search

tklab-tud / ID2T

Official ID2T repository. ID2T creates labeled IT network datasets that contain user defined synthetic attacks.
MIT License
58 stars 23 forks source link

DDoS: injection of 5000pps over 1sec can produce >5000 packets sent #94

Open pepper-jk opened 5 years ago

pepper-jk commented 5 years ago

sample seed: 37166886442902638009042361742793723293

Executing:

./id2t -i background.pcap -a DDoS attackers.count=1 inject.after-pkt=5 attack.duration=1 packets.per-second=5000 ip.src=66.66.66.66 ip.dst=12.12.12.12 -o forum_test.pcap -S 37166886442902638009042361742793723293

Results in the following ip statistics for 66.66.66.66:

> select * from ip_statistics where ipaddress="66.66.66.66";
Query returned 1 record:

ipAddress: 66.66.66.66
pktsReceived: 2291
pktsSent: 7709
kbytesReceived: 134.23828125
kbytesSent: 451.69921875
maxPktRate: 9920.0498046875
minPktRate: 0.0
maxKByteRate: 58.12528991699219
minKByteRate: 0.0
maxLatency: 3590
minLatency: 0
avgLatency: 1433
ipClass: A