BADANIE SPRAWNOŚCI SYSTEMÓW IDS/IPS PRZED ATAKAMI DOS I DDOS

Mariusz SZAREK; Mariusz NYCZ; Piotr HAJDER

doi:10.7862/re.2016.7

Vol 24 No 35-2 (2016), Articles

Vol 24 No 35-2 (2016)

EFFICIENCY TEST OF IDS/IPS SYSTEMS AGAINST DOS AND DDOS ATTACKS

Articles

https://doi.org/10.7862/re.2016.7

Published October 27, 2022

Mariusz SZAREK⁺⁻
Mariusz NYCZ⁺⁻
Piotr HAJDER⁺⁻

Mariusz SZAREK

Rzeszow University of Technology

Mariusz NYCZ

Rzeszow University of Technology, Department of Power Electronics, Power Engineering and Complex Systems, al. Powst. Warszawy 12 , 35-959 Rzeszow

Piotr HAJDER

AGH University of Science and Technology

PDF (Język Polski)

Abstract

The theme of the article is to analyze the efficiency of detection systems and intrusion prevention against denial of service attacks. In the initial part of the article based on the analysis
results, presented the scale of the problem of these threats. In the following paragraphs, the methodology of testing to determine susceptibility to denial of service attack. Then conducted simulations effectiveness and efficiency of defense against attacks by the two network intrusion detection systems in the segment of open-source Snort and Suricata. Analyzed solutions working modes nfqueue and af-packet, using the same set of rules. Comparative tests carried out using the two most common threats such Land and SYN Flood, showed superiority solutions Suricata the effectiveness of detection of the analyzed attacks. The article is addressed to people involved in the implementation and administration of security systems.

https://doi.org/10.7862/re.2016.7

PDF (Język Polski)

References

[1] https://dataspace.pl/dos-rodzaje-atakow-cz-1/[Dostęp: 24.08.2015]
[2] https://dataspace.pl/dos-rodzaje-atakow-cz-2/[Dostęp: 3.09.2015]
[3] https://securelist.com/analysis/quarterly-malware-reports/73414/kaspersky-ddosintelligence-report-for-q4-2015/[Dostęp: 28.09.2015]
[4] K. Scarfone, P. Mell Guide to Intrusion Detection and Prevention Systems (IDPS)
[5] http://students.mimuw.edu.pl/SO/Projekt04-05/temat5-g2/sikorakobylinski/idsips.html [Dostęp: 23.12.2015]
[6] http://sekurak.pl/wprowadzenie-do-systemow-ids/[Dostęp: 23.03.2015]
[7] http://insecure.org/sploits/land.ip.DOS.html[Dostęp: 20.11.1997]
[8] http://www.computerworld.pl/news/291980/Atak.na.sieci.IP.html [Dostęp:29.12.1997]
[9] https://www.incapsula.com/ddos/attack-glossary/http-flood.html [Dostęp:18.10.2015]
[10] https://www.incapsula.com/ddos/attack-glossary/syn-flood.html [Dostęp:18.10.2015]
[11] https://www.debian.org/doc/[Dostęp: 7.04.2015]
[12] https://www.snort.org/documents/snort-ips-tutorial[Dostęp: 25.08.2015]
[13] https://www.kali.org/kali-linux-documentation/[Dostęp: 2.01.2016]
[14] https//www.snort.org/documents[Dostęp: 25.08.2015]
[15] http://wiki.hping.org[Dostęp: 30.09.2009]
[16] http://suricata-ids.org/docs/[Dostęp: 6.08.2014]
[17] Wang A.,Mohaisen A., Chang W., Chen S.:Delving into Internet DDoS Attacks by Botnets: Characterization and Analysis, 2015 45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, 2015, pp. 379 - 390
[18] Zeb K., Baig O., Asif K. M.:DDoS attacks and countermeasures in cyberspace, 2015 2nd World Symposium on Web Applications and Networking, Sousse, 2015