In this study, I used a dataset that contains low-rate and SYN flood traffic which was generated by a test bed to simulate a Slow DoS attack, stressing a local server by initiating several HTTP POST connections and causing the request payloads to be transmitted slowly. The attack causes problems including interrupted access and noticeably decreased network performance by sending a large number of little packets slowly, which keeps connections open and overloads server resources. I filtered traffic using Wireshark based on factors including tiny payloads, a lot of SYN packets without ACKs, high initial RTTs, small window sizes, and noticeable intervals between packets. Then, using these data, I ran a custom script I had created on the pcap files to identify possible attack sessions
Identifer | oai:union.ndltd.org:MSSTATE/oai:scholarsjunction.msstate.edu:td-7312 |
Date | 13 August 2024 |
Creators | Matta, Nagasai Deepak |
Publisher | Scholars Junction |
Source Sets | Mississippi State University |
Detected Language | English |
Type | text |
Format | application/pdf |
Source | Theses and Dissertations |
Page generated in 0.0022 seconds