detector script continuously monitors incoming network connections on the network server using the netstat command. It identifies potential DoS/DDoS attacks by analyzing the connection count and comparing connections count with an assumed threshold. This experiment results in 61% CPU usage and 7.1% memory consumption while a DDoS attack triggers on the target server. Additionally, the proposed script performs statistical analysis and displays warning messages on the console when suspicious activity is detected on the network server. Wireshark is also utilized in this work to detect anomalous network traffic patterns in order to identify distributed denial-ofservice (DDoS) attacks that are targeting a network server. Additionally, it offers the capability to block the IP address of the attacker if the configuration allows for it. This proposed approach efficiently identifies DDoS activity in real-time network traffic, further helping to improve network security.

Keywords

Network, Security, Attack, hping3, Netstat, Wireshark, Cybersecurity, Intrusion Detection, Network Simulation, Denial of Service (DoS) Attacks.

How to Cite this Article?

Rao, G. S., and Subbarao, P. K. (2024). Exploring a Novel Framework for DoS/DDoS Attack Detection and Simulation in Contemporary Networks. i-manager’s Journal on Software Engineering, 18(3), 43-58. https://doi.org/10.26634/jse.18.3.20596

References

[11]. Chakraborty, N. (2013). Intrusion detection system and intrusion prevention system: A comparative study. International Journal of Computing and Business Research (IJCBR), 4(2), 1-8.
[12]. Das, V., Pathak, V., Sharma, S., Srikanth, M. V. V. N. S., & Kumar, T. G. (2010). Network intrusion detection system based on machine learning algorithms. AIRCC's International Journal of Computer Science and Information Technology, 2(6), 138-151.
[19]. Kothari, P. (2002). Intrusion Detection Interoperability and Standardization. SANS Institute.
[21]. Kshirsagar, V., & Joshi, M. (2015). Comparative analysis of various classifiers for performance improvement in intrusion detection system by reducing the false positives. International Journal of Computer Science and Information Technologies, 6(5), 4825-4828.
[28]. Rao, G. S., & Subbarao, P. K. (2024). A novel framework for detection of DoS/DDoS attack using deep learning techniques, and an approach to mitigate the impact of DoS/DDoS attack in network environment. International Journal of Intelligent Systems and Applications in Engineering, 12(1), 450-466.
[36]. Timofte, J. (2008). Intrusion detection using open source tools. Revista Informatica Economică (pp. 75-79).
[38]. Vijayarani, S., & Sylviaa, M. (2015). Intrusion detection system-a study. International Journal of Security, Privacy and trust management (IJSPTM), 4(1), 31-44.
If you have access to this article please login to view the article or kindly login to purchase the article

Purchase Instant Access

Single Article

North Americas,UK,
Middle East,Europe
India Rest of world
USD EUR INR USD-ROW
Pdf 35 35 200 20
Online 35 35 200 15
Pdf & Online 35 35 400 25

Options for accessing this content:
  • If you would like institutional access to this content, please recommend the title to your librarian.
    Library Recommendation Form
  • If you already have i-manager's user account: Login above and proceed to purchase the article.
  • New Users: Please register, then proceed to purchase the article.