Total views : 313

Investigation of UDP Bot Flooding Attack


  • Department of Computer Science and Engineering, Uttarakhand Technical University, Dehradun - 248007, Uttarakhand, India


Background/Objectives: This paper presents the analysis of Bot flooding attack which leads to DDOS (Distributed Denial of Service) using a lab experiment in a networked environment creating a real DDOS attack like scenario. Methods: To study the DDOS attack through UDP (User Datagram Protocol) Bot flooding, a lab setup is done in a networked environment. A UDP flood attack starts by sending a huge number of UDP packets from different IP addresses. The experimentation is performed using NS2. The results generated are used as evidences to prove that a machine is victimized and is facing DDOS attack. Graphical evidence is also presented for the DDOS attack using UDP packets flooding. Findings: The evidences collected from the lab experimentation clearly show the demarcation between the normal network traffic and the traffic containing UDP Bot flood. By making the comparison between normal and abnormal network traffic through the UDP flow graph the possibility of DDOS is predicted.


Botnet, Botnet Forensics,DDoS, Internet Security,Random UDP Bot Flooding.

Full Text:

 |  (PDF views: 530)


  • Bijalwan A, Wazid M, Pilli ES, Joshi RC. Forensics of Random-UDP Flooding Attacks. Journal of Networks. 2015; 10(5):287–93.
  • Bhatia S, Schmidt D, Mohay G, Tickle A. A framework for generating realistic traffic for Distributed Denial-of-Service attacks and Flash Events. Computers & Security. 2014; 40:95–107.
  • Chen W, Yeung D-Y, editors. Defending against TCP SYN flooding attacks under different types of IP spoofing. 2006 IEEE International Conference on Networking, Systems and Mobile Communications and Learning Technologies (ICN/ICONS/MCL); 2006.
  • Chen Y, Hwang K. Spectral analysis of TCP flows for defense against reduction-of-quality attacks. 2007 IEEE International Conference on Communications (ICC’07); 2007.
  • Chuiyi X, Yizhi Z, Yuan B, Shuoshan L, Qin X, editors. A distributed intrusion detection system against flooding denial of services attacks. 2011 13th IEEE International Conference on Advanced Communication Technology (ICACT); 2011.
  • Gupta BB, Joshi RC, Misra M. ANN Based Scheme to Predict Number of Zombies in a DDoS Attack. IJ Network Security. 2012; 14(2):61-70.
  • Hussain SM, Beigh GR, editors. Impact of DDoS attack (UDP Flooding) on queuing models. 2013 4th IEEE International Conference on Computer and Communication Technology (ICCCT); 2013.
  • Kim H, Kim B, Kim D, Kim I-K, Chung T-M. Implementation of GESNIC for web server protection against HTTP GET flooding attacks. Springer: Information Security Applications; 2012. p. 285–95.
  • Kong J, Mirza M, Shu J, Yoedhana C, Gerla M, Lu S, editors. Random flow network modeling and simulations for DDoS attack mitigation. 2003 ICC’03 IEEE International Conference on Communication; 2003.
  • Li M, Li J, Zhao W. Simulation study of flood attacking of ddos. 2008 IEEE International Conference on Internet Computing in Science and Engineering (ICICSE’08); 2008.
  • Mohay G, Ahmed E, Bhatia S, Nadarajan A, Ravindran B, Tickle AB, et al. Detection and mitigation of high-rate flooding attacks. Springer:An Investigation into the Detection and Mitigation of Denial of Service (DoS) Attacks. 2011; p. 131–81.
  • Moustis D, Kotzanikolaou P, editors. Evaluating security controls against HTTP-based DDoS attacks. 2013 4th IEEE International Conference on Information, Intelligence, Systems and Applications (IISA); 2013.
  • Rui X, Wen-Li M, Wen-Ling Z. Defending against UDP flooding by negative selection algorithm based on eigenvalue sets. 2009 5th IEEE International Conference on Information Assurance and Security (IAS’09); 2009.
  • Wang S, Sun Q, Zou H, Yang F. Detecting SYN flooding attacks based on traffic prediction. Security and Communication Networks. 2012; 5(10):1131–40.
  • Park J-S, Kim M-S. Design and implementation of an SNMPbased traffic flooding attack detection system. Springer: Challenges for Next Generation Network Operations and Service Management. 2008; p. 380-9.
  • Sajana T, Sheelarani CM, Narayana KV. A survey on clustering technique for big data mining. Indian Journal of Science and Technology. 2016 Jan; 9(3).
  • Torkashvan Milad, Haghighi Hassan. CBC2: A Cloudbased Botnet Command and Control. Indian Journal of Science and Technology. 2015 Sep; 8(22). DOI: 10.17485/ ijst/2015/v8i22/59773.
  • Vidhya S, Sheik Abdul Khader P. Deployment of Proposed Botnet Monitoring Platform Using Online Malware Analysis for Distributed Environment. Indian Journal of Science and Technology. 2014 Jan; 7(8). DOI: 10.17485/ ijst/2014/v7i8/48583.
  • Mueen U, Raed A, Maha A. Intrusion Detection System to Detect DDoS Attack in Gnutella Hybrid P2P Network. Indian Journal of Science and Technology. 2013 Feb; 6(2). DOI: 10.17485/ijst/2013/v6i2/30585.
  • Tariq A, Abdullah A. Detection and Defense Mechanism against DDoS in MANET. Indian Journal of Science and Technology. 2015 Dec; 8(33). DOI: 10.17485/ijst/2015/ v8i33/80152.
  • Mohammad SA, Amirgholipour SK, Mehdi A, Shakeri AB, Mohammad G. Availability Challenge of Cloud System under DDOS Attack. Indian Journal of Science and Technology. 2012 Jun; 5(6). DOI: 10.17485/ijst/2012/ v5i6/30488.


  • There are currently no refbacks.

Creative Commons License
This work is licensed under a Creative Commons Attribution 3.0 License.