Show simple record

dc.contributor.authorAl-Jarrah, Zaid
dc.date.accessioned2018-07-16T22:41:43Z
dc.date.available2018-07-16T22:41:43Z
dc.date.issued2018
dc.identifier.urihttps://hdl.handle.net/10652/4315
dc.description.abstractCybersecurity is a very important area that needs to be worked on and improved. Day by day technology becomes closer to human life in many ways. In recent years, especially after the emergence of IoT and cloud computing, technology has started to control a big part of our assets. These assets could be data medical assets, financial assets, etc. For example, today we see technology being involved in sensitive medical operations, so human life has become related to technology and any failure could cause risk to human life. There are many types of cyber threat and different types of cyber-attacks: this study discusses DNS Distributed Denial of Service (DDoS) attacks and focuses on DNS reflection attacks, which are one of the most common kinds of attack. These attacks depend on exploiting a DNS service that relies on User Datagram Protocol (UDP), which is one of the essential services that is working in the background to support internet services. To be able to analyse a DNS reflection attack, I designed and built a testbed network which represented the environment that runs the attack. The testbed included Cisco routers, Cisco switches, and servers. These routers played the main role in demonstrating attack stages and factors, and by analysing the results, I built a mitigation technique to reduce or eliminate the possibility of those factors. All the results and readings presented in this study are generated and collected by the author while creating an actual attack at lab using cisco routers, switches and servers rather than using simulation or emulation software. Using those devices make the testbed similar to a commercial environment that are exposed or targeted by real attacks. This process leads to achieve the desired practical outcomes. The results showed that applying separate mitigation techniques in different stages and in more than one place worked perfectly to reduce attack load by using uRPF, Unicast Reverse Path Forward, is a standard security feature work to prevent spoofed packets. Using Separate technique in mitigation methodology gives very positive results without exhausting router resources, such as CPU, temperature and RAM. Then, I use Zone-based firewall, which is a cisco security feature, allow the Cisco router to behave like a Firewall, by separate the router to Zones to control incoming packets that are coming from outside the router (Internet). All stages together, work as an integrated solution. The suggested mitigation techniques are perfect for SMB organisations in terms of protecting their own network and DNS servers.en_NZ
dc.language.isoenen_NZ
dc.subjectDistributed Denial of Service (DDoS)en_NZ
dc.subjectDDoS attacksen_NZ
dc.subjectDNS reflection attacksen_NZ
dc.subjectDomain Name Systemen_NZ
dc.subjectDDoS defensesen_NZ
dc.subjectUnicast Reverse Path Forward (uRPF)en_NZ
dc.subjectCisco routersen_NZ
dc.titleAnalysis of L4 DoS/DDoS attacks and mitigation techniques for DNS reflection attacken_NZ
dc.typeMasters Thesisen_NZ
thesis.degree.nameMaster of Computingen_NZ
thesis.degree.levelMastersen_NZ
thesis.degree.grantorUnitec Institute of Technologyen_NZ
dc.subject.marsden080303 Computer System Securityen_NZ
dc.identifier.bibliographicCitationAl-Jarrah, Z. (2018). Analysis of L4 DoS/DDoS attacks and mitigation techniques for DNS reflection attack. Unpublished master's thesis. [Submitted in partial fulfilment for the degree of Masters Thesis, Computing, Unitec Institute of Technology, New Zealand].en_NZ
unitec.pages110en_NZ
dc.contributor.affiliationUnitec Institute of Technologyen_NZ
unitec.advisor.principalSarrafpour, Bahman
unitec.advisor.associatedArdekani, Iman


Files in this item

Thumbnail

This item appears in

Show simple record