Abstract
The paper considers an approach to modeling and simulation of cyber-wars in Internet between the teams of software agents. According to this approach, the cybernetic opposition of malefactors and security systems is represented by the interaction of two different teams of software agents – malefactors’ team and defense team. The approach is considered by an example of modeling and simulation of “Distributed Denial of Service” (DDoS) attacks and protection against them. The paper also describes the software environment for multi-agent simulation of defense mechanisms against DDoS attacks developed by the authors and different experiments. The main components of the software environment are outlined. One of the numerous experiments on protection against DDoS attacks is described in detail. The environment developed is based OMNeT++ INET Framework.
Highlights
Vulnerabilities of present distributed computer systems, permanently magnified quantity, variety and complexity of cyber-attacks and gravity of their consequences highlight urgent necessity for information assurance and survivability of computer systems
The idea of Distributed Denial of Service” (DDoS) attack consists in reaching the global goal – the denial of service of some resource – due to joint efforts of many components that are acting on attack side
The main results of the work we described in the paper consist in developing basic ideas on multiagent modeling and simulation of defense mechanisms against DDoS attacks and implementing corresponding software environment
Summary
Vulnerabilities of present distributed computer systems, permanently magnified quantity, variety and complexity of cyber-attacks and gravity of their consequences highlight urgent necessity for information assurance and survivability of computer systems. Information gathering about the computer system under attack, detecting its vulnerabilities and defense mechanisms;. How good are the present defense mechanisms for DDoS detection, prevention and reaction?. As a result of several reasons (detection of DDoS attack is most accurate close to the victim, separation of legitimate is most successful close to the sources, etc.), adequate victim protection to constrain attack traffic can only be achieved by cooperation of different distributed components [17]. Conclusion outlines the main results of the paper and future work directions
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
