Denial of Service (DoS) attack identification and analyse using sniffing technique in the network environment

摘要

Network-based intruders such as (DoS) attacks have become one of the most significant internet interruptions. Some operations that rely on the internet, such as banking transactions, education, trade marketing, and social networking, have become the primary targets. The attacker is trying to surround and making it difficult for the system to defend. The research's objective is to recognize the characteristics and level of DoS attacks. In understanding the behavior of intruders against a target web server, Wireshark was used in all traffic networks—capturing the traffic in a networked environment. In this research, the user identifies the attack levels (TCP SYN, UDP, and HTTP protocol), ranging from low (Q1), medium (Q2), and high (Q4) attacks. The approach is to simulate the TCP, HTTP, and UDP flood attacks and analyze the attacks' effects on the network environment. In this work, normal scenarios and pattern attacks were compared. In this case, the intruder floods unwanted packets to the victim with a massive number of request packets; the SYN from the corresponding SYN-ACK replies are not achieved. This paper will identify the DoS attacks level and analyze the behavior of traffics.