Mémoire
| Résumé : | This Master’s thesis investigates the dynamics and impacts of DNS amplification attacks within a virtual environment. DNS amplification, a significant threat in the cybersecurity domain, exploits DNS protocol vulnerabilities to generate large volumes of traffic, potentially crippling target infrastructures. This study aims to provide a comprehensive understanding of these attacks and evaluate various mitigation strategies.An optimized virtual laboratory was configured to simulate DNS amplification attacks under controlled conditions. This environment was designed to be highly vulnerable, facilitating detailed observations of attack mechanisms and impacts. Custom scripts were developed to accurately reproduce attack scenarios, measure amplification rates, and monitor DNS traffic on the victim side.The analysis involved multiple series of measurements to compare findings with existing scientific literature and explore various factors influencing amplification rates. Mitigation techniques such as optimal DNS server configurations and rate limiting mechanisms were evaluated for their effectiveness in countering amplification attacks.Future work suggestions encompass optimizing the developed scripts, enhancing the web monitoring interface, and applying machine learning algorithms to dynamically adjust mitigation measures based on legitimate user behavior and network load. The study also proposes expanding the virtual laboratory to simulate attacks on comprehensive enterprise networks and deploying these scenarios within the Royal Military Academy’s Cyber Range, CyRange.This thesis significantly contributes to the field of cybersecurity by offering practical solutions and insights for protecting systems against DNS amplification attacks, providing a foundation for future research and professional training in this critical area. |
