Document Type
Honors Project - Open Access
Abstract
Distributed Denial of Service (DDoS) attacks are attempts to overwhelm a computer system in order to deny access by legitimate users. They are generally unstoppable, but there is a good deal of on-going research on methods to reduce their negative effects. This paper will deal with the design of a model that simulates such an attack. The simulation model is then used to study possible ways to defend against these attacks. Three experiments are run: 1) using a priority queue to sort messages from clients based on how many connections they have open on the server; 2) limiting the number of connections each client can create; and 3) having the server forcefully delete the oldest established connection, whenever its connection table becomes full. Results show that method 1 is totally ineffective while method 2 somewhat improves the overall performance of the system. However, method 3, combined with method 2, produces significantly improved performance against a DDoS attack.
Recommended Citation
Chan-Tin, D. Eric, "Analysis of Defenses against Distributed Denial of Service Attacks" (2006). Mathematics, Statistics, and Computer Science Honors Projects. 4.
https://digitalcommons.macalester.edu/mathcs_honors/4
Appendix A - Raw Data
Appendix B - Source Code.ZIP (142 kB)
Appendix B - Code
© Copyright is owned by author of this document
Comments
Thank you to Macalester College, the Math/CS Department, and Prof. Michael Schneider for helping me complete this honors project.