SIMULATING DDOS ATTACKS ON THE US FIBER-OPTICS INTERNET INFRASTRUCTURE

Network-based attacks like the distributed denial-of-service (DDoS) attacks are not new, but we are beginning to see attacks of unprecedented scale. Examples of such attacks include the 2016 attack on DYN INC that crippled a part of the Internet for hours, and the attack on Liberia, which partially brought down the African nation. Limitations in identifying vulnerable Internet infrastructure and testing possible defense strategies are a part of the problem. We need a simulation testbed that can reflect the complexity of the Internet, yet allows to swiftly test attacks, providing insights that can apply to real-world attack scenarios. In this research, we have designed a test-bed that mirrors the Internet infrastructure of the US and can simulate the Internet traffic flow patterns for different attack targets. We also estimate the degradation in the quality-of-service and the number of users impacted in two attack scenarios.

[1]  Marco Lützenberger,et al.  Agent-based network security simulation , 2011, AAMAS.

[2]  Srikanth Kandula,et al.  Botz-4-sale: surviving organized DDoS attacks that mimic flash crowds , 2005, NSDI.

[3]  Kai Nagel,et al.  Towards truly agent-based traffic and mobility simulations , 2004, Proceedings of the Third International Joint Conference on Autonomous Agents and Multiagent Systems, 2004. AAMAS 2004..

[4]  Kathleen M. Carley,et al.  The impact of US cyber policies on cyber-attacks trend , 2016, 2016 IEEE Conference on Intelligence and Security Informatics (ISI).

[5]  Christoph Lange,et al.  Comprehensive topology and traffic model of a nationwide telecommunication network , 2014, IEEE/OSA Journal of Optical Communications and Networking.

[6]  Roshanak Nilchiani,et al.  Measuring the Resilience of the Trans-Oceanic Telecommunication Cable System , 2009, IEEE Systems Journal.

[7]  Esraa Alomari,et al.  Botnet-based Distributed Denial of Service (DDoS) Attacks on Web Servers: Classification and Art , 2012, ArXiv.

[8]  Kathleen M. Carley,et al.  DDoS cyber-attacks network: Who's attacking whom , 2016, 2016 IEEE Conference on Intelligence and Security Informatics (ISI).

[9]  Song Guo,et al.  Can We Beat DDoS Attacks in Clouds? , 2014, IEEE Transactions on Parallel and Distributed Systems.

[10]  Edsger W. Dijkstra,et al.  A note on two problems in connexion with graphs , 1959, Numerische Mathematik.

[11]  Walter Willinger,et al.  InterTubes: A Study of the US Long-haul Fiber-optic Infrastructure , 2015, SIGCOMM.

[12]  Igor V. Kotenko,et al.  Simulation of Internet DDoS Attacks and Defense , 2006, ISC.

[13]  AGENT-BASED MODELING AND SIMULATION OF CYBERWARFARE BETWEEN MALEFACTORS AND SECURITY AGENTS IN INTERNET , 2005 .

[14]  Igor V. Kotenko,et al.  The Software Environment for Multi-agent Simulation of Defense Mechanisms against DDoS Attacks , 2005, International Conference on Computational Intelligence for Modelling, Control and Automation and International Conference on Intelligent Agents, Web Technologies and Internet Commerce (CIMCA-IAWTIC'06).

[15]  Songwu Lu,et al.  Random flow network modeling and simulations for DDoS attack mitigation , 2003, IEEE International Conference on Communications, 2003. ICC '03..

[16]  Kathleen M. Carley,et al.  Approaches to understanding the motivations behind cyber attacks , 2016, 2016 IEEE Conference on Intelligence and Security Informatics (ISI).