Detecting Attacks


I am Subashini, a graduate student. I am interested in doing my project in
Network Security. I have a doubt related to it.

The aim is to detect DoS/DDoS attacks using the application. I am going to
use ELK (ElasticSearch, Logstash, Kibanna) for processing the logs (Log

My doubt is regarding how do we generate logs for detecting this attack? As
I am new to this process, I am not sure about it.

Also, if it is possible to do any other attacks similar to this, you can
please give a hint about it.

Could anyone please help with this, it would be a great help!!

Is your aim to generate attack traffic? Or rather a mix of normal and attack traffic. That's one part. Googling ddos simulator will get you lots of results you can evaluate

Logging it appropriately and capturing the logs, storing them in a db is the next.


Security Onion is a FOSS Linux distribution with several great security tools integrated into an installer.

Snort & Suricata are signature based detection tools. Bro is a domain specific language for packet analysis and processing.

Bad approach. At that point, not only is the application being DDoS'ed,
but now your logging system may be overwhelmed as well. And a favorite
attack method is to throw a DDoS at one application (your http server, for
instance), and while you're drowning in logfiles, slip in an exploit for
something else (you *did* patch that tftpd server, right?)

Also, the vast majority of DDoS attempts are just fill-the-pipe attacks,
which often don't even bother attacking an application, just an IP address.
This leverages the fact that there's a lot of routers that can switch average
sized packets at line speed, but not minimum sized packets. So the link
falls over faster if it's getting pounded with ICMP Echo Request packets
or TCP SYN packets than if it's getting 800-byte http requests.


You could try my open source project:

It's pretty popular and used by a very big number of really big networks.

We have option for capturing "pcap" dump for each attack for detailed