Document Type

Honors Project

Comments

Thank you to Macalester College, the Math/CS Department, and Prof. Michael Schneider for helping me complete this honors project.

Abstract

Distributed Denial of Service (DDoS) attacks are attempts to overwhelm a computer system in order to deny access by legitimate users. They are generally unstoppable, but there is a good deal of on-going research on methods to reduce their negative effects. This paper will deal with the design of a model that simulates such an attack. The simulation model is then used to study possible ways to defend against these attacks. Three experiments are run: 1) using a priority queue to sort messages from clients based on how many connections they have open on the server; 2) limiting the number of connections each client can create; and 3) having the server forcefully delete the oldest established connection, whenever its connection table becomes full. Results show that method 1 is totally ineffective while method 2 somewhat improves the overall performance of the system. However, method 3, combined with method 2, produces significantly improved performance against a DDoS attack.

Appendix A - Raw Data.ZIP (127 kB)
Appendix A - Raw Data

Appendix B - Source Code.ZIP (142 kB)
Appendix B - Code

Share

COinS
 
 

© Copyright is owned by author of this document