DDoS simulation through the process of game mechanics Master Thesis CLAES NIELSEN Aalborg University Copenhagen Medialogi 1 2 Master thesis: Med 10 DDos Simulation through the process of game mechanics 15/6-2018 to 10/9-2018 Stefania Serafin Master thesis Lisbeth Nykjær Lars Reng In this thesis, research is being made into the background of hackers and hacking with the intent to find motivation aspect of fun and research there upon. Following the background Claes Nielsen area, a final problem statement is made with testable hypotheses. An artifact is built in the form of a simulation game for an autonomous web based split testing. Finally, when the results are analyzed through statically difference the problem statement is rejected through failure to reject the null hypotheses. 3 4 Table of Contents Introduction ................................................................................................................................................................... 8 Background .................................................................................................................................................................... 8 Malicious attackers ................................................................................................................................................... 8 Definition of hacker .............................................................................................................................................. 8 Technical explanation of hacking .......................................................................................................................... 9 Examples of worst attacks in history .................................................................................................................. 11 Different styles of attacks ....................................................................................................................................... 11 Worm .................................................................................................................................................................. 12 Malware .............................................................................................................................................................. 12 Virus .................................................................................................................................................................... 13 Phishing ............................................................................................................................................................... 13 DoS ...................................................................................................................................................................... 14 Motivation of hacking ............................................................................................................................................. 14 Different styles of hackers (white, Grey and black hats) .................................................................................... 14 Individuals ........................................................................................................................................................... 14 Groups................................................................................................................................................................. 15 Motives for hacking ................................................................................................................................................. 17 Defense systems .......................................................................................................................................................... 18 Current suggestions in place for preventing attacks .......................................................................................... 18 Defense examples ............................................................................................................................................... 19 Theoretical systems being experimented with to improve security. .................................................................. 20 Analysis ........................................................................................................................................................................ 21 Comparing games with hacking .............................................................................................................................. 21 Different methods to estimate fun/absorption etc. ........................................................................................... 21 Can hacking be considered a game ..................................................................................................................... 22 Engagement ........................................................................................................................................................ 22 Continuation desire ............................................................................................................................................ 23 Measurements of play/fun ................................................................................................................................. 28 Gamification ........................................................................................................................................................ 30 Resume ............................................................................................................................................................... 31 Defining problem statement and the testable hypothesis ..................................................................................... 32 5 Final problem statement .................................................................................................................................... 33 Defining testable hypotheses ............................................................................................................................. 34 Methodology ............................................................................................................................................................... 34 The issue of working with hackers .......................................................................................................................... 34 The need for a proxy environment ......................................................................................................................... 35 Methods of test results ........................................................................................................................................... 36 Design and implementation ........................................................................................................................................ 37 DDoS dynamics. ....................................................................................................................................................... 37 Bot Network ........................................................................................................................................................ 37 Determine time of weakness .............................................................................................................................. 38 Fighting the defense ........................................................................................................................................... 39 Continuation desire ................................................................................................................................................. 39 Minecraft example. ............................................................................................................................................. 39 Hacking as Continuation desire .......................................................................................................................... 40 Final product idea.................................................................................................................................................... 43 OpenTDB ............................................................................................................................................................. 44 Testing ......................................................................................................................................................................... 45 Smoke testing ..................................................................................................................................................... 45 Performance test ................................................................................................................................................ 45 End–to-end tests ................................................................................................................................................. 45 Spreading the test ................................................................................................................................................... 46 Results ......................................................................................................................................................................... 47 Qualitative demographics findings .........................................................................................................................