• Title/Summary/Keyword: DDoS

Search Result 390, Processing Time 0.116 seconds

Research of Anti-DDoS SW Efficiency Test (Anti-DDoS SW 성능평가에 관한 연구)

  • Lee, Jae-Guen;Jo, In-June;Shin, Seok-Kyoo;Kim, Sun-Joo
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • /
    • pp.363-367
    • /
    • 2009
  • From the recent, an big issue of the internet attack is DDoS(Distributed Denial of Service). Some government agencies and companies will buy Anti-DDoS SW for protect their their network system form DDoS attack. But We don't have any objective valuation standard of Anti-DDoS SW. So When you try to buy an Anti-DDoS SW, you can get only subjective Anti-DDoS SW information which from Anti-DDoS SW vender. Anti-DDoS SW market is getting bigger, so market needs objective valuation standard of Anti-DDoS SW for a fair evaluation. In this paper, we describe a part of Anti-DDoS SW performance tests in valuation standard of Anti-DDoS SW.

  • PDF

A study of Modeling and Simulation for Analyzing DDoS Attack Damage Scale and Defence Mechanism Expense (DDoS 공격 피해 규모 및 대응기법 비용분석을 위한 모델링 및 시뮬레이션 기술연구)

  • Kim, Ji-Yeon;Lee, Ju-Li;Park, Eun-Ji;Jang, Eun-Young;Kim, Hyung-Jong
    • Journal of the Korea Society for Simulation
    • /
    • v.18 no.4
    • /
    • pp.39-47
    • /
    • 2009
  • Recently, the threat of DDoS attacks is increasing and many companies are planned to deploy the DDoS defense solutions in their networks. The DDoS attack usually transmits heavy traffic data to networks or servers and they cannot handle the normal service requests because of running out of resources. Since it is very hard to prevent the DDoS attack beforehand, the strategic plan is very important. In this work, we have conducted modeling and simulation of the DDoS attack by changing the number of servers and estimated the duration that services are available. In this work, the modeling and simulation is conducted using OPNET Modeler. The simulation result can be used as a parameter of trade-off analysis of DDoS defense cost and the service's value. In addition, we have presented a way of estimating the cost effectiveness in deployment of the DDoS defense system.

  • PDF

BMT Derivation of Evaluation Item about Anti-DDoS SW (Anti-DDoS SW BMT 평가항목 도출)

  • Shin, Suk-Jo;Lee, Jae-Guen;Jo, In-June;Shin, Seok Kyoo
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • /
    • pp.375-378
    • /
    • 2009
  • DDoS attacks make people can't using normal internet service, because DDoS attacks cause exhaustion of network bandwidth or exhaustion of computer system resources by using many personal computers or servers which already infected computer virus from hackers. Recent DDoS attacks attack government brach, financial institution, even IT security company. IT security companies make Anti-DDoS product for defense from DDoS attack. But, There is no standard for BMT of Anti-DDoS product. In this dissertation, Anti-DDoS product quality characteristics of the survey analysis to evaluate them by comparing the assessment items were derived.

  • PDF

Implementation and Validation of the Web DDoS Shelter System(WDSS) (웹 DDoS 대피소 시스템(WDSS) 구현 및 성능검증)

  • Park, Jae-Hyung;Kim, Kang-Hyoun
    • KIPS Transactions on Computer and Communication Systems
    • /
    • v.4 no.4
    • /
    • pp.135-140
    • /
    • 2015
  • The WDSS improves defensive capacity against web application layer DDoS attack by using web cache server and L7 switch which are added on the DDoS shelter system. When web DDoS attack occurs, security agents divert traffic from backbone network to sub-network of the WDSS and then DDoS protection device and L7 switch block abnormal packets. In the meantime, web cache server responds only to requests of normal clients and maintains stable web service. In this way, the WDSS can counteract the web DDoS attack which generates small traffic and depletes server-client session resource. Furthermore, the WDSS does not require IP tunneling because it is not necessary to retransfer the normal requests to original web server. In this paper, we validate operation of the WDSS and verify defensive capability against web application layer DDoS attacks. In order to do this, we built the WDSS on backbone network of an ISP. And we performed web DDoS tests by using a testing system that consists of zombie PCs. The tests were performed by three types and various amounts of web DDoS attacks. Test results suggest that the WDSS can detect small traffic of the web DDoS attacks which do not have repeat flow whereas the formal DDoS shelter system cannot.

Respond System for Low-Level DDoS Attack (저대역 DDoS 공격 대응 시스템)

  • Lee, Hyung-Su;Park, Jae-Pyo
    • Journal of the Korea Academia-Industrial cooperation Society
    • /
    • v.17 no.10
    • /
    • pp.732-742
    • /
    • 2016
  • This study suggests methods of defense against low-level high-bandwidth DDoS attacks by adding a solution with a time limit factor (TLF) to an existing high-bandwidth DDoS defense system. Low-level DDoS attacks cause faults to the service requests of normal users by acting as a normal service connection and continuously positioning the connected session. Considering this, the proposed method makes it possible for users to show a down-related session by considering it as a low-level DDoS attack if the abnormal flow is detected after checking the amount of traffic. However, the service might be blocked when misjudging a low-level DDoS attack in the case of a communication fault resulting from a network fault, even with a normal connection status. Thus, we made it possible to reaccess the related information through a certain period of blocking instead of a drop through blacklist. In a test of the system, it was unable to block the session because it recognized sessions that are simply connected with a low-level DDoS attack as a normal communication.

DDoS attack traffic through the analysis of responses to research (트래픽 분석을 통한 DDoS 공격에 대한 대응책 연구)

  • Hong, Sunghyuck
    • Journal of Convergence Society for SMB
    • /
    • v.4 no.3
    • /
    • pp.1-6
    • /
    • 2014
  • DDoS (Distributed Denial Service, Distributed Service) attacks are being generated for a constant threat on the Internet, countermeasures for this have been proposed. However, the problem has become an increasingly effective instruction in any Measures are a variety of attacks and sophisticated attacks. Attackers can change a steady attack tools to respond to these, the experts as a countermeasure to this constantly research for a fresh attack. This paper is to introduce countermeasures to DDoS recent representative examples of 7.7DDoS and look for 3.3DDoS existing types of DDoS attacks increased PPS attacks, high traffic sent, web service delay and router and firewall settings, applications and to describe the DDoS countermeasures research by certification, is so that you can plan effectively for the future DDoS attacks proposed method.

  • PDF

지상 최대의 화두, DDoS 공격을 막아라

  • Korea Information Security Agency
    • 정보보호뉴스
    • /
    • /
    • pp.12-16
    • /
    • 2008
  • DDoS(Distributed Denial of Service) 공격이 정보보호 분야의 최대 뉴스 메이커로 떠올랐다. 실제로, 지난 3월 13일 민간 기업 및 기관 정보보호 담당자들이 모인 2008년 한해 정보보호 이슈를 전망해 보는 'CONCERT FORECAST 2008-기업 정보보호 이슈 전망'에서 기업 정보보호 담당자들은 DDoS 공격을 최대 이슈로 꼽는데 주저하지 않을 만큼 DDoS 공격은 더 이상 '남의 집 불구경'이 아닌 것이 돼 버렸다. 하지만 공론화되는 DDoS에 대한 이슈만큼이나 정보보호 관계자들을 답답하게 하는 것은 DDoS 공격에 대해 아직까지 국내는 물론, 해외에서 조차 속 시원한 해법을 내놓는 전문가가 없다는 점이다. 이번 호에서는 DDoS 공격에 대해 기업, ISP, IDC 등에서 마련하고 있는 DDoS 대응현황을 살펴보고자 한다.

  • PDF

Policy Based DDoS Attack Mitigation Methodology (정책기반의 분산서비스거부공격 대응방안 연구)

  • Kim, Hyuk Joon;Lee, Dong Hwan;Kim, Dong Hwa;Ahn, Myung Kil;Kim, Yong Hyun
    • Journal of KIISE
    • /
    • v.43 no.5
    • /
    • pp.596-605
    • /
    • 2016
  • Since the Denial of Service Attack against multiple targets in the Korean network in private and public sectors in 2009, Korea has spent a great amount of its budget to build strong Internet infrastructure against DDoS attacks. As a result of the investments, many major governments and corporations installed dedicated DDoS defense systems. However, even organizations equipped with the product based defense system often showed incompetency in dealing with DDoS attacks with little variations from known attack types. In contrast, by following a capacity centric DDoS detection method, defense personnel can identify various types of DDoS attacks and abnormality of the system through checking availability of service resources, regardless of the types of specific attack techniques. Thus, the defense personnel can easily derive proper response methods according to the attacks. Deviating from the existing DDoS defense framework, this research study introduces a capacity centric DDoS detection methodology and provides methods to mitigate DDoS attacks by applying the methodology.

A DDoS Attack Test, Analysis and Mitigation Method in Real Networks (DDoS 공격 실험 결과, 분석 및 피해 완화 방안)

  • Yang, Jin-Seok;Kim, Hyoung-Chun;Chung, Tai-Myoung
    • KIPS Transactions on Computer and Communication Systems
    • /
    • v.2 no.3
    • /
    • pp.125-132
    • /
    • 2013
  • In this paper, We send DDoS(Distributed Denial of Service) attack traffic to real homepages in real networks. We analyze the results of DDoS attack and propose mitigation method against DDoS Attacks. In order to analyze the results of DDoS Attacks, We group three defense level by administrative subjects: Top level defense, Middle level defense, Bottom level defense. Also We group four attack methods by feature. We describe the results that average of attack success rate on defense level and average of attack success rate on attack categories about 48ea homepages and 2ea exceptional cases. Finally, We propose mitigation method against DDoS attack.

Method of Preventing DDoS Using Proxy Server Group and Dynamic DNS (Proxy Server Group과 Dynamic DNS를 이용한 DDoS 방어 구축 방안)

  • Shin, Sang Il;Kim, Min Su;Lee, DongHwi
    • Convergence Security Journal
    • /
    • v.12 no.6
    • /
    • pp.101-106
    • /
    • 2012
  • As the existing strategy of preventing DDoS(Distributed Denial of Service) attacks has limitations, this study is intended to suggest the more effective method of preventing DDoS attacks which reduces attack power and distributes attack targets. Currently, DDoS attacks have a wide range of targets such as individuals, businesses, labs, universities, major portal sites and financial institutions. In addition, types of attacks change from exhausting layer 3, network band to primarily targeting layer 7. In response to DDoS attacks, this study suggests how to distribute and decrease DDoS threats effectively and efficiently using Proxy Server Group and Dynamic DNS.