Abstract
We are browsing many websites on mobile devices and computers through public websites every day. Some of them may contain risky information or commands that could attack our computers and steal personal data from us, so the security of the internet is a significant problem that needs to be faced nowadays. Wireshark is a powerful software which is a free and open-source packet analyzer. It could provide all useful information such as communications protocol and troubleshooting about every link we browsed. It could detect many protocols and never lose or drop out packets. We are going to detect attacks based on the feature of communication from Wireshark. Spy the packet which is malicious.
In this project, we will understand and analyze DoS and DDoS. After that, we used the ns-3 simulator to simulate low rate DoS attacks using two different scenarios with Drop Tail Algorithm. We also used LOIC to simulate flood DDoS attacks, targeting computers, website and router with different port types, TCP, UDP and HTTP.
After simulating the attacks, we will capture it by Wireshark. By observing and analyzing the result, we can know the attacked time, what is attacked: server, router or computer; attacked method, and attacked address. We can also know the throughput and time of the attack.
References:
​
​
[1] D. Puthal, S. P. Mohanty, P. Nanda and U. Choppali, "Building Security Perimeters to Protect Network Systems Against Cyber Threats [Future Directions]," in IEEE Consumer Electronics Magazine, vol. 6, no. 4, pp. 24-27, Oct. 2017. [Accessed April 17, 2020]
[2] “Firewall.cx,” [Online]. Available: http://www.firewall.cx/general-topics-reviews/network-protocol-analyzers/1224-performing-tcp-syn-flood-attack-and-detecting-it-with-wireshark.html [Accessed April 17, 2020]
[3] F. Lau, S. H. Rubin, M. H. Smith, and Lj. Trajkovic, "Distributed denial of service attacks," (invited paper) in Proc. IEEE Int. Conf. on Systems, Man, and Cybernetics, SMC 2000, Nashville, TN, Oct. 2000, pp. 2275-2280 [Accessed April 17, 2020]
[4] Herald Sun. "Hackers steal 6.5 million passwords from LinkedIn". June 8, 2012.[Online] Available: https://www.heraldsun.com.au/subscribe/news/1/?sourceCode=HSWEB_WRE170_a&dest=https%3A%2F%2Fwww.heraldsun.com.au%2Farchive%2Fnews%2Fhackers-steal-65-million-linkedin-passwords%2Fnews-story%2Fe35e8075438650427cc1a9100e98ac40&memtype=anonymous&mode=premium [Accessed April 17, 2020]
[5] J.Fruhlinger, “What is a cyber attack?” 2020. Available: https://www.csoonline.com/article/3237324/what-is-a-cyber-attack-recent-examples-show-disturbing-trends.html [Accessed April 17, 2020]
[6] “LOIC,” [Online]. Available: https://sourceforge.net/projects/loic/ [Accessed April 17, 2020]
[7] Mike Chapple, “Using Wireshark to monitor and secure your network,” 2008. Available: https://www.computerweekly.com/news/1280099499/Using-Wireshark-to-monitor-and-secure-your-network [Accessed: March 8 2020]
[8] “ns-3,” [Online] Available: https://www.nsnam.org/docs/release/3.29/tutorial/ns-3-tutorial.pdf [Accessed April 17, 2020]
[9] RadioLiberty. "U.S. Charges Russian Hacker With Stealing LinkedIn Data". October 22, 2016.[Online] Available: https://www.rferl.org/a/us-charges-russian-hacker-nikulin-stealing-date-linkedin-san-francisco-dropbox-formspring-/28068596.html[Accessed April 17, 2020]
[10] 2016. [Online]. Available: https://www.polyas.de/blog/en/online-elections/security/dangerous-router-ddos-attacks-internet-things [Accessed April 17, 2020]
[11] 2017. [Online]. Available: https://www.researchgate.net/figure/275594356_fig7_Operation-of-a-drop-tail-queue-under-the-fluid-model-simulation. [Accessed April 17, 2020]
[12] “Simulating Low-rate TCP Dos Attacks under ns-3,” 2019. [Online] Available: https://www.projectguideline.com/simulating-low-rate-tcp-dos-attacks-under-ns3/