This project is designed to detect and mitigate DDoS (Distributed Denial of Service) attacks using statistical techniques, specifically chi-square tests and entropy measures. The system aims to distinguish between legitimate and malicious traffic to ensure the server's availability.
The project comprises a single server implementing a firewall to detect and mitigate DDoS attacks. Clients and attackers simulate requests through scripts. The server and clients must belong to the same subnet (connected to a common access point or hotspot) for demonstration purposes. The server operates on an IP dynamically allocated on the subnet, with clients sending messages to that IP.
Run the server script:
python3 server.pyIn a separate terminal, execute the firewall script with administrative privileges:
sudo python3 firewall.pyAt this point, both the server and the firewall will be operational.
The following client scripts generate different types of traffic:
- File:
client_normal.py - Description: This script generates normal traffic to the server, sending packets with randomized delays between transmissions using
sleep.
- File:
client_attacker.py - Description: This script simulates a DDoS attack by continuously sending packets to the server without any delay.
To generate traffic from multiple clients with varying IPs, virtual IP addresses are created on the network interface. This simulates multiple devices originating requests.