Identifying Denial of Service Attacks and Appropriate Mitigation Strategies for Small to Medium Sized Enterprises

Master's Thesis from the year 2012 in the subject Computer Science - IT-Security, grade: Merit, The Open University, course: MSc Advanced Networking, language: English, abstract: This research report investigated the potential risks from DoS (Denial of Service) attacks faced by SMEs (Small to Medium-sized Enterprises) that have an online presence. From the examination of case studies, reports, global surveys, and discussions with IT professionals this report evaluates which DoS attacks are the most prolific, and which DoS threats organisations need to secure against. From the results of the investigation it can be seen that the potential risk of becoming the target of a DoS attack continues to pose a significant threat to an organisation regardless of the size. It was evident from the results of the initial research that further investigation was required to evaluate which DoS threat were of most concern to SMEs (Small to Medium sized Enterprises). Through practical experimentation in a controlled network laboratory environment, a number of DoS attacks that are of current concern to SMEs were investigated, the main purpose of this investigation was to evaluate appropriate mitigation strategies to secure against the identified DoS attacks. This report concludes by highlighting that SMEs may be susceptible to well-known DoS attacks when deploying network hardware in default configuration, and by identifying the appropriate DoS mitigation options available to network and security administrators associated with SMEs. The conclusion also shows how these DoS mitigation options can be practically applied to the type of network hardware typically deployed in a SME environment.