Abstract:
The Internet is an open and e cient TCP/IP protocol which is most widely used in the world. As usage of the Internet and TCP/IP protocols increases, their lack of built-in security has become more and more problematic. Nowadays, network attacks are the most important and serious problem on the Internet. DoS attack is the one of these network attacks which takes advantage of the lack of authenticity in the IP protocol and stateless nature of the Internet. This thesis examines the TCP/IP architecture, general network structures and network security mechanisms. Second, DDoS attacks and server system models are covered in this work. New attack models are proposed and developed. These new models and also existing attack models are simulated. While generating di erent attacks, new proposed server model is also designed and coded. This server is called \virtual server with a new perspective". Third, after generating the custom attacks against the custom server system, protection and warning mechanisms are required on the server side. In that case, custom intrusion detection and intrusion prevention system models are designed. In addition, numerous of simulation are completed. Finally, at the end of the research, many point of views about conutermeasures systems are proposed, and their results are investigated.
