FINAL PROJECTS:
Evaluating the effectiveness of firewall mitigation strategies against DDoS traffic in ns-3
Abstract:
Firewalls are essential components for security enforcement in a network, as they are the first layer of protection from unwanted traffic and cyber-attacks [1]. This project will use the ns-3 network simulator to study the effect of a UDP-based distributed denial-of-service (DDoS) attack on legitimate network traffic and to evaluate the effectiveness of firewall-based mitigation [2]. A baseline network with normal UDP communication between clients and a server will first be simulated to measure standard performance metrics such as throughput, delay, and packet loss. A DDoS attack will then be introduced using multiple attacker nodes that send high-rate malicious UDP traffic toward the server, with the goal of degrading service availability. Finally, a traditional packet filtering firewall mechanism will be implemented to filter or block attack traffic. By comparing baseline, attack, and mitigated scenarios, the project will determine how severely the attack impacts normal UDP communication and how effectively a firewall can restore legitimate traffic performance, as well as the limitation of traditional packet filtering [3]. The analysis will also incorporate research on the performance of different firewall architectures, including Next-Generation Firewalls (NGFWs) and Distributed Firewalls [4 & 5].
References:
[1] W. Koribeche, D. Espes, C. Morin, "UDP State Manipulation: Description of a Packet Filtering Vulnerability in Stateful Firewalls," Foundations and Practice of Security, Apr. 2024, doi: https://doi.org/10.1007/978-3-031-57537-2_19
[2] C. Sheth, R. Thakker, "Performance Evaluation and Comparison of Network Firewalls under DDoS Attack," I. J. Computer Network and Information Security, Dec. 2013, doi: https://doi.org/10.5815/ijcnis.2013.12.08
[3] H. Hamed, A. El-Atawy, E. Al-Shaer, "Adaptive Statistical Optimization Techniques for Firewall Packet Filtering," School of Computer Science, DePaul University, Chicago, USA. n.d., Available: https://web.archive.org/web/20100610081958id_/http://www.mnlab.cs.depaul.edu/projects/Filtering/publications/infocom06-fwopt.pdf
[4] G. Mamidisetti, C. V. S. Reddy, N. Singh, K. Rama Krishnaiah, B. Parvathi and R. Kulkarni, "Evaluating the Effectiveness of Firewalls to Prevent DDoS Attacks," 2025 2nd International Conference on New Frontiers in Communication, Automation, Management and Security (ICCAMS), Bangalore, India, 2025, doi: https://ieeexplore.ieee.org/document/11234056
[5] S. Ioannidis, A. D. Keromytis, S. M. Bellovin, J. M. Smith, "Implementing a Distributed Firewall," Proceedings of the 7th ACM conference on Computer and Communications Security, doi: https://dl.acm.org/doi/10.1145/352600.353052
Comparing DHCP Failover Techniques
Abstract:
In modern network architectures, it's very important to ensure that every device has a unique IP address and with more and more devices connected to any given network managing unique IPs is important. Dynamic Host Configuration Protocol (DHCP) helps with this by using a server to assign IP addresses to devices when they join a network. The assigned IP Addresses can be leased to a device for a limited time or permanently [1]. However, if the DHCP server fails, new hosts on the network won't be assigned IP addresses, preventing them from accessing critical services like DNS [2]. Because of this, it's very important that DHCP servers have redundancy to ensure continued service even if a single server fails. In this project we will use ns3 to compare 2 different methods for DHCP failover, rating them based on the success rate during the failure (how many devices joined vs how many devices were assigned IPs) and duration of the failure (how long after the first server goes down does it take for the second server to take over) . [3] links a pair of DHCP servers as a primary and secondary server allowing the secondary to take over if the primary fails. This method is commonly used in industry as outlined by [4]. [5] expands this idea creating a hierarchy of servers that can be distributed over multiple vpn connected networks to ensure reliable DHCP over the entire set. We will evaluate the hierarchy of servers for multiple server counts to see how the server count impacts the reliability.
References:
[1] R. Droms, "Dynamic Host Configuration Protocol," Dynamic Host Configuration Protocol, Mar. 1997, doi: https://doi.org/10.17487/rfc2131.
[2] D. Garn, "The role of DHCP reviews for business continuity," Search Networking, 2026. https://www.techtarget.com/searchnetworking/tip/The-role-of-DHCP-reviews-for-business-continuity (accessed Feb. 08, 2026).
[3] R. Fan, R. Droms, N. Griffeth, and N. Lynch, "The DHCP Failover Protocol: A Formal Perspective." Accessed: Feb. 08, 2026. [Online]. Available: https://groups.csail.mit.edu/tds/papers/Fan/forte07.pdf
[4] dknappettmsft, "DHCP failover in Windows Server," Microsoft.com, Mar. 27, 2025. https://learn.microsoft.com/en-us/windows-server/networking/technologies/dhcp/dhcp-failover#dhcp-failover-and-windows-failover-clustering (accessed Feb. 08, 2026).
[5] L. Trombeta and N. Torrisi, "DHCP Hierarchical Failover (DHCP-HF) Servers over a VPN Interconnected Campus," Big Data and Cognitive Computing, vol. 3, no. 1, p. 18, Mar. 2019, doi: https://doi.org/10.3390/bdcc3010018.
Project web page
Abstract:
References:
[1]
[2]
[3]
[4]
[5]
Project web page
Abstract:
References:
[1]
[2]
[3]
[4]
[5]