Implementation Of real testbed of DDOS

1. DESIGN AND
IMPLEMENTATION OF A
DDOS TESTBED
SUBMITTED TO:
SUBMITTED BY:
DR. KRISHAN SALUJA JATIN SINGH

2. Contents
1. About Internet Malware
2. Introduction to Dos/DDoS
3. Architecture of DDoS
4. Motivation
5. Experimental techniques
6. Graph
7. Comparison b/w Experimental techniques
8. Real time testbed
9. Hardware and Software used
10.CORE
11.Tools used in this project
12.Future Scope

3. Internet Malware
▪ Viruses
▪ Worms
▪ Trojan Horse
▪ DoS
▪ DDoS
▪ Phishing

4. DEFINING DOS/DDOS
Denial of service attack(DoS) is an intentional attempt by malicious
users / attackers to completely disrupt or degrade availability of
service / resource to legitimate / authorized users.
Distributed denial of service attack(DDoS) is a well coordinated attack on
the availability of services of a given target system or network that is launched
indirectly through many compromised computing systems by sending a
stream of Useless traffic meant to explode victim / network resources.

5. DDOS Attack Architecture

6. MOTIVATION BEHIND THE INCREASING DDOS
ATTACKS
Name and Fame amongst attackers community
Financial Profit
Political Revenge
Easy and free availability of user friendly attack tools
Business Competitors

7. 1.Mathematical models
2.Simulation models
3.Emulation models
4.Real time
Experimental techniques

8. EXPERIMENTAL TECHNIQUES

9. Comparison b/w Experimental techniques
▪ Mathematical
model
▪ Simulated model ▪ Emulated model
• Models for OS,
APPs,
Platforms and
Conditions
• Models for Key OS ,
Mechanisms ,
Algorithms , Kernel
Apps
• Virtual Platforms
• Synthetic conditions
• Real Apps
• Real Platforms
• Real OS
• Synthetic
Conditions
• Real time model
• Real OS
• Real Apps
• Real Platforms
• Real Conditions

10. Real time testbed

12. HARDWARE AND SOFTWARE USED
HARDWARE
1. D-LINK 2800 SERIES ROUTER
2. D-LINK L2,L3 SWITCHES
3. DESKTOPS INSTALLED WITH
UBUNUTU 14.04
SOFTWARE
1. APACHE WEB SERVER
2. SNIFFER- WIRESHARK
3. EMULATOR- CORE ,NS-3
4. TOOLS USED- HULK,HTTP
FLOODER, HPING3,CORAL REEF
5. OS- UBUNTU 14.04

13. CORE
Abbreviated as Common Open Research Emulator.
The CORE project provides an iso image called
VCORE than can run in Virtual Box.
The file used for running is very large almost 600
megabytes.
CORE can also be run on a virtual machine on PC or
laptop.

14. Start Screen of CORE

15. Drag nodes

16. ASSIGN IPv4 Addresses

17. Start the topology

18. lTools and flooder used in topology to
generate Traffic
ooder used in topology to generate traffic
1. HULK
 Unique pattern is generated at each and every request, with the intention of increasing the load on
the servers as well as evading any intrusion detection and prevention systems.
 Uses User Agent Strings to trick Webserver.
 Have capability to bypass captcha validation.
2. SLOWRIS
 A Slow Loris attack waits for sockets to be released by legitimate requests before consuming them
one by one.
 Slow Loris sends subsequent HTTP headers for each request, but never actually completes the
request. Ultimately, the targeted server’s maximum concurrent connection pool is filled, and
additional (legitimate) connection attempts are denied.

19. CONTINUED….
3. HTTP FLODDER
 Python based tool
 Generate application layer traffic(HTTP traffic)
 Uses multiple threading to open multiple connection to target node
 Capability to spoof IP addresses
4. D-ITG(Distributed Internet Traffic Generator)
 Accepted World Wide as legitimate traffic generator
 Supports generation of VoIP , Game (Counter Strike & Quake 3)traffic.
 Capable of generating traffic patterns similar to that of flash traffic.
 Highly customizable can explicitly specify packet size , Inter-Departure Time ….

20. Future Scope of our Project
 Detect and defend of DDOS attack
 Impact measure(response time ,throughput ,transaction rate)
 Different type of attack can be launched( ICMP , HTTP, UDP ,
TCP, SYN )

21. THANK YOU
Any Queries….