Enterprise servers' operating system performance during DoS and Slow DoS attacks
2020 (English)Independent thesis Basic level (university diploma), 5 credits / 7,5 HE credits
Student thesisAlternative title
Företagsservers operativsystemprestanda under DoS och långsam DoS-attacker (Swedish)
Abstract [sv]
Tre olika servrar vilka kör tre olika serveroperativsystem utsattes för denial-of-service (DoS) attackerna; UDP-översvämning och långsam HTTP. Datorer som kör Kali Linux användes som angripare, samt verktygen hping3 och Slowloris användes för att utföra attackerna. Den första attackrundan utfördes av en dator och den andra omgången utfördes av fyra datorer samtidigt, detta var för att simulera DoS-attacker och distribuerade denial-of-service (DDoS). Resultaten samlades in både innan och under attackerna för att sedan jämföras. De tre operativsystemen i fråga var Windows Server 2019, Ubuntu Server 19.10 och CentOS 8 Server vilka alla hade Apache webbserverprogramvara installerad. Serverns genomsnittliga CPU-användning och genomsnittliga minnesanvändning mättes. Dessa resultat jämfördes sedan och om någon ökning hade inträffat under attacken betydde det att attacken påverkade servern negativt, en högre ökning innebar en högre effekt. Under de långsamma HTTP-attackerna kontrollerades webbservrarna för tillgänglighet, om dessa inte var tillgängliga var attacken framgångsrik.
Under testen konstaterades det att Windows-servern hade den sämsta prestanda under båda attackerna, vilket visade den högsta ökningen av hårdvaruanvändning och den lägsta drifttiden på webbsidan när den attackerades.
Ubuntu-servern presterade bäst när man tittade på CPU- och minnesanvändning, med liten eller ingen förändring från dess basresultat och en högre drifttid för webbsidan än Windows-servern.
CentOS registrerade en mindre förändring i hårdvaruprestandan när den attackerades än Windows-servern men mer än Ubuntu-servern, det var dock servern med längst drifttid när webbsidan attackerades.
Abstract [en]
Three different servers running three different server operating systems were subjected to the denial-of-service (DoS) attacks; UDP flood and Slow HTTP. Computers running Kali Linux were used as the attackers and the tools hping3 and Slowloris were used to perform the attacks. The first round of attacks was performed by one computer and the second round was performed by four computers simultaneously, this was to simulate DoS attacks and distributed denial-of-service (DDoS) attacks respectively. Results were recorded both before and during the attacks, to then be compared. The three Operating systems in question were Windows Server 2019, Ubuntu Server 19.10 and CentOS 8 Server, they all had the web server software Apache installed. The servers' average CPU usage and average memory usage were measured, these results were then compared and if any increase had occurred during the attack it would be deduced that the attack was impacting the server negatively, a higher increase meant a higher impact. During the Slow HTTP attacks the web servers were checked for availability, if it was not available then the attack was successful.
During testing it was found that the Windows server had the worst performance during both attacks, showing the highest increase in hardware usage and the lowest uptime of the web page when being attacked.
The Ubuntu server performed the best when looking at the CPU and memory usage, with little to no change from its baseline results and a higher uptime of its webpage than the Windows server.
CentOS recorded less of a change in hardware performance when being attacked than the Windows server but more so than the Ubuntu server, it was, however, the server with the most uptime of the webpage when being attacked.
Place, publisher, year, edition, pages
2020. , p. 22
Keywords [en]
DoS, DDoS, Windows Server 2019, Ubuntu 19.10, CentOS 8, Slowloris, hping3, UDP flood, Slow HTTP
Keywords [sv]
DoS, DDoS, Windows Server 2019, Ubuntu 19.10, CentOS 8, Slowloris, hping3, UDP flood, Slow HTTP
National Category
Electrical Engineering, Electronic Engineering, Information Engineering
Identifiers
URN: urn:nbn:se:hv:diva-15245Local ID: EXN300OAI: oai:DiVA.org:hv-15245DiVA, id: diva2:1447121
Subject / course
Computer enigeering
Educational program
Nätverksteknik med IT-säkerhet
Supervisors
Examiners
2020-07-072020-06-252020-07-07Bibliographically approved