Skip to main content
SpringerLink
Log in

DDoS Testbed

  • Chapter
  • First Online:
An Investigation into the Detection and Mitigation of Denial of Service (DoS) Attacks

Abstract

Testing for denial of service vulnerabilities, the effects of attacks and mitigation strategies all require the construction of a dedicated testbed facility. Although the tools for launching such attacks are widely available, for example the Stacheldraht, Trinoo and Phatbot tools [15, p. 87], and although the attacks themselves are well understood, the simulation on a small scale in the laboratory of a large and complex system (the Internet) is fraught with difficulty.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 159.00
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 109.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. The Swiss Education and Research Network. 2001. Default TTL values in TCP/IP. http://www.map.meteoswiss.ch/map-doc/ftp-probleme.htm. Accessed 1 Feb 2011.

  2. The Network Simulator – ns-2. 2011. http://www.isi.edu/nsnam/ns/: Accessed 1 Feb 2011.

  3. Apache. 2011. Apache flood. http://httpd.apache.org/test/flood/.

  4. Benzel, T., B. Braden, T. Faber, J. Mircovic, S. Schwab, K. Sollins, and J. Wroclawski. 2009. Current developments in DETER cybersecurity testbed technology. In Proceedings of the Cybersecurity Applications and Technology Conference For Homeland Security (CATCH 2009), Washington, Mar 2009.

    Google Scholar 

  5. Benzel, T., R. Braden, D. Kim, C. Neuman, A. Joseph, K. Sklower, R. Ostrenga, and S. Schwab. 2007. Design, deployment, and use of the DETER testbed. In DETER Community Workshop on Cyber-Security and Test, Berkeley, Aug 2007.

    Google Scholar 

  6. Beverly, R. and K. Sollins. 2008. An internet protocol address clustering algorithm. In Proceedings of USENIX Tackling Computer Systems Problems with Machine Learning Techniques, San Diego, Dec 2008.

    Google Scholar 

  7. Blackert, W.J., D.M. Gregg, A.K. Castner, R.L. Hom, R.M. Jokerst, and E.M. Kyle. 2003. Distributed denial of service defense attack tradeoff analysis (DDOS-DATA) demonstration overview. In Proceedings of the DARPA Information Survivability Conference and Exposition (DISCEX’03), vol. II, 66–67, Apr 2003.

    Google Scholar 

  8. Botta, A., A. Dainotti, and A. Pescape. 2007. Multi-protocol and multi-platform traffic generation and measurement. In INFOCOM 2007 DEMO Session, Alaska, May 2007.

    Google Scholar 

  9. Calvet, J., J.M. Fernandez, P.-M. Bureau, and J.-Y. Marion. 2010. Large-scale malware experiments why, how, and so what? In Proceedings of Virus Bulletin Conference, 241–247, Sept 2010.

    Google Scholar 

  10. Gelenbe, E., M. Gellman, and G. Loukas. 2005. An autonomic approach to denial of service defence. In Proceedings of the Sixth IEEE International Symposium on a World of Wireless Mobile and Multimedia Networks, 537–541, 2005.

    Google Scholar 

  11. Huang, Y.I., J.D. Tygar, H.Y. Lin, L.Y. Yeh, H.Y. Tsai, K. Sklower, S.P. Shieh, C.C. Wu, P.H. Lu, S.Y. Chien, Z.S. Lin, L.W. Hsu, C.W. Hsu, C.T. Hsu, Y.C. Wu, and M.S. Leong. 2008. SWOON: A testbed for secure wireless overlay networks. In CSNET ’08 Workshop on Cyber Security Experimentation and Test, Berkeley, July 2008.

    Google Scholar 

  12. Iakobashvili, R. and M. Moser. 2007. Curl-loader. http://curl-loader.sourceforge.net/. Accessed 11 Jan 2011.

  13. Jin, C., H. Wang, and K.G. Shin. 2003. Hop-count filtering: An effective defense against spoofed traffic. In Proceedings of the 10th ACM Conference on Computer and Communications Security, Washington, 30–41, Oct 2003.

    Google Scholar 

  14. Kotenko, I.V. and A.V. Ulanov. 2006. Software testbed and experiments for exploring counteraction of attack and defense agents in the internet. In Proceedings of the International Security and Counteracting Terrorism Conference, 80–93, Lomonosov Moscow State University Intellectual Center, 2006.

    Google Scholar 

  15. Mirkovic, J., S. Dietrich, D. Dittrich, and P. Reiher. 2005. Internet denial of service attack and defense mechanisms. Upper Saddle River: Prentice Hall.

    Google Scholar 

  16. Mirkovic, J., S. Fahmy, P. Reiher, and R.K. Thomas. 2009. How to test DoS defenses. In Cybersecurity Applications and Technology Conference for Homeland Security, 103–117, Washington, 2009.

    Google Scholar 

  17. Mirkovic, J., A. Hussain, B. Wilson, S. Fahmy, P. Reiher, R. Thomas, W.-M. Yao, and S. Schwab. 2007. Towards user-centric metrics for denial-of-service measurement. In Proceedings of the 2007 Workshop on Experimental Computer Science, San Diego, Jun 2007.

    Google Scholar 

  18. Mirkovic, J., B. Wilson, A. Hussain, S. Fahmy, P. Reiher, R. Thomas, and S. Schwab. 2007. Automating DDoS experimentation. In Deter Community Workshop on Cyber Security Experimentation and Testing, Jul 2007.

    Google Scholar 

  19. Mosberger, D. and T. Jin. 1998. httperf: A tool for measuring web server performance. Performance Evaluation Review 26(3): 31–37.

    Article  Google Scholar 

  20. Rajab, M.A., J. Zarfoss, F. Monrose, and A. Terzis. 2007. My botnet is bigger than yours (maybe, better than yours): Why size estimates remain challenging. In HotBots’07 Proceedings of the First Conference on First Workshop on Hot Topics in Understanding Botnets, Berkeley, Apr 2007.

    Google Scholar 

  21. Salah, K., K. El-Badawi, and F. Haidari. 2007. Performance analysis and comparison of interrupt-handling schemes in gigabit networks. Computer Communications 30: 3425–3441.

    Article  Google Scholar 

  22. Schmidt, D., S. Suriadi, A. Tickle, A. Clark, G. Mohay, E. Ahmed, and J. Mackie. 2010. A distributed denial of service testbed. In What Kind of Information Society? Governance, Virtuality, Surveillance, Sustainability, Resilience. Proceedings of 1st IFIP TC 11 International Conference, CIP 2010 Held as Part of WCC 2010, eds. Australia, J. Berleur, M.D. Hercheui, and L.M. Hilty, 338–349, Sept 2010.

    Google Scholar 

  23. Schwab, S., B. Wilson, C. Ko, and A. Hussain. 2007. SEER: A security experimentation enviRonment for DETER. http://www.usenix.org/event/deter07/tech/full_papers/schwab/schwab.pdf. Accessed 16 Feb 2011.

  24. Sommers, J. and P. Barford. 2004. Self-configuring network traffic generation. In Proceedings of ACM Internet Measurement Conference, Sicily, Oct 2004.

    Google Scholar 

  25. Stone-Gross, B. 2009. Your botnet is my botnet: Analysis of a botnet takeover. In Proceedings of the ACM CCS, 635–647, Chicago, 9–13 Nov 2009.

    Google Scholar 

  26. Swain, B.R. and B. Sahoo. 2009. Mitigating DDOS attack and saving computational time using a probabilistic approach and HCF method. In IEEE International Advanced Computing Conference (IACC2009), 1170–1172, 6–7 Mar 2009.

    Google Scholar 

  27. Ting, Y.A., D. Ma, and K. Levitt. 2005. NTGC: A tool for network traffic generation control and coordination. http://wwwcsif.cs.ucdavis.edu/~tingy/NTGC.pdf. Accessed 16 Feb 2011.

  28. Wang, H., C. Jin, and K.G. Shin. 2007. Defense against spoofed IP traffic using hop-count filtering. IEEE/ACM Transactions on Networking 15(1): 40–53.

    Article  Google Scholar 

  29. White, B., J. Lepreau, L. Stoller, R. Ricci, S. Guruprasad, M. Newbold, M. Hibler, C. Barb, and A. Joglekar. 2002. An integrated experimental environment for distributed systems and networks. In Proceedings of the 5th Symposium on Operating Systems Design and Implementation, 255–270, New York, Dec 2002.

    Google Scholar 

  30. Wu, Z. and Z. Chen. 2006. A three-layer defense mechanism based on web servers against distributed denial of service attacks. In First International Conference on Communications and Networking in China, 1–5, 2006.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Information Security Institute, Queensland University of Technology, Brisbane, Australia

    D. Schmidt

  2. Thiagarajar College of Engineering, Madurai, Tamil Nadu, India

    S. M. Shalinie

Authors
  1. D. Schmidt
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. S. M. Shalinie
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to D. Schmidt .

Editor information

Editors and Affiliations

  1. , Department of Computer Science and Engin, Indian Institute of Technology Madras, C, Chennai, 600036, India

    S.V. Raghavan

  2. , Information Security Institute, Queensland University of Technology, Margaret Street, Brisbane, 4000, Australia

    E Dawson

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer India Pvt. Ltd.

About this chapter

Cite this chapter

Schmidt, D., Shalinie, S.M. (2011). DDoS Testbed. In: Raghavan, S., Dawson, E. (eds) An Investigation into the Detection and Mitigation of Denial of Service (DoS) Attacks. Springer, India. https://doi.org/10.1007/978-81-322-0277-6_4

Download citation

  • DOI: https://doi.org/10.1007/978-81-322-0277-6_4

  • Published:

  • Publisher Name: Springer, India

  • Print ISBN: 978-81-322-0276-9

  • Online ISBN: 978-81-322-0277-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation