Owing to the advances of information technology our society gets to lean on the information systems and communication networks increasingly. By the development of global communication network the cyber criminals have got a new weapon, and for their aims they get to use the Internet more and more.
Amongst various online attacks hampering IT security, Denial of Service (DoS) and Distributed Denial of Service (DDoS) have the most devastating effects. It has also put tremendous pressure over the security experts lately, in bringing out effective defense solutions. These attacks could be implemented diversely with a variety of tools and codes. Since there is not a single solution for DoS, this attack has managed to prevail on internet for nearly a decade.
Hence, it becomes indispensable to carry out these attacks in small test bed environments in order to understand them better. For testing purposes, I created two completely different network architecture during the semester. On these I carried out the most common Denial of Service attacks and have been trying to understand the impact caused with the help of traffic analyzer programs. After applying different security techniques and repeating the attacks I have compared the results.
In my thesis I present the theoretical background of attacks and defense methods and also the detailed structure of the test networks. In addition, I detail the techniques used in practice, such as DDoS Juniper Secure or Access Control List used by Cisco. Finally, I summarize the information gathered during the measurements and try to determine the most effective security method against DoS and DDoS attacks.