• Title, Summary, Keyword: DDoS

Search Result 382, Processing Time 0.036 seconds

Research of Anti-DDoS SW Efficiency Test (Anti-DDoS SW 성능평가에 관한 연구)

  • Lee, Jae-Guen;Jo, In-June;Shin, Seok-Kyoo;Kim, Sun-Joo
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • /
    • pp.363-367
    • /
    • 2009
  • From the recent, an big issue of the internet attack is DDoS(Distributed Denial of Service). Some government agencies and companies will buy Anti-DDoS SW for protect their their network system form DDoS attack. But We don't have any objective valuation standard of Anti-DDoS SW. So When you try to buy an Anti-DDoS SW, you can get only subjective Anti-DDoS SW information which from Anti-DDoS SW vender. Anti-DDoS SW market is getting bigger, so market needs objective valuation standard of Anti-DDoS SW for a fair evaluation. In this paper, we describe a part of Anti-DDoS SW performance tests in valuation standard of Anti-DDoS SW.

  • PDF

A study of Modeling and Simulation for Analyzing DDoS Attack Damage Scale and Defence Mechanism Expense (DDoS 공격 피해 규모 및 대응기법 비용분석을 위한 모델링 및 시뮬레이션 기술연구)

  • Kim, Ji-Yeon;Lee, Ju-Li;Park, Eun-Ji;Jang, Eun-Young;Kim, Hyung-Jong
    • Journal of the Korea Society for Simulation
    • /
    • v.18 no.4
    • /
    • pp.39-47
    • /
    • 2009
  • Recently, the threat of DDoS attacks is increasing and many companies are planned to deploy the DDoS defense solutions in their networks. The DDoS attack usually transmits heavy traffic data to networks or servers and they cannot handle the normal service requests because of running out of resources. Since it is very hard to prevent the DDoS attack beforehand, the strategic plan is very important. In this work, we have conducted modeling and simulation of the DDoS attack by changing the number of servers and estimated the duration that services are available. In this work, the modeling and simulation is conducted using OPNET Modeler. The simulation result can be used as a parameter of trade-off analysis of DDoS defense cost and the service's value. In addition, we have presented a way of estimating the cost effectiveness in deployment of the DDoS defense system.

  • PDF

BMT Derivation of Evaluation Item about Anti-DDoS SW (Anti-DDoS SW BMT 평가항목 도출)

  • Shin, Suk-Jo;Lee, Jae-Guen;Jo, In-June;Shin, Seok Kyoo
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • /
    • pp.375-378
    • /
    • 2009
  • DDoS attacks make people can't using normal internet service, because DDoS attacks cause exhaustion of network bandwidth or exhaustion of computer system resources by using many personal computers or servers which already infected computer virus from hackers. Recent DDoS attacks attack government brach, financial institution, even IT security company. IT security companies make Anti-DDoS product for defense from DDoS attack. But, There is no standard for BMT of Anti-DDoS product. In this dissertation, Anti-DDoS product quality characteristics of the survey analysis to evaluate them by comparing the assessment items were derived.

  • PDF

Implementation and Validation of the Web DDoS Shelter System(WDSS) (웹 DDoS 대피소 시스템(WDSS) 구현 및 성능검증)

  • Park, Jae-Hyung;Kim, Kang-Hyoun
    • KIPS Transactions on Computer and Communication Systems
    • /
    • v.4 no.4
    • /
    • pp.135-140
    • /
    • 2015
  • The WDSS improves defensive capacity against web application layer DDoS attack by using web cache server and L7 switch which are added on the DDoS shelter system. When web DDoS attack occurs, security agents divert traffic from backbone network to sub-network of the WDSS and then DDoS protection device and L7 switch block abnormal packets. In the meantime, web cache server responds only to requests of normal clients and maintains stable web service. In this way, the WDSS can counteract the web DDoS attack which generates small traffic and depletes server-client session resource. Furthermore, the WDSS does not require IP tunneling because it is not necessary to retransfer the normal requests to original web server. In this paper, we validate operation of the WDSS and verify defensive capability against web application layer DDoS attacks. In order to do this, we built the WDSS on backbone network of an ISP. And we performed web DDoS tests by using a testing system that consists of zombie PCs. The tests were performed by three types and various amounts of web DDoS attacks. Test results suggest that the WDSS can detect small traffic of the web DDoS attacks which do not have repeat flow whereas the formal DDoS shelter system cannot.

Respond System for Low-Level DDoS Attack (저대역 DDoS 공격 대응 시스템)

  • Lee, Hyung-Su;Park, Jae-Pyo
    • Journal of the Korea Academia-Industrial cooperation Society
    • /
    • v.17 no.10
    • /
    • pp.732-742
    • /
    • 2016
  • This study suggests methods of defense against low-level high-bandwidth DDoS attacks by adding a solution with a time limit factor (TLF) to an existing high-bandwidth DDoS defense system. Low-level DDoS attacks cause faults to the service requests of normal users by acting as a normal service connection and continuously positioning the connected session. Considering this, the proposed method makes it possible for users to show a down-related session by considering it as a low-level DDoS attack if the abnormal flow is detected after checking the amount of traffic. However, the service might be blocked when misjudging a low-level DDoS attack in the case of a communication fault resulting from a network fault, even with a normal connection status. Thus, we made it possible to reaccess the related information through a certain period of blocking instead of a drop through blacklist. In a test of the system, it was unable to block the session because it recognized sessions that are simply connected with a low-level DDoS attack as a normal communication.

DDoS attack traffic through the analysis of responses to research (트래픽 분석을 통한 DDoS 공격에 대한 대응책 연구)

  • Hong, Sunghyuck
    • Journal of Convergence Society for SMB
    • /
    • v.4 no.3
    • /
    • pp.1-6
    • /
    • 2014
  • DDoS (Distributed Denial Service, Distributed Service) attacks are being generated for a constant threat on the Internet, countermeasures for this have been proposed. However, the problem has become an increasingly effective instruction in any Measures are a variety of attacks and sophisticated attacks. Attackers can change a steady attack tools to respond to these, the experts as a countermeasure to this constantly research for a fresh attack. This paper is to introduce countermeasures to DDoS recent representative examples of 7.7DDoS and look for 3.3DDoS existing types of DDoS attacks increased PPS attacks, high traffic sent, web service delay and router and firewall settings, applications and to describe the DDoS countermeasures research by certification, is so that you can plan effectively for the future DDoS attacks proposed method.

  • PDF

Method of Preventing DDoS Using Proxy Server Group and Dynamic DNS (Proxy Server Group과 Dynamic DNS를 이용한 DDoS 방어 구축 방안)

  • Shin, Sang Il;Kim, Min Su;Lee, DongHwi
    • Convergence Security Journal
    • /
    • v.12 no.6
    • /
    • pp.101-106
    • /
    • 2012
  • As the existing strategy of preventing DDoS(Distributed Denial of Service) attacks has limitations, this study is intended to suggest the more effective method of preventing DDoS attacks which reduces attack power and distributes attack targets. Currently, DDoS attacks have a wide range of targets such as individuals, businesses, labs, universities, major portal sites and financial institutions. In addition, types of attacks change from exhausting layer 3, network band to primarily targeting layer 7. In response to DDoS attacks, this study suggests how to distribute and decrease DDoS threats effectively and efficiently using Proxy Server Group and Dynamic DNS.

지상 최대의 화두, DDoS 공격을 막아라

  • Korea Information Security Agency
    • 정보보호뉴스
    • /
    • /
    • pp.12-16
    • /
    • 2008
  • DDoS(Distributed Denial of Service) 공격이 정보보호 분야의 최대 뉴스 메이커로 떠올랐다. 실제로, 지난 3월 13일 민간 기업 및 기관 정보보호 담당자들이 모인 2008년 한해 정보보호 이슈를 전망해 보는 'CONCERT FORECAST 2008-기업 정보보호 이슈 전망'에서 기업 정보보호 담당자들은 DDoS 공격을 최대 이슈로 꼽는데 주저하지 않을 만큼 DDoS 공격은 더 이상 '남의 집 불구경'이 아닌 것이 돼 버렸다. 하지만 공론화되는 DDoS에 대한 이슈만큼이나 정보보호 관계자들을 답답하게 하는 것은 DDoS 공격에 대해 아직까지 국내는 물론, 해외에서 조차 속 시원한 해법을 내놓는 전문가가 없다는 점이다. 이번 호에서는 DDoS 공격에 대해 기업, ISP, IDC 등에서 마련하고 있는 DDoS 대응현황을 살펴보고자 한다.

  • PDF

A DDoS Attack Test, Analysis and Mitigation Method in Real Networks (DDoS 공격 실험 결과, 분석 및 피해 완화 방안)

  • Yang, Jin-Seok;Kim, Hyoung-Chun;Chung, Tai-Myoung
    • KIPS Transactions on Computer and Communication Systems
    • /
    • v.2 no.3
    • /
    • pp.125-132
    • /
    • 2013
  • In this paper, We send DDoS(Distributed Denial of Service) attack traffic to real homepages in real networks. We analyze the results of DDoS attack and propose mitigation method against DDoS Attacks. In order to analyze the results of DDoS Attacks, We group three defense level by administrative subjects: Top level defense, Middle level defense, Bottom level defense. Also We group four attack methods by feature. We describe the results that average of attack success rate on defense level and average of attack success rate on attack categories about 48ea homepages and 2ea exceptional cases. Finally, We propose mitigation method against DDoS attack.

A Study of Client Side Defence Method of UDP/ICMP Attack (UDP/ICMP 플러딩 공격에 대한 클라이언트 측 방어 기법 연구)

  • Kim, Dong-Hoon;Lee, Ki-Young
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • /
    • pp.667-669
    • /
    • 2012
  • Traditional DDoS defence methods are performed at server side which was attacked. If servers detect DDoS attack, they use some methods for defending the attack such as increasing the bandwidth, bypassing the traffic, blocking the IP addresses or blocking the ports by the firewall. But as lots of people use smart-phones, it is possible a smart-phone to be a zombie and DDoS attack could be much more a huge and powerful forms than now. Victims are not only a server but also a host which becomes a zombie. While it performs DDoS attack, zombie smart-phone users have to pay the extra charge. After finish the attack, DDoS try to destroy hard drives of zombie hosts. Therefore the situation is changed rather than to defend DDoS server side only, we should protect a client side who needs to prevent DDoS attacks. In this paper, we study a defence method that we terminates a process which perform the attack, send the information to different hosts when a zombie PC or smart-phone perform DDoS attacks.

  • PDF