Investigation of UDP Bot Flooding Attack

Background/Objectives: This paper presents the analysis of Bot flooding attack which leads to DDOS (Distributed Denial of Service) using a lab experiment in a networked environment creating a real DDOS attack like scenario. Methods: To study the DDOS attack through UDP (User Datagram Protocol) Bot flooding, a lab setup is done in a networked environment. A UDP flood attack starts by sending a huge number of UDP packets from different IP addresses. The experimentation is performed using NS2. The results generated are used as evidences to prove that a machine is victimized and is facing DDOS attack. Graphical evidence is also presented for the DDOS attack using UDP packets flooding. Findings: The evidences collected from the lab experimentation clearly show the demarcation between the normal network traffic and the traffic containing UDP Bot flood. By making the comparison between normal and abnormal network traffic through the UDP flow graph the possibility of DDOS is predicted.