Abstract:
Network security is an open area of applied concepts of computer sciences that has
gained a lot of attention over past few years. Intrusion attacks particularly Distributed
Denial of Service (DDOS) has recently became one of the greatest threats to the
network security. DDOS attacks are virulent and most frequently occurring network
attacks. Perpetration of DDOS attacks can paralyze the server and the access to the
databases, websites etc. and every other online application can be seized resulting in
complete network breakdown/failure. To assess the network security and to deduce
precautionary measures it is important to analyze how much a network is vulnerable
to such intrusion attacks. The data and websites residing on servers are of no use if
their availability cannot be ensured. This research demonstrates a flood based DDOS
attack. Flooding is a type of DDOS attack that occurs when a network becomes so
weighed down with packets; initiating incomplete connection requests that it can no
longer process genuine connection, requests resulting in high response times and
unavailability of network resources i.e. a Denial of Service. The purpose of this
research is to assess the network security of Bahria university by studying the (new
campus) network under DDOS attack via simulation since performing such
experiments on live networks involve high risks. The network model and the DDOS
attack using infectious workstations (Zombies) to breach the network are simulated
using OPNET simulator. With the help of obtained graphical results behavior of the
network under intrusion attack is analyzed to assess vulnerability and survivability of
the network. On the basis of our analysis countermeasures and possible enhancements
to improve the network security against such intrusions are highlighted.
