Module Code & Module Title

CC5004NI Security in Computing

Assessment Weightage & Type

30% Individual Coursework 02

Year and Semester

2021 -22 Spring Semester

Student Name: Nischita Paudel

London Met ID: 20049186
College ID: np01nt4s210092
Assignment Due Date: 5th April
Assignment Submission Date: 5th April
Word Count (Where Required): 3609

I confirm that I understand my coursework needs to be submitted online via Google Classroom under the relevant
module page before the deadline for my assignment to be accepted and marked. I am fully aware that late
submissions will be treated as non-submission and a mark of zero will be awarded.
CC5004NI SECURITY IN COMPUTING

Table of Contents

1. Introduction...............................................................................................................4
1.1 Current Scenario......................................................................................................5
1.2 Aims and Objectives................................................................................................6
1.2.1 Aims:..................................................................................................................6
1.2.2 Objectives:.........................................................................................................6
2. Background..................................................................................................................7
2.1 History......................................................................................................................7
2.2 Denial of Service (DoS) attacks...............................................................................8
2.3 Types of DoS attacks...............................................................................................8
2.4 Pre-Requirement and Tools...................................................................................13
3. Demonstration........................................................................................................15
4. Mitigation.................................................................................................................24
4.1 Enabling Firewall on Windows 7 (Host).................................................................24
4.2 Blocking the IP address.........................................................................................25
4.3 Antivirus Installation...............................................................................................27
4.4 Packet Sniffing.......................................................................................................28
5. Evaluation...............................................................................................................30
5.1 Pros and Cons.......................................................................................................30
5.2 Cost Benefit Analysis (CBA)...............................................................................30
6. Conclusion..............................................................................................................32
7. References..............................................................................................................33

1
Nischita Paudel
CC5004NI SECURITY IN COMPUTING

Table of Figures
Figure 1: Example of DoS Attack (yugal, 2015)................................................................5
Figure 2: Cisco's analysis of DoS attack history and predictions (Nicholson, 2022)........7
Figure 3: Direct SYN Flood Attack.....................................................................................9
Figure 4: Ping of Death Attack (Inc., 2019).....................................................................10
Figure 5: UDP Flood Attack (Alzahrani, 2018)................................................................10
Figure 6: ICMP Flood (Tasnuva Mahjabin, 2017)...........................................................11
Figure 7: Slowris Attack (Wallarm, 2022)........................................................................12
Figure 8: NTP Amplification (Nidecki, 2019)...................................................................13
Figure 9: IP for windows 7...............................................................................................15
Figure 10: IP for Kali Linux..............................................................................................16
Figure 11: Pinging kali Linux...........................................................................................16
Figure 12: Pinging windows from kali Linux....................................................................17
Figure 13: scanning for open port using Nmap...............................................................18
Figure 14: packet capture in Wireshark...........................................................................18
Figure 15: Using Kali Linux to run Metasploit..................................................................19
Figure 16: Searching SYN flood......................................................................................19
Figure 17: Using SYN flood auxiliary...............................................................................20
Figure 18: Options of SYN flood auxiliary.......................................................................20
Figure 19: showing module options of SYN flood auxiliary and setting the target ip and
ports.................................................................................................................................21
Figure 20: exploiting the target........................................................................................22
Figure 21: Performance before attack.............................................................................22
Figure 22: Performance after attack................................................................................23
Figure 23: Wireshark after attack....................................................................................23
Figure 24: Enabling Firewall............................................................................................24
Figure 25 ping unreachable.............................................................................................24
Figure 26: choosing custom rule/ setting.........................................................................25
Figure 27: Blocking IP......................................................................................................26
Figure 28 Blocking the Connection..................................................................................27
Figure 29: Antivirus Scanner...........................................................................................28
Figure 30 Wireshark sniffing Tool....................................................................................29

2
Nischita Paudel
CC5004NI SECURITY IN COMPUTING

Abstract

Any form of assault on a networking structure that prevents a server (host) from serving
its clients is known as a denial-of-service attack (DOS). So, performing this attack may
help people know about the prevailing attacks and its mitigation process. In, this
process DoS, sending millions of requests to a server to slow it down, flooding a server
with massive packets of incorrect data, and sending requests with an invalid or fake IP
address are all examples of attacks. Hackers can use flaws in Internet security to target
network systems. Many tools and approaches can be used to carry out these attacks.
This report also discusses the impact of these attacks, as well as their analysis and
countermeasures. Different utilities and traffic analysers are used to investigate these
attacks and provides an overview of the many types of DoS attacks as well as the
techniques that may be used to combat them. It also defines the most well-known Dos
attacks with its mitigation process.

Key words: Denial-of-Service. Flooding: incoming packets sender except the arrived
link, traffic analysers: monitor

3
Nischita Paudel
CC5004NI SECURITY IN COMPUTING

1. Introduction

In this module, we were given the task of identifying vulnerabilities and

determining how to mitigate them. As a result, the DoS assault has been chosen as
the project's major topic, which basically paralyzes the admin by flooding the system
with traffic.

A cyber-attack is one that uses cyberspace to launch an attack against us (or

our digital gadgets). While many cyberattacks are minor problems, others are more
serious, even posing a risk to human life. Everything has gone digital, and
everything is done through the internet. In addition, the use of technology has risen.
It has an impact on people's lives and modifies how they learn, think, and
communicate. It has become increasingly important in society, and it is difficult to
comprehend living without it. Both technology and society are intertwined,
interdependent, and influence one another. Recently, the DoS attack has gotten a lot
of attention because it could take any server offline for an extended period and
paralyze the creator by sending lot of traffic (sameekshakhandelwal, 2021).

This report focuses on the Denial of Service (DoS) assault, which is a hot topic in
today's cyber security world. A denial-of-service (DoS) attack is a form of
cyberattack in which an attacker attempts to make a computer or other device
unavailable to its intended users by disrupting its usual operation. DoS attacks work
by overloading or flooding a targeted machine with requests until normal traffic
cannot be processed, causing a denial-of-service to further users. A DoS attack is
defined as one that is launched from a single computer (Muhammad Alim Zulkifli,
2018).

4
Nischita Paudel
CC5004NI SECURITY IN COMPUTING

Figure 1: Example of DoS Attack (yugal, 2015)

DoS attacks are the most serious security threats to internet services, resulting in
significant financial losses for senior citizens. Even while DoS assaults were popular in
the 1980s and early 1990s, they were not a common occurrence in terms of security.
However, this began to change when the Internet became a more widely used medium.
The scanners study was performed to determine the length of time and number of DoS
attacks that occurred on the Internet.  The Internet of Things (IoT) has recently been
described as the next big thing and a component of the future internet. DoS can also be
used to bring any IoT network to a stop (Hadeel S. Obaid, 2020).

1.1 Current Scenario

DoS attacks have become widespread. A DoS attack can hamper or stop our
online services email, websites, and anything else that connects to the internet whether
we are a small non-profit or a large international corporation. Similarly, the number of
possible DoS weapons available on the internet has increased by more than 12%, with
around 12.5 million weapons discovered. The COVID-19, which prompted a quick move
to internet for everything from education and healthcare to consumer shopping and
office work, provided hackers with more targets than ever before in 2020 DoS attacks.

5
Nischita Paudel
CC5004NI SECURITY IN COMPUTING

One of the most major reasons of 2020 DoS attacks was the COVID-19 lockdown,
which forced a fast switch to the internet for everything from education and healthcare
to consumer shopping and office work, giving hackers more targets than ever before.
Many of these businesses and individuals were found to be seriously vulnerable, due to
the difficulty of sustaining cybersecurity best practices in an emergency circumstance.
As the world became more digitalized, attackers saw this medium as an open source
and easy way to attack and gain profit (Nicholson, 2022).

1.2 Aims and Objectives

1.2.1 Aims:
The main aim of this coursework is to perform DoS attack against
Windows utilizing the Linux operating system, as well as to present applicable
mitigation methods to remove or repair the vulnerability.

1.2.2 Objectives:
 To learn about different types of DoS Attacks.
 To show and execute a DoS attack on a machine, observe the results,
and discuss with the module leader.
 To show how to attack using the Linux operating system and various
requests and commands.
 To provide various mitigation options for the vulnerability, as well as a fix
them.
 To learn how can we secure our network using some tools.

6
Nischita Paudel
CC5004NI SECURITY IN COMPUTING

2. Background
2.1 History
In 1996, Panix, now one of the earliest internet service providers, was
knocked offline for many days by a SYN flood, a tactic that has since become a
typical DoS attack. DoS attacks became more widespread during the following
few years, and Cisco expects that the overall number of DoS attacks would
double from 7.9 million in 2018 to over 15 million by 2023 (Nicholson, 2022).

Figure 2: Cisco's analysis of DoS attack history and predictions (Nicholson, 2022).

In August 1999, a hacker used a tool named "Trinoo" to disrupt the

University of Minnesota's computer network for more than two days, making it
one of the first large-scale DDoS attacks. Trinoo was a network of hacked
machines known as "Masters" and "Daemons," which allowed an attacker to
transmit a DoS command to a few Masters, who eventually forwarded the
command to hundreds of Daemons, launching a UDP flood against the target IP
address. Because the malware made no attempt to mask the Daemons' IP
addresses, the owners of the assaulting computers were contacted, unaware that
their systems had been compromised and were being utilized in a DDoS attack.
Some people believe DoS assaults are brand new. No, they aren't. Some people
believe that because DoS attacks are not in the headlines anymore, they are not

7
Nischita Paudel
CC5004NI SECURITY IN COMPUTING

prevailing anymore, but the truth is that DoS Attacks will always exist it is a
never-ending process. They will be with us if we have a global interconnected
network that connects people, machines, artificial intelligence, and things. The
prevailing attack has never stopped since then (radware, 2017).

2.2 Denial of Service (DoS) attacks

Any form of assault on a networking structure that prevents a server from serving
its clients is known as a denial-of-service attack (DOS). DoS attacks aims to prevent
legitimate users from accessing a system by lowering the system's availability. They
enforce costly calculation functions on the target by exploiting the system's flaws or
overwhelming it with many useless requests. The target server is taken offline for
minutes or days, causing serious system service disruption. As a result, efficient DoS
attack detection is critical for protecting online services (Khaled M. Elleithy, 2006).

2.3 Types of DoS attacks

There have been numerous well-researched studies in the field of cyber-attacks and
their prevention strategies. However, the most dangerous types of DoS attacks are
described below:

1. SYN Flood Attack: The SYN flood attack, also known as the half-open attack, is
a protocol attack that takes advantage of flaws in network communication to keep
the victim's server unresponsive to valid requests. Even high-capacity
components capable of handling millions of connections (Chinnasamy, 2021).

8
Nischita Paudel
CC5004NI SECURITY IN COMPUTING

Figure 3: Direct SYN Flood Attack

2. Ping of Death Attack: Cybercriminals use PoD attacks to send packets that are
larger than the maximum packet size for an internet connection. The device will
basically slow down as a result of this. These attacks take place on both
tested and untested systems, and they focus on historical vulnerabilities on the
target systems. Attackers are not even needed to have a thorough understanding
of your machine or operating system. Your IP address is all they require, which
they can simply falsify (Qamar, 2022).

9
Nischita Paudel
CC5004NI SECURITY IN COMPUTING

Figure 4: Ping of Death Attack (Inc., 2019)

3. UDP Flood Attack: A UDP Flood assault is a type of Denial of Service (DoS)
attack in which many UDP (User Datagram Protocol) packets are sent to a single
server. It has done to overburden the system, making it less able to respond and
handle requests quickly.  Apart from that, it might take advantage of your device's
firewall system to block you from receiving legal communications. To retain
privacy and ensure that none of the ICMP packets reach the host server, the
attackers may utilize fake IP addresses (Adrian, 2020).

Figure 5: UDP Flood Attack (Alzahrani, 2018)

10
Nischita Paudel
CC5004NI SECURITY IN COMPUTING

4. ICMP (Ping) Flood: A ping flood or ICMP flood attack, like any other denial of
service attack, prohibits users from gaining access a target by flooding it with
ICMP echo requests, often known as pings. It entails the attacker and the target
sharing a single internet connection. The attacker sends many request packets to
the victim's network, which the network must respond to with an equal amount of
reply to packets. This request-response system keeps the network channel busy
for the duration of the ICMP attack, consuming a lot of bandwidth and causing a
denial of service to a valid user (Ohri, 2021).

Figure 6: ICMP Flood (Tasnuva Mahjabin, 2017)

5. Slowloris: It is a layer 7 application attack, which means it is a network attack. It

is built in such a way that the server must wait for requests. The request is so
slow in this situation that the server crashes. To put it another way, if we send a
request, the server waits 10 to 20 seconds before releasing it, that is an HTTP
request to accept requests from another user. However, when we inform the
server that we are still coming and transmit any little bytes to the server as the
server is preparing to clear a hole.  We're going to do this again and again. As a
result, we connect to the server to make more requests (Krishna Kant Nath
Tiwari, 2020).

11
Nischita Paudel
CC5004NI SECURITY IN COMPUTING

Figure 7: Slowris Attack (Wallarm, 2022)

6. NTP Amplification: In the IT industry, the Network Time Protocol (NTP) is the
standard protocol for time synchronization. Regardless of source, it is widely
used by servers, mobile devices, endpoints, and network devices. RFC 5905
defines the most recent version of NTP (version 4).  The fundamental principles
of wireless links are plain and simple. An NTP client sends a request to the NTP
server that includes the client's own time contained in the request. The NTP
server responds with their own time as well as the time the packet was sent
back. The NTP client can determine the time difference between the NTP
server's clock and its own clock using these options (Nidecki, 2019).

12
Nischita Paudel
CC5004NI SECURITY IN COMPUTING

Figure 8: NTP Amplification (Nidecki, 2019)

2.4 Pre-Requirement and Tools

To successfully carry out DoS attack we used SYN Flood to set targeted ip
address and open port, and windows 7 as the target. I used the Metasploit Framework,
a popular pre-existing framework available in Kali Linux. It is a common vulnerability
scanner used for designing, testing, and running exploit code. I also used Nmap to look
for open ports on the system.

 VMware workstations

Workstation 16 Pro adds DirectX 11 and OpenGL 4.1 3D Increased

graphics support, a new dark mode user interface, support for Windows Hyper-V
mode on Windows 10 version 2004 and higher hosts. We are using VMware
workstation pro as a platform to do DoS attack (vmware, 2022).

 Windows 7

Windows 7 is an operating system developed by Microsoft. It acts as a host

during the time of attacking. We are using windows 7 as a target for exploitation.

 Kali-Linux

13
Nischita Paudel
CC5004NI SECURITY IN COMPUTING

Kali-Linux is a Debian-based open-source Linux distribution built for

advanced penetration testing and security checks. For DoS attacks on the
Windows operating system, we use Kali Linux.

 Metasploitable
Metasploitable is a knowingly insecure Linux virtual computer that may be
used for security training, tool testing, and typical vulnerability scanning
methodologies. We have used this tool for finding hidden flaws using several
tools and applications.

14
Nischita Paudel
CC5004NI SECURITY IN COMPUTING

3. Demonstration
We will be using VMware Workstation; it enables users to create and run
VMs directly on a single Windows or Linux desktop or laptop. In this report, the
operation will be carried out with Kali Linux on Windows 7 and Metasploit.
Throughout an attack, the following actions are carried out and discussed in
detail.

Step 1: Configuring

In Windows 7, we look for Wi-Fi connection and check the IP using

command prompt.

Ipconfig is used to look for the ip address of the windows 7.

Figure 9: IP for windows 7

Similarly, checking the IP of kali Linux using the terminal.

15
Nischita Paudel
CC5004NI SECURITY IN COMPUTING

ifconfig is used to look for the ip address of kali Linux.

Figure 10: IP for Kali Linux

Step 2: Connection Establishment

We can now ping Kali's window and vice versa. As illustrated in the diagrams,
they were able to communicate well with one another.

Ping 192.168.1.65 was used to ping kali from windows 7.

Figure 11: Pinging kali Linux

16
Nischita Paudel
CC5004NI SECURITY IN COMPUTING

Ping 192.168.1.104 was used to ping windows 7 form Kali Linux.

Figure 12: Pinging windows from kali Linux

Step 3: Using Nmap

We will attack from Kali Linux because Windows 7 is our major target. We are
utilizing the Nmap program that comes pre-installed with Kali. Nmap is a free and open-
source vulnerability scanner and network discovery tool. Nmap is used by network
administrators to determine which devices are installed on their systems, to discover
available hosts and the functions they provide, to locate open ports, and to reveal
security threats. 

nmap -A 192.168.1.104 command is used to scan for open ports. We verified

that the above ports are open using Nmap, which will allow us to continue our attack.

17
Nischita Paudel
CC5004NI SECURITY IN COMPUTING

Figure 13: scanning for open port using Nmap

We then, capture the packet from kali Linux where we saw many requests from
source to destination and vice versa.

Figure 14: packet capture in Wireshark

Step 4: Using Metasploit

Metasploit will now be used to attack our Windows 7 target PC. To help us with
our objective, we will apply Metasploit's SYN flood supplement. Then, as shown in the
picture, we will start Metasploit from Kali Linux.
msfconsole is used to run metaspolit framework.

18
Nischita Paudel
CC5004NI SECURITY IN COMPUTING

Figure 15: Using Kali Linux to run Metasploit

Step 5: Synflood search

To continue the attack, we executed a few Metasploit commands such as SYN
flood auxiliary after changing kali's terminal to Metasploit.
Search synflood was used to find the auxiliary to do the exploitation.

Figure 16: Searching SYN flood

19
Nischita Paudel
CC5004NI SECURITY IN COMPUTING

We discovered the auxiliary auxiliary/dos/tcp/synflood, which is ultimately used in an

attack, as indicated in the picture below.

Figure 17: Using SYN flood auxiliary

Step 6: Setting RHOSTS RPORT and NUM

We must check for an option of SYN flood auxiliary while utilizing it to help us
finish the attack on the targeted machine.

Figure 18: Options of SYN flood auxiliary

We will use RHOST to give the target IP and RPORT to give the target port
number and exploit the target using the aforesaid option. So that other
authenticate users do not have an opportunity to connect to our targeted system, we
can transmit SYN packets.
Set RHOST - To set the target IP.
Set RPORT - To set the port.
Set NUM 0 - To avoid NoMethod error.
Show Options - To look for the description of the set target.

20
Nischita Paudel
CC5004NI SECURITY IN COMPUTING

Figure 19: showing module options of SYN flood auxiliary and setting the target
ip and ports

21
Nischita Paudel
CC5004NI SECURITY IN COMPUTING

Step 7: Exploiting
Now, we are ready to exploit our targeted machine that is windows 7 with a flood of
SYN packets.

Figure 20: exploiting the target

Step 8: Checking the Performance of the CPU

We will check the target machine once we have attacked the target to observe
how our target has gone. Similarly, our target machine was functioning well, but after we
finished our objective, the target machine began to operate terribly because to a flood of
dropped packets. Below is a comparison of the task manager before and after the
attack.

22
Nischita Paudel
CC5004NI SECURITY IN COMPUTING

Figure 21: Performance before attack

23
Nischita Paudel
CC5004NI SECURITY IN COMPUTING

Figure 22: Performance after attack

Step 9: Capturing packets in Wireshark

We can clearly see that many packets were completely overrun, causing the system to
slow down due to heavy CPU consumption. By following this procedure, we are able to
effectively complete the attack.

Figure 23: Wireshark after attack

4. Mitigation

24
Nischita Paudel
CC5004NI SECURITY IN COMPUTING

The most common mitigating strategies include detecting unauthorized traffic

and restricting it in the network, controlling and evaluating service bandwidth, and
implementing new Application Programming Interfaces APIs to manage huge
amounts of traffic. Some of the common steps to mitigate the threat are listed below:

4.1 Enabling Firewall on Windows 7 (Host)

To prevent from being attack, the firewall must be enabled (turn on). So,
that we can defend unknow incoming traffic.

Figure 24: Enabling Firewall

Figure 25 ping unreachable

25
Nischita Paudel
CC5004NI SECURITY IN COMPUTING

4.2 Blocking the IP address

After the attack, we discovered that the server had request the ip
address of the host for transferring data. We need to go to Firewall to boost
protection and add a new rule on the IP Address. In the Outbound Rule
Wizard, we entered our IP address, the same IP address we discovered
using Wireshark.

Figure 26: choosing custom rule/ setting

26
Nischita Paudel
CC5004NI SECURITY IN COMPUTING

After the addition of the specific IP, we proceed to the next step in the
process.

Figure 27: Blocking IP

27
Nischita Paudel
CC5004NI SECURITY IN COMPUTING

Select the block connection option. Now, the system will then block the
specified IP address, leaving the connection unusable. We can protect ourselves
from the attack by following this technique.

Figure 28 Blocking the Connection

4.3 Antivirus Installation

Antivirus software is a type of computer application that prevents, scans,
detects, and removes viruses. Most antivirus software runs in the background to
give real-time virus attack defence when activated.

28
Nischita Paudel
CC5004NI SECURITY IN COMPUTING

Figure 29: Antivirus Scanner

4.4 Packet Sniffing

Packet sniffing is a process for identifying and observing packet data

traveling across a network. Packet sniffing tools are used by network
administrators to monitor and authenticate network traffic. One of the packet’s
sniffing stool is Wireshark.

29
Nischita Paudel
CC5004NI SECURITY IN COMPUTING

Figure 30 Wireshark sniffing Tool

30
Nischita Paudel
CC5004NI SECURITY IN COMPUTING

5. Evaluation
A DoS attack can bring the server down or make it inaccessible to clients.
Turning on the firewall or adding IP addresses to a filter is the easiest method.

5.1 Pros and Cons

For mitigation, some pros are used, which are described below.
 The operating system can be free of DDoS attacks' exploits.
 The attacker is unable to obtain the users' personal information.
 The cost of enabling the firewall is zero.
 We can see the incoming and outgoing traffic which help us to find
authenticate traffic.

Some Cons of applied mitigation

 It consumes more RAM usage and processing power because of

incoming traffic.
 It will hang our computer due to heavy traffic load.
 Users must keep their antivirus software up to date and check for
firewall updates on a regular basis.

5.2 Cost Benefit Analysis (CBA)

When it comes to choosing the right loss prevention and control solutions,
a cost-benefit analysis is vital. The process of balancing the projected costs
against the expected benefits of one or more activities to identify the best
appropriate alternative is known as cost/benefit analysis. We are using CBA
formula for evaluating our total loss or profit which will help us in evaluating our
data of our organization through which we can analyse if we are using proper
methodologies to analyse our data. It is the process for evaluating profit and loss.

Taking a scenario as an example:

Your organization is in a cyclone/hurricane area which can experience at

least one cyclone/hurricane per year. This leaves the company without electrical

31
Nischita Paudel
CC5004NI SECURITY IN COMPUTING

power for days which impacts on the company web server and it its on-line
Internet sales. When calculating the risk due to power outages, he annualized
loss expectancy (ALE) is $340,000. As a countermeasure, it has been decided to
purchase a backup diesel generator for standby electricity for the organization.
The cost for this generating facility for the year is estimated to be $130,000, but it
will lower the ALE to $200000. Is this a cost-effective countermeasure? Why or
why not?

Solution,

Cost Benefit Analysis = ALE (prior) – ALE (post) – ACS

= $340,000- $100,000- $130,000

= $110,000

It is advantageous to apply mitigation strategies because the total of final

yearly loss expectancy and cost of access control is smaller than the initial loss
expectancy.

32
Nischita Paudel
CC5004NI SECURITY IN COMPUTING

6. Conclusion

We are never safe or secure in the digital world because attackers are
always watching us. Every day brings a new attack, making the world a
hazardous place. Not only are we in danger of losing our privacy, but our working
mechanisms are also being monitored. Similarly, this study tries to demonstrate
one of the cyberattacks we face.

Distributed DoS attacks, as we have seen, are a real concern that can
cause significant harm to many of us. The many types of DoS/DDoS attacks that
might harm an organization are discussed in this report. Throughout this
coursework, I learned about the possible damage that these types of attacks
might create and has briefly covered DoS attacks and types of DoS attacks. The
entire attack takes place within VMware. This attack is solely for the purpose of
education and learning. It is dangerous to carry out these attacks without
permission or legal allowance. It is one of the most common sorts of cyber
exploitation assaults, and it causes equipment to stop working properly by
sending unnecessary traffic. This attack works by sending packets to the user
device in a continuous stream, causing traffic and slowing down the device's
operation. There are various types of DoS assaults, however in this course, we
chose the synflood attack to exploit our target.

We not only learned about the many types of attacks and how they affect
our workstation. We also learned about its mitigation procedure, which will help
us secure our data and information to a degree. We also learned about several
types of tools that can be used to secure our network's state. With this report I
hope people will have a thorough idea about DoS attack and how it has been
affecting our daily lives. We can be secure with the right technology and proper
data evaluation of our organization. We can never me 100% secure but we can
surely minimize the threat.

33
Nischita Paudel
CC5004NI SECURITY IN COMPUTING

7. References

Adrian, 2020. What is a UDP Flood Attack? Prevention and Mitigation, s.l.: Internet
Security.
Alzahrani, S., 2018. Generation of DDoS Attack Dataset for Effective IDS Development
and Evaluation. Journal of Information Security , Volume 9, pp. 225-241.
Chinnasamy, V., 2021. What is SYN (Synchronize) Attack? How the Attack works and
How to Prevent the SYN Attack, s.l.: INDUSFACE.
Hadeel S. Obaid, B. I., 2020. Denial of Service Attacks: Tools and Categories.
International Journal of Engineering Research & Technology (IJERT), 9(03), pp. 631-
636.
Inc., W., 2019. What Is A Ping Of Death Assault?, San Francisco: Wallarm.
Khaled M. Elleithy, D. B. W. C. a. P. S., 2006. Denial of Service Attack Techniques:
Analysis, Implementation and Comparison. SYSTEMICS, CYBERNETICS AND
INFORMATIC, Volume 3, pp. 66-71.
Krishna Kant Nath Tiwari, M. S. R. K., 2020. Denial of Service attack using Slowloris.
International Research Journal of Engineering and Technology , 07(07), pp. 448-454.
Muhammad Alim Zulkifli, I. R. Y. P., 2018. Live Forensics Method for Analysis Denial of
Service (DOS) Attack on Routerboard. International Journal of Computer Applications
(0975 – 8887, Volume 180, pp. 23-30.
Nicholson, P., 2022. Five Most Famous DDoS Attacks and Then Some, s.l.: A10.
Nidecki, T. A., 2019. Preventing NTP Reflection Attacks, s.l.: Acunetix.
Ohri, A., 2021. Ping Flood or ICMP Flood Attack – A Simple Guide In 3 Points, New
York: jigsaw.
Qamar, A., 2022. The Ping of Death (PoD) Attack: What Is It and How Does It Work?,
s.l.: TechGenix.
radware, 2017. DDoS Attacks History, s.l.: radware.
sameekshakhandelwal, 2021. Impact of Technology on Society, India: GeekforGeeks.
SENKI, 2020. History of Denial of Services (DoS) Attacks, s.l.: SENKI.
Tasnuva Mahjabin, Y. X. G. S. a. W. J., 2017. A survey of distributed denial-of-service
attack, prevention, and mitigation techniques. International Journal of Distributed
Sensor Networks, Volume 13(12), pp. 2-33.
vmware, 2022. Download VMware Workstation Pro, s.l.: VMware,.

34
Nischita Paudel
CC5004NI SECURITY IN COMPUTING

Wallarm, 2022. What Is Slowloris?, San Francisco: Wallarm.

yugal, 2015. What is DoS attack in hindi, s.l.: eHindiStudy.

35
Nischita Paudel
CC5004NI SECURITY IN COMPUTING

Appendix

This report was completed after a lot of research. Some of the reference’s sites are
shown below:

1. SYN Flood DoS Attack

https://www.researchgate.net/publication/
237076791_Analysis_of_the_SYN_flood_DoS_attack

2. Reference video:
The following video was used a reference video to complete this project.
https://www.youtube.com/watch?v=7bHQtpcfZ8U&t=17s

3. Study on SYN Flood:

This paper was used to research for syn flood attack.
https://www.imperva.com/learn/ddos/syn-flood/

36
Nischita Paudel
CC5004NI SECURITY IN COMPUTING

37
Nischita Paudel