Analysis and simulation of Defence Wide Area Network performance under denial of service attack

The Defence Wide Area Network (DWAN) provides a common computer/data communications infrastructure for interconnecting the heterogeneous Local Area Networks (LANs) and Metropolitan Area Networks (MANs) within the Department of National Defence (DND). Connection to the DWAN provides seamless access to departmental applications such as the Defence Information Network (DIN), Peoplesoft, Financial and Managerial Accounting System (FMAS), and Canadian Forces Supply System Upgrade (CFSSU). However, the DWAN's mandate of providing connectivity for departmental applications is growing to support a steadily increasing amount of operational traffic. Therefore, the DWAN's ability to sustain operations under stressful network conditions is becoming an operational concern to commanders in theatre. A threat to sustained network operations is the use of Denial of Service (DoS) attacks.; This thesis analyzes and simulates the Defence Wide Area Network (DWAN) performance under Denial of Service attacks to highlight DWAN vulnerabilities and proposes solutions to mitigate negative effects associated with DoS attacks. This thesis selects a number of DoS attacks that could be encountered on the DWAN. The choice of DoS attacks includes attacks selected from the categories of operating system based attacks, traditional network based DoS attacks and Distributed DoS (DDoS) attacks. The selection of DoS attacks is then characterized by their implementation mechanism, as well as the type and quantity of traffic that is generated. This characterization leads to the creation of traffic models that are verified in a controlled laboratory environment. The validated models are then incorporated into a DWAN baseline model that represents the current DWAN configuration. The model is validated against actual DWAN network traffic. Network simulations are run with this combined model (DWAN and DoS attack(s)), outlining the effects on the DWAN architecture due to the chosen DoS attack(s), highlighting those areas within the DWAN that are most vulnerable. Possible administrative responses to mitigate the effects of the attacks with respect to the DWAN are reviewed to determine their effectiveness.