Journal of Information Security

Volume 3, Issue 2 (April 2012)

ISSN Print: 2153-1234   ISSN Online: 2153-1242

Google-based Impact Factor: 2.08  Citations  h5-index & Ranking

Experimental Evaluation of Cisco ASA-5510 Intrusion Prevention System against Denial of Service Attacks

HTML  XML Download Download as PDF (Size: 1600KB)  PP. 122-137  
DOI: 10.4236/jis.2012.32015    7,062 Downloads   12,404 Views   Citations

ABSTRACT

Cyber attacks are continuing to hamper working of Internet services despite increase in the use of network security systems such as, firewalls and Intrusion protection systems (IPS). Recent Denial of Service (DoS) attack on Independence Day weekend, on July 4th, 2009 launched to debilitate the US and South Korean governments’ websites is indicative of the fact that the security systems may not have been adequately deployed to counteract such attacks. IPS is a vital security device which is commonly used as a front line defense mechanism to defend against such DoS attacks. Before deploying a firewall or an IPS device for network protection, in many deployments, the performance of firewalls is seldom evaluated for their effectiveness. Many times, these IPS’s can become bottleneck to the network performance and they may not be effective in stopping DoS attacks. In this paper, we intend to drive the point that deploying IPS may not always be effective in stopping harmful effects of DoS attacks. It is important to evaluate the capability of IPS before they are deployed to protect a network or a server against DoS attacks. In this paper, we evaluate performance of a commercial grade IPS Cisco ASA-5510 IPS to measure its effectiveness in stopping a DoS attacks namely TCP-SYN, UDP Flood, Ping Flood and ICMP Land Attacks. This IPS comes with features to counteract and provide security against these attacks. Performance of the IPS is measured under these attacks protection and compared with its performance when these protection features were not available (i.e. disabled). It was found that the IPS was unable to provide satisfactory protection despite the availability of the protection features against these flooding attacks. It is important for the network managers to measure the actual capabilities of an IPS system before its deployment to protect critical information infrastructure.

Cite this paper

S. Kumar and R. Sekhar Reddy Gade, "Experimental Evaluation of Cisco ASA-5510 Intrusion Prevention System against Denial of Service Attacks," Journal of Information Security, Vol. 3 No. 2, 2012, pp. 122-137. doi: 10.4236/jis.2012.32015.

Copyright © 2020 by authors and Scientific Research Publishing Inc.

Creative Commons License

This work and the related PDF file are licensed under a Creative Commons Attribution 4.0 International License.