Identifying Denial of Service attacks and appropriate mitigation strategies for Small to Medium Sized Enterprises

Master's Thesis from the year 2012 in the subject Computer Science - IT-Security, grade: Merit, The Open University, course: MSc Advanced Networking, language: English, abstract: This research report investigated the potential risks from DoS (Denial of Service) attacksfaced by SMEs (Small to Medium-sized Enterprises) that have an online presence. From theexamination of case studies, reports, global surveys, and discussions with IT professionalsthis report evaluates which DoS attacks are the most prolific, and which DoS threatsorganisations need to secure against. From the results of the investigation it can be seen thatthe potential risk of becoming the target of a DoS attack continues to pose a significant threatto an organisation regardless of the size. It was evident from the results of the initial researchthat further investigation was required to evaluate which DoS threat were of most concern toSMEs (Small to Medium sized Enterprises). Through practical experimentation in acontrolled network laboratory environment, a number of DoS attacks that are of currentconcern to SMEs were investigated, the main purpose of this investigation was to evaluateappropriate mitigation strategies to secure against the identified DoS attacks. This reportconcludes by highlighting that SMEs may be susceptible to well-known DoS attacks whendeploying network hardware in default configuration, and by identifying the appropriate DoSmitigation options available to network and security administrators associated with SMEs. The conclusion also shows how these DoS mitigation options can be practically applied to thetype of network hardware typically deployed in a SME environment.