Abstract
Testing for denial of service vulnerabilities, the effects of attacks and mitigation strategies all require the construction of a dedicated testbed facility. Although the tools for launching such attacks are widely available, for example the Stacheldraht, Trinoo and Phatbot tools [15, p. 87], and although the attacks themselves are well understood, the simulation on a small scale in the laboratory of a large and complex system (the Internet) is fraught with difficulty.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
The Swiss Education and Research Network. 2001. Default TTL values in TCP/IP. http://www.map.meteoswiss.ch/map-doc/ftp-probleme.htm. Accessed 1 Feb 2011.
The Network Simulator – ns-2. 2011. http://www.isi.edu/nsnam/ns/: Accessed 1 Feb 2011.
Apache. 2011. Apache flood. http://httpd.apache.org/test/flood/.
Benzel, T., B. Braden, T. Faber, J. Mircovic, S. Schwab, K. Sollins, and J. Wroclawski. 2009. Current developments in DETER cybersecurity testbed technology. In Proceedings of the Cybersecurity Applications and Technology Conference For Homeland Security (CATCH 2009), Washington, Mar 2009.
Benzel, T., R. Braden, D. Kim, C. Neuman, A. Joseph, K. Sklower, R. Ostrenga, and S. Schwab. 2007. Design, deployment, and use of the DETER testbed. In DETER Community Workshop on Cyber-Security and Test, Berkeley, Aug 2007.
Beverly, R. and K. Sollins. 2008. An internet protocol address clustering algorithm. In Proceedings of USENIX Tackling Computer Systems Problems with Machine Learning Techniques, San Diego, Dec 2008.
Blackert, W.J., D.M. Gregg, A.K. Castner, R.L. Hom, R.M. Jokerst, and E.M. Kyle. 2003. Distributed denial of service defense attack tradeoff analysis (DDOS-DATA) demonstration overview. In Proceedings of the DARPA Information Survivability Conference and Exposition (DISCEX’03), vol. II, 66–67, Apr 2003.
Botta, A., A. Dainotti, and A. Pescape. 2007. Multi-protocol and multi-platform traffic generation and measurement. In INFOCOM 2007 DEMO Session, Alaska, May 2007.
Calvet, J., J.M. Fernandez, P.-M. Bureau, and J.-Y. Marion. 2010. Large-scale malware experiments why, how, and so what? In Proceedings of Virus Bulletin Conference, 241–247, Sept 2010.
Gelenbe, E., M. Gellman, and G. Loukas. 2005. An autonomic approach to denial of service defence. In Proceedings of the Sixth IEEE International Symposium on a World of Wireless Mobile and Multimedia Networks, 537–541, 2005.
Huang, Y.I., J.D. Tygar, H.Y. Lin, L.Y. Yeh, H.Y. Tsai, K. Sklower, S.P. Shieh, C.C. Wu, P.H. Lu, S.Y. Chien, Z.S. Lin, L.W. Hsu, C.W. Hsu, C.T. Hsu, Y.C. Wu, and M.S. Leong. 2008. SWOON: A testbed for secure wireless overlay networks. In CSNET ’08 Workshop on Cyber Security Experimentation and Test, Berkeley, July 2008.
Iakobashvili, R. and M. Moser. 2007. Curl-loader. http://curl-loader.sourceforge.net/. Accessed 11 Jan 2011.
Jin, C., H. Wang, and K.G. Shin. 2003. Hop-count filtering: An effective defense against spoofed traffic. In Proceedings of the 10th ACM Conference on Computer and Communications Security, Washington, 30–41, Oct 2003.
Kotenko, I.V. and A.V. Ulanov. 2006. Software testbed and experiments for exploring counteraction of attack and defense agents in the internet. In Proceedings of the International Security and Counteracting Terrorism Conference, 80–93, Lomonosov Moscow State University Intellectual Center, 2006.
Mirkovic, J., S. Dietrich, D. Dittrich, and P. Reiher. 2005. Internet denial of service attack and defense mechanisms. Upper Saddle River: Prentice Hall.
Mirkovic, J., S. Fahmy, P. Reiher, and R.K. Thomas. 2009. How to test DoS defenses. In Cybersecurity Applications and Technology Conference for Homeland Security, 103–117, Washington, 2009.
Mirkovic, J., A. Hussain, B. Wilson, S. Fahmy, P. Reiher, R. Thomas, W.-M. Yao, and S. Schwab. 2007. Towards user-centric metrics for denial-of-service measurement. In Proceedings of the 2007 Workshop on Experimental Computer Science, San Diego, Jun 2007.
Mirkovic, J., B. Wilson, A. Hussain, S. Fahmy, P. Reiher, R. Thomas, and S. Schwab. 2007. Automating DDoS experimentation. In Deter Community Workshop on Cyber Security Experimentation and Testing, Jul 2007.
Mosberger, D. and T. Jin. 1998. httperf: A tool for measuring web server performance. Performance Evaluation Review 26(3): 31–37.
Rajab, M.A., J. Zarfoss, F. Monrose, and A. Terzis. 2007. My botnet is bigger than yours (maybe, better than yours): Why size estimates remain challenging. In HotBots’07 Proceedings of the First Conference on First Workshop on Hot Topics in Understanding Botnets, Berkeley, Apr 2007.
Salah, K., K. El-Badawi, and F. Haidari. 2007. Performance analysis and comparison of interrupt-handling schemes in gigabit networks. Computer Communications 30: 3425–3441.
Schmidt, D., S. Suriadi, A. Tickle, A. Clark, G. Mohay, E. Ahmed, and J. Mackie. 2010. A distributed denial of service testbed. In What Kind of Information Society? Governance, Virtuality, Surveillance, Sustainability, Resilience. Proceedings of 1st IFIP TC 11 International Conference, CIP 2010 Held as Part of WCC 2010, eds. Australia, J. Berleur, M.D. Hercheui, and L.M. Hilty, 338–349, Sept 2010.
Schwab, S., B. Wilson, C. Ko, and A. Hussain. 2007. SEER: A security experimentation enviRonment for DETER. http://www.usenix.org/event/deter07/tech/full_papers/schwab/schwab.pdf. Accessed 16 Feb 2011.
Sommers, J. and P. Barford. 2004. Self-configuring network traffic generation. In Proceedings of ACM Internet Measurement Conference, Sicily, Oct 2004.
Stone-Gross, B. 2009. Your botnet is my botnet: Analysis of a botnet takeover. In Proceedings of the ACM CCS, 635–647, Chicago, 9–13 Nov 2009.
Swain, B.R. and B. Sahoo. 2009. Mitigating DDOS attack and saving computational time using a probabilistic approach and HCF method. In IEEE International Advanced Computing Conference (IACC2009), 1170–1172, 6–7 Mar 2009.
Ting, Y.A., D. Ma, and K. Levitt. 2005. NTGC: A tool for network traffic generation control and coordination. http://wwwcsif.cs.ucdavis.edu/~tingy/NTGC.pdf. Accessed 16 Feb 2011.
Wang, H., C. Jin, and K.G. Shin. 2007. Defense against spoofed IP traffic using hop-count filtering. IEEE/ACM Transactions on Networking 15(1): 40–53.
White, B., J. Lepreau, L. Stoller, R. Ricci, S. Guruprasad, M. Newbold, M. Hibler, C. Barb, and A. Joglekar. 2002. An integrated experimental environment for distributed systems and networks. In Proceedings of the 5th Symposium on Operating Systems Design and Implementation, 255–270, New York, Dec 2002.
Wu, Z. and Z. Chen. 2006. A three-layer defense mechanism based on web servers against distributed denial of service attacks. In First International Conference on Communications and Networking in China, 1–5, 2006.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer India Pvt. Ltd.
About this chapter
Cite this chapter
Schmidt, D., Shalinie, S.M. (2011). DDoS Testbed. In: Raghavan, S., Dawson, E. (eds) An Investigation into the Detection and Mitigation of Denial of Service (DoS) Attacks. Springer, India. https://doi.org/10.1007/978-81-322-0277-6_4
Download citation
DOI: https://doi.org/10.1007/978-81-322-0277-6_4
Published:
Publisher Name: Springer, India
Print ISBN: 978-81-322-0276-9
Online ISBN: 978-81-322-0277-6
eBook Packages: Computer ScienceComputer Science (R0)