For my CSCI 400 final project, I designed a controlled infrastructure resilience experiment to evaluate how system reliability changes under a SYN flood (DDoS) attack — and how lightweight defensive controls can maintain service availability.
What I built:
• Isolated 3-VM lab using VirtualBox (Kali Linux traffic generator + two Ubuntu servers)
• Infrastructure configured with static IPs and internal networking to simulate production-like conditions
• Automated attack simulation using hping3 to generate sustained SYN traffic
Observability & Monitoring:
• Used netstat, tshark, ping, and htop to monitor connection states, packet flow, and CPU load
• Identified service degradation through SYN_RECV connection buildup and resource exhaustion
Reliability & Hardening:
• Implemented iptables rate-limiting and filtering on the protected server
• Verified that defensive rules dropped malicious traffic while preserving legitimate requests
• Demonstrated how simple firewall policies can function as first-line reliability safeguards
Outcome:
• Unprotected server became unreachable under load
• Protected server maintained stability and service availability
Takeaway:
This project reinforced how infrastructure hardening, observability, and proactive traffic control directly impact uptime. Even minimal, low-cost controls can significantly improve system resilience when designed intentionally.
Next steps include integrating IDS/IPS tools, log aggregation, and SIEM pipelines to automate detection and response.
Top comments (0)