|
|
Slow rate DoS attacks independent of application layer protocol
Richter, Dominik ; Münster, Petr (referee) ; Sikora, Marek (advisor)
This bachelor thesis is focused on the development of a generator of Slow DoS attacks independent of the application layer protocol and a system capable of detecting these attacks. These attacks are characterized by the use of very low bandwidth and similarities to legitimate user traffic on the network. This makes them very effective and difficult to detect. In addition, they can be applied to multiple ISO/OSI application layer protocols, such as FTP, SSH, or HTTP. Specifically, the work deals with Slowcomm, Slow Next and SlowReq attacks. In the introduction, the reader is introduced to three application layer protocols, on which the implemented attacks will be presented and tested. Next, the individual Slow DoS attacks and the procedure of their implementation in the test environment are described in more detail. Subsequently, an IDS detection system was created, which is able to detect the ongoing attack generated by the created generator. Its implementation was also described. The results show that Slow DoS attacks are able to prevent access to the target service faster and more effectively than conventional flood attacks. The detection system, on the other hand, is able to detect them.
|
|
|
Advanced generator of modern Slow DoS attacks
Trávník, Kryštof ; Blažek, Petr (referee) ; Sikora, Marek (advisor)
This thesis deals with the development of a modular generator for slow denial-of-service attacks. The theoretical part discusses in detail the evolution of the HTTP protocol, denial of service attacks, selected slow denial of service attacks and finally mentions some existing generators. It is possible to add any number of additional scripts to the created generator, to which a graphical interface is automatically created. The attacks can be further extended to a distributed version using the created bots, which are controlled thanks to the master-slave protocol proposed in this work. During the attack, statistics are generated and presented in real time within the graphical interface or after the attack is completed.
|
|
|
Advanced generator of modern Slow DoS attacks
Trávník, Kryštof ; Blažek, Petr (referee) ; Sikora, Marek (advisor)
This thesis deals with the development of a modular generator for slow denial-of-service attacks. The theoretical part discusses in detail the evolution of the HTTP protocol, denial of service attacks, selected slow denial of service attacks and finally mentions some existing generators. It is possible to add any number of additional scripts to the created generator, to which a graphical interface is automatically created. The attacks can be further extended to a distributed version using the created bots, which are controlled thanks to the master-slave protocol proposed in this work. During the attack, statistics are generated and presented in real time within the graphical interface or after the attack is completed.
|
|
|
Analysis And Detection Of Slowcomm And Slownext Dos Attacks
Sikora, Marek
This paper describes the proposal of Slowcomm and Slow Next attack models and theirimplementation. The attack generator is used to discover the vulnerabilities of several Internet servicesin an experimental network. Based on the described characteristics of attacks, these attacks’detection methods are investigated and implemented as an intrusion detection system (IDS).
|
|
|
Slow rate DoS attacks independent of application layer protocol
Richter, Dominik ; Münster, Petr (referee) ; Sikora, Marek (advisor)
This bachelor thesis is focused on the development of a generator of Slow DoS attacks independent of the application layer protocol and a system capable of detecting these attacks. These attacks are characterized by the use of very low bandwidth and similarities to legitimate user traffic on the network. This makes them very effective and difficult to detect. In addition, they can be applied to multiple ISO/OSI application layer protocols, such as FTP, SSH, or HTTP. Specifically, the work deals with Slowcomm, Slow Next and SlowReq attacks. In the introduction, the reader is introduced to three application layer protocols, on which the implemented attacks will be presented and tested. Next, the individual Slow DoS attacks and the procedure of their implementation in the test environment are described in more detail. Subsequently, an IDS detection system was created, which is able to detect the ongoing attack generated by the created generator. Its implementation was also described. The results show that Slow DoS attacks are able to prevent access to the target service faster and more effectively than conventional flood attacks. The detection system, on the other hand, is able to detect them.
|
guest ::
