An experimental analysis of current DDoS attacks based on a provider edge router honeynet
Πειραματική μελέτη των σύγχρονων κατανεμημένων επιθέσεων άρνησης υπηρεσίας μέσω της εφαρμογής συστήματος Honeynet σε ακραίο δρομολογητή παρόχου
Network security has become an increasing problem in the world of telecommunication networks. Cyber-attacks against telecommunication networks may result in very high consequences for data and services, while at the same time IT departments phase increasing security challenges, without always having the required resources. Network experts have tried to face up this serious issue by improving the technical awareness of the threats and technical solutions in transmission networks. The global growing of using the Internet has made securing networks and information one of the most challenge tasks in the field of networks communications. The transmission of data through telecommunication networks introduces various issues, as it is often vulnerable to malicious attacks. Also, the connection of those networks with the Internet enables attacks by external users. Security attacks may attempt to undermine the confidentiality, integrity and availability. Attacks such as Distributed Denial of Service (DDoS) are achieved when they can affect the availability of information resources. However, the success and the impact of such kind of attacks differ from the victim and the levels of risk, threats and implications for DDoS activity determined in each case separately. The goal of this thesis is to analyze the current trends of DDoS attacks. To achieve this we have implemented a honeynet system at an edge router of an Internet provider. The practical part analyzes a collection of unclassified data from a honeynet system in an effort to generate useful threat intelligence and prioritization from the data. This model allows us to obtain a better understanding of threat profile and propose solutions to mitigate the attacks and recommend safety measures depending on the attack.