Beruflich Dokumente
Kultur Dokumente
I.
INTRODUCTION (Heading 1)
A. Existing Networks
Existing Network Topology
The test-bed diagram for site to site is displayed in Figure
1, is using all device and network topology from Existing
network of Government Procurement Service.
Figure
1: Existing
Network
Test-Bed.
The network
was setup
through
a direct
connection using
a standard category 5e cabling between device. The
firewall router was used to separate two networks, and used
to
monitor incoming and outgoing traffic between networks.
There were three workstations and two Servers in the testbed: Two workstations and one Server will act as attackers,
one Server is LPSE Web Server, and one of the Workstation
is used as a monitoring machine and act as a real client.
The workstations has Windows 7 installed, The Attacker
Server has a proxmox installed, and LPSE Web Server has a
Centos 6.5 installed. The hardware of workstations is an
Intel Core Intel Core i3 2.93 GHz processor with 2 GB
RAM, The Attacker server is Intel Xeon 2.6 GHz with 2 GB
RAM and LPSE Web Server is Intel Xeon 2.6 GHz with 2
GB RAM, and the Mikrotik RB 1200 is CPU PPC460GT
1000MHz with 512 MB RAM.
A. DDoS Tools
The LOIC is based DDoS attack tool that releases
flooding in the server. This flooding apparently results from
the large volume of HTTP and UDP traffic.[4] this tools will
be run on the Attacker Workstations. Attack that targets the
application layer is the Slowloris attack taking advantage of
webservers by keeping connections open using partial
Hypertext Transfer Protocol (HTTP) requests, again
overwhelming server resources with few resources required
on the attackers side [5], and The UDP DDoS script that
compiled with GNU Compiler Collection in Linux based
Based On Signature
Rule/List based on Signature is the detection
method by matching the content of traffic on the
network traffic with the Rule/List contained in
Intrusion Detection System, this rule/list is the
result of an analysis of the security analyst,
Based on Behaviour
Based on behaviour detection method is the
detection by marking based on certain anomalies
package (suspicious) on network traffic by
combining IDS with Plugin algorithms AIEngine .
In this paper Iptables v1.6.0 will be used as a firewall and
also compatible with intrusion detection system Suricata.
EXPERIMENTAL RESULTS
Rate Step
Rate Step
Rate Step
Time (Minutes)
Time (Minutes)
Time (Minutes)
REFERENCES
[1]
CONCLUSION
[2]
[3]
[4]
[5]
[6]
[7]
[8]