Analysis of UDP DDoS flood cyber attack and defense mechanisms on Web Server with Linux Ubuntu 13

Author

Kolahi, Samad S. ; Treseangrat, Kiattikul ; Sarrafpour, Bahman

Author_Institution

Dept. of Comput., Unitec Inst. of Technol., Auckland, New Zealand

fYear

2015

fDate

17-19 Feb. 2015

Firstpage

1

Lastpage

5

Abstract

Denial of Service (DoS) attacks is one of the major threats and among the hardest security problems in the Internet world. Of particular concern are Distributed Denial of Service (DDoS) attacks, whose impact can be proportionally severe. With little or no advance warning, an attacker can easily exhaust the computing resources of its victim within a short period of time. In this paper, we study the impact of a UDP flood attack on TCP throughput, round-trip time, and CPU utilization for a Web Server with the new generation of Linux platform, Linux Ubuntu 13. This paper also evaluates the impact of various defense mechanisms, including Access Control Lists (ACLs), Threshold Limit, Reverse Path Forwarding (IP Verify), and Network Load Balancing. Threshold Limit is found to be the most effective defense.

Keywords

Internet; Linux; authorisation; computer network security; file servers; transport protocols; ACL; CPU utilization; IP Verify; Internet world; Linux Ubuntu 13; Linux platform; TCP throughput; UDP DDoS flood cyber attack; Web server; access control lists; defense mechanisms; distributed denial of service attacks; network load balancing; reverse path forwarding; round-trip time; security problems; threshold limit; Computer crime; Computers; Floods; IP networks; Linux; Throughput; Web servers;

fLanguage

English

Publisher

ieee

Conference_Titel

Communications, Signal Processing, and their Applications (ICCSPA), 2015 International Conference on

Conference_Location

Sharjah

Type

conf

DOI

10.1109/ICCSPA.2015.7081286

Filename

7081286