Testing Document - DDOS Traffic Shaping Simulator



Similar documents
Denial of Service Attacks and Countermeasures. Extreme Networks, Inc. All rights reserved. ExtremeXOS Implementing Advanced Security (EIAS)

Acquia Cloud Edge Protect Powered by CloudFlare

CloudFlare advanced DDoS protection

Edge Configuration Series Reporting Overview

CCNA Discovery Networking for Homes and Small Businesses Student Packet Tracer Lab Manual

A Secure Intrusion detection system against DDOS attack in Wireless Mobile Ad-hoc Network Abstract

How To Block A Ddos Attack On A Network With A Firewall

Distributed Denial of Service(DDoS) Attack Techniques and Prevention on Cloud Environment

Windows 2003 Performance Monitor. System Monitor. Adding a counter

LUCOM GmbH * Ansbacher Str. 2a * Zirndorf * Tel / * Fax / *

CS5008: Internet Computing

Internet Firewall CSIS Packet Filtering. Internet Firewall. Examples. Spring 2011 CSIS net15 1. Routers can implement packet filtering

Seminar Computer Security

Analysis of a DDoS Attack

Strategies to Protect Against Distributed Denial of Service (DD

DoS: Attack and Defense

An Anomaly-Based Method for DDoS Attacks Detection using RBF Neural Networks

Availability Digest. Prolexic a DDoS Mitigation Service Provider April 2013

WHITE PAPER. FortiGate DoS Protection Block Malicious Traffic Before It Affects Critical Applications and Systems

Reducing the Impact of Amplification DDoS Attack

FortiDDos Size isn t everything

Firewalls and Intrusion Detection

DDoS Mitigation Solutions

Measuring Wireless Network Performance: Data Rates vs. Signal Strength

Cisco PIX vs. Checkpoint Firewall

Configuring Health Monitoring Using Health Probes

IxLoad-Attack: Network Security Testing

EventSentry Overview. Part I About This Guide 1. Part II Overview 2. Part III Installation & Deployment 4. Part IV Monitoring Architecture 13

Detection of Distributed Denial of Service Attack with Hadoop on Live Network

Web Application Testing. Web Performance Testing

DNS amplification attacks

Guide to DDoS Attacks December 2014 Authored by: Lee Myers, SOC Analyst

Survey on DDoS Attack in Cloud Environment

ASTERIX Format Analysis and Monitoring Tool

MANAGING NETWORK COMPONENTS USING SNMP

Automated Mitigation of the Largest and Smartest DDoS Attacks

Survey on DDoS Attack Detection and Prevention in Cloud

Arbor s Solution for ISP

InsightPower Client. Shutdown Management Software for Windows 2000/XP/2003. User s Manual

Business Case for Data Center Network Consolidation

Automated Mitigation of the Largest and Smartest DDoS Attacks

Overview. Firewall Security. Perimeter Security Devices. Routers

/ Staminus Communications

Chapter 28 Denial of Service (DoS) Attack Prevention

TDC s perspective on DDoS threats

Monitoring Traffic manager

19. Exercise: CERT participation in incident handling related to the Article 13a obligations

SNMP-NET Client Shutdown Management Software for Windows 2000/XP/2003 User s Manual

Distributed Denial of Service Attacks & Defenses

Appendix A: Configuring Firewalls for a VPN Server Running Windows Server 2003

Recommended QoS Configuration Settings for. Dell SonicWALL SOHO Router

DRDoS Attacks: Latest Threats and Countermeasures. Larry J. Blunk Spring 2014 MJTS 4/1/2014

IP Filter/Firewall Setup

Ball Aerospace s COSMOS Open Source Test System

Many network and firewall administrators consider the network firewall at the network edge as their primary defense against all network woes.

AntiDDoS1000 DDoS Protection Systems

NAS 272 Using Your NAS as a Syslog Server

Wharf T&T Limited DDoS Mitigation Service Customer Portal User Guide

VALIDATING DDoS THREAT PROTECTION

Network/Floating License Installation Instructions

Efficacy of Live DDoS Detection with Hadoop

A Novel Distributed Denial of Service (DDoS) Attacks Discriminating Detection in Flash Crowds

Federal Computer Incident Response Center (FedCIRC) Defense Tactics for Distributed Denial of Service Attacks

V-ISA Reputation Mechanism, Enabling Precise Defense against New DDoS Attacks

Huawei Network Edge Security Solution

Testing Network Security Using OPNET

The irnetbox Manager User Guide

Lab 1: Evaluating Internet Connection Choices for a Small Home PC Network

Data Sheet. DPtech Anti-DDoS Series. Overview

Securing Networks with PIX and ASA

Protect your network: planning for (DDoS), Distributed Denial of Service attacks

How To Connect Xbox 360 Game Consoles to the Router by Ethernet cable (RJ45)?

CiscoWorks Internetwork Performance Monitor 4.0

How to launch and defend against a DDoS

nfdump and NfSen 18 th Annual FIRST Conference June 25-30, 2006 Baltimore Peter Haag 2006 SWITCH

DDoS Overview and Incident Response Guide. July 2014

Configure A VoIP Network

Configuring Static and Dynamic NAT Simultaneously

Virtualized Open-Source Network Security Appliance

Recording Supervisor Manual Presence Software

NetFlow Analytics for Splunk

DDoS Protection Technology White Paper

Firewall Design Principles

Using Fuzzy Logic Control to Provide Intelligent Traffic Management Service for High-Speed Networks ABSTRACT:

The Process Guidelines should be used in conjunction with the standard OUM process guidelines when using Testing and Quality Management Tools.

WHITE PAPER September CA Nimsoft For Network Monitoring

Firewall Introduction Several Types of Firewall. Cisco PIX Firewall

co Characterizing and Tracing Packet Floods Using Cisco R

User Guide. SUSIAccess. Remote Device Management

JUNOS DDoS SECURE. Advanced DDoS Mitigation Technology

PROFESSIONAL SECURITY SYSTEMS

Procedure: You can find the problem sheet on Drive D: of the lab PCs. Part 1: Router & Switch

CSE 3482 Introduction to Computer Security. Denial of Service (DoS) Attacks

WHITE PAPER AUTOMATED, REAL-TIME RISK ANALYSIS AND REMEDIATION

Dual Mechanism to Detect DDOS Attack Priyanka Dembla, Chander Diwaker 2 1 Research Scholar, 2 Assistant Professor

Generating Load from the Cloud Handbook

Security Labs in OPNET IT Guru

How To Create A Network Monitoring System (Flowmon) In Avea-Tech (For Free)

Transcription:

Testing Document - DDOS Traffic Shaping Simulator Authors Inbar Shabi Anatoly Cherner

1. Functional Requirements 1.1 Client 1.1.1 Graphical presentation of virtual network # Requirement Test Expected Result 1 Defining target/s computer to attack The user will define target computer in the *.ini file (configuration file). Special icon will symbolize the target computer and attack will be pointed towards it. 2 Network illustration Load trough the simulator a *. Net file with the routers and edges appropriate detail, as the file structure. network illustration should look as follows: The core, edge, and access routers are illustrated explicitly (by icons). The computers connected to the access routers are illustrated by clouds. The bots and target computers are illustrated by icons, and are explicitly connected to the access routers. 1.1.2 Simulation controllers and tools # Requirement Test Expected Result 3 Load 4 Configure Press on the load file button Load the simulator s configuration files: - *.ini - *.net 1. Change one of the scenario properties (Attack type, Start/end attack tu, Attack Client will load the scenario and the following will be shown: - Network graph - Network s routers - Attackers, targets computer (in clouds). The scenario properties have been changed according to the user choice.

5 Display statistics 6 Start 7 Pause 8 Rewind 9 Forward frequency, Num of attackers, Target s policy, Filtering routers) in *.ini file. 2. Load the file and check whether the configurations changed. 1. Start the scenario. 2. Check that the statistics (at the right panel) are being updated. Press on the start button. Press on the pause button. Press on the Rewind button. Press on the forward button. At the Gui right panel, presentation of statistics about: - Traffic in the network - Filtering routers - The target computer Are being displayed in a real-time presentation. The will start, and packets will start moving in the network graph. The will pause and the network animation will be freeze. After pressing this button, the will run backward. After pressing this button, the will run forward. 1.2 Server # Requirement Test Expected Result 10 load network Provide the server a *.net file with the same pattern as described in ADD. Server will simulate and create a network with all hardware devices: edge, core and access routers connected by links. 11 load configuration file 12 Legitimate traffic 13 Creating DDos attacks Provide the server a *.ini file with the same pattern as described in ADD. Define legal traffic in the *.ini file. Define one attack traffic (udp/ tcp/ icmp/ smurf/ fraggle/ Server will create the appropriate attack and legal objects with attackers, targets and legitimate hosts. The server will create and simulate legal botnet object. Server will create the appropriate attack as described in *.ini file.

14 Parallel attacks 15 filtering algorithms 16 Filtering policy 17 Filtering algorithms as plug-ins 18 output Statistic data TcpSyn/ pushack) in the *.ini file. Define more than one attack traffic (udp/ tcp/ icmp/ smurf/ fraggle/ TcpSyn/ pushack) in the *.ini file. Define in the *.ini file, one of the filtering algorithms (none, online, offline) on the routers. There is attribute in the *.ini file to define the target policy vector. Add a filtering algorithm class to the server. Load the simulator till the attacks will finish Server will create the appropriate attack as described in *.ini file. - Each of the filtering routers will be defined as in the file. - Only online algorithm will work as predicted, the rest two ( none and online ) will work as mock up. The policy vector/s by which the organization should filter the traffic in the network. It will be included in the *.ini file. The filtering algorithm will be executed with no problem and the expected result of the algorithm will occurred. Three *.csv files will be created and will contain the statistics about: tu, target computers and filtering routers. Online algorithm testing We have defined specific routers to run the online algorithm (and the rest routers other one). We calculate the expected amount of packets to reach the target computer and then check it by output files and debug-mode in the server side. Statistics testing In order to test the correctness of the statistics calculations: - We have run different attack scenarios with specified policy vector. - Calculate the expected result. - Check in the output files (*.csv files) that the results are as expected. ** Those testing made together with Polina Zilberman and the test example are attached to this document.

2. Non Functional Requirements 2.1 Testing system speed Test: In order to check that the system requirements are fulfilled, we measured by timer the time it takes to load the application. Expected result: it takes less than 1 min to load the application. 2.2 Testing system capacity Test: try to run the with more than one *.net files each scenario. Expected result: the option to add another one is not possible. Test: try run the with different *.net files contains up to 400 routers. Expected result: they loaded correctly. Test: press the rewind/forward option Expected result: the GUI shows the previous/future sessions respectively. 2.3 Testing system throughput Test: run the and check the statistics GUI and output files. Expected result: The *.csv output files and GUI present statistics each time unit (the time unit is show in the output files). 2.4 Testing system usability Test: deliver the prototype of the system to the users and examine their opinion and advices for making the much more usability. Expected result: the user is satisfied. 3. Unit testing During our code process we have created small functions to test the method we build. After each change in code, we executed those functions and verified that the changes didn t affect the old functionality. 4. User interface testing We test the UI manually by verifying each button reacts correctly to the required functionality.

5. Integration testing We define an interface between the client and server modules. Each function that sends data to the client was internal checked in the server and in client also. The client outputs the server messages so it easy to track any defects or uncorrected data sends.

6. Appendix Example scenarios (both use the same test.net ) Test.net ===================================================================== *Vertices 9 1 'V1' 200.0 130.0 2 'V2' 220.0 100.0 3 'V3' 300.0 170.0 4 'V4' 320.0 140.0 5 'V5' 370.0 250.0 6 'V6' 400.0 300.0 7 'V7' 350.0 350.0 8 'V8' 450.0 350.0 9 'V9' 450.0 220.0 *Edges 1 2 100000000 1 3 100000000 2 3 100000000 2 4 100000000 3 5 100000000 4 6 100000000 5 7 100000000 1 8 100000000 8 9 100000000 *NetworkDevice 1 Core 2 Core 3 Core 4 Edge 5 Edge 6 Access 7 Access 8 Edge 9 Access *PC_Access 6 100 7 100 9 1 *Backplan

1 100000000 2 100000000 3 100000000 4 100000000 5 100000000 6 100000000 7 100000000 8 100000000 9 100000000 ===================================================================== testini_0.ini *LegalTraffic: IdOfBotnet,Type, Frequency, Start, End, CpuUsage, MemoryUsage 1 tcpsyn 10 0 99 0 0 *BotnetAttack: Type, Frequency, Start, End, CpuUsage, MemoryUsage 2 tcp 10 0 99 0 0 *BotnetAccessTarget 1 <9,1> 2 <9,1> *BotnetAccessZombie 1 <6,5> <7,3> 2 <6,5> <7,7> *TargetVectors 9 <1,tcp=150,tcpSyn=50,tmax=200> *Filtering 1 none 2 none 3 none 4 online 5 online 6 none 7 none 8 none 9 none testini_1.ini *LegalTraffic: IdOfBotnet,Type, Frequency, Start, End, CpuUsage, MemoryUsage 1 tcpsyn 10 0 9 0 0 2 tcp 10 0 9 0 0

3 tcpsyn 10 10 19 0 0 4 tcp 10 10 19 0 0 5 tcpsyn 10 20 29 0 0 6 tcp 10 20 29 0 0 *BotnetAttack: Type, Frequency, Start, End, CpuUsage, MemoryUsage 7 tcpsyn 10 30 39 0 0 8 tcp 10 30 39 0 0 9 tcpsyn 10 40 49 0 0 10 tcp 10 40 49 0 0 11 tcpsyn 10 50 59 0 0 12 tcp 10 50 59 0 0 13 tcpsyn 10 60 69 0 0 14 tcp 10 60 69 0 0 *BotnetAccessTarget 1 <9,1> 2 <9,1> 3 <9,1> 4 <9,1> 5 <9,1> 6 <9,1> 7 <9,1> 8 <9,1> 9 <9,1> 10 <9,1> 11 <9,1> 12 <9,1> 13 <9,1> 14 <9,1> *BotnetAccessZombie 1 <6,5> <7,3> 2 <6,5> <7,7> 3 <6,0> <7,0> 4 <6,5> <7,5> 5 <6,0> <7,3> 6 <6,5> <7,0> 7 <6,1> <7,2> 8 <6,10> <7,10> 9 <6,5> <7,0> 10 <6,5> <7,10> 11 <6,5> <7,5>

12 <6,10> <7,10> 13 <6,0> <7,1> 14 <6,10> <7,10> *TargetVectors 9 <1,tcp=150,tcpSyn=50,tmax=200> *Filtering 1 none 2 none 3 none 4 online 5 online 6 none 7 none 8 none 9 none =====================================================================

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information