Design DDoS attack detector using NTOPNG

摘要

Distributed Denial of Service (DDoS) is one kind of attacks using multiple computers. An attacker would act as a fake service requester that drains resources in computer target. This makes the target cannot serve the real request service. Thus we need to develop DDoS detector system. The proposed system consists of traffic capture, packet analyzer, and packet displayer. The system utilizes Ntopng as main traffic analyzer. Detector system has to meet good standard in accuracy, sensitivity, and reliability. We evaluate the system using one of dangerous DDoS tool named Slowloris. The system can detect attacks and provide alerts to detector user. The system also can process all incoming packets with a small margin of error (0.76%).