Your SlideShare is downloading. ×
Denial of Service Attacks
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Denial of Service Attacks

8,642

Published on

1 Comment
3 Likes
Statistics
Notes
No Downloads
Views
Total Views
8,642
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
594
Comments
1
Likes
3
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Denial-of-service (DoS) Attacks Risk & Security Management Dipl.-Phys. Rainer Barthels 09.11.2012 Pascal Flöschel (FS060217) Tomal K. Ganguly (FS090182) Risk & Security Management – DoS Attacks 09.11.2012University of Liechtenstein
  • 2. Agenda 1. Facts and Figures Tomal 2. Examples Tomal 3. DoS – denial of service Tomal 4. DoS Attacks Pascal 5. Flooding Attacks Pascal 6. Attack Architectures Pascal 7. Defenses against DoS-Attacks Tomal 8. Responding to a DoS-Attack Tomal Risk & Security Management – DoS Attacks 09.11.2012University of Liechtenstein
  • 3. 1. Facts and Figures > Hackers have been carrying out DDoS attacks for more than a decade (400 MB/s in 2002 100 GB/s in 2010) > CSI Computer Crime and Security Survey states that 17% of respondents experienced some form of DoS attack in 2010 > Focus is generally on network services that are attacked over their network connection > Slashdotting / Flash crowd > popular website links to smaller site causing massive increase of traffic > overloading smaller site slow down, temporary unavailability > Flash crowd is more generic term network or host receives lots of traffic source: Stallings/Brown (2012), p. 243 f. Risk & Security Management – DoS Attacks 09.11.2012University of Liechtenstein
  • 4. 2. Examples Risk & Security Management – DoS Attacks 09.11.2012University of Liechtenstein
  • 5. 3. DoS – denial of service «A denial of service (DoS) is an action that prevents or impairs the authorized use of networks, systems, or applications by exhausting resources such as central processing units (CPU), memory bandwidth, and disk space.» (from: NIST Computer Security Incident Handling Guide, source: Stallings/Brown (2012), p.244) > Categories of resources which can be attacked: network bandwidth, system resources, application resources > Typical aims of DoS attacks: > consuming bandwidth with large traffic volumes > overload or crash the network handling software > send specific types of packets to consume limited available resources Risk & Security Management – DoS Attacks 09.11.2012University of Liechtenstein
  • 6. 4. DoS Attacks Example network to illustrate DoS Attacks source: Stallings/Brown (2012), p. 245 Risk & Security Management – DoS Attacks 09.11.2012University of Liechtenstein
  • 7. 4. DoS Attacks > SYN Spoofing source: Stallings/Brown (2012), p. 248 f. Risk & Security Management – DoS Attacks 09.11.2012University of Liechtenstein
  • 8. 5. Flooding Attacks «Flooding attacks take a variety of forms, based on which network protocol is being used to implement the attack. In all cases the intent is generally to overload the network capacity on some link to a server.» (from: Stallings/Brown (2012), p.250) > ICMP Flood > UDP Flood > TCP Syn Flood > Distributed denial-of-service Attacks > Reflector Attacks > Amplifier Attacks Risk & Security Management – DoS Attacks 09.11.2012University of Liechtenstein
  • 9. 6. Attack Architectures > Distributed Denial-of-Service (DDoS) Attacks source: Stallings/Brown (2012), p. 253 Risk & Security Management – DoS Attacks 09.11.2012University of Liechtenstein
  • 10. 6. Attack Architectures > Application-based bandwidth attacks > SIP Flood > HTTP-Based Attacks > HTTP Flood source: Stallings/Brown (2012), p. 255 Risk & Security Management – DoS Attacks 09.11.2012University of Liechtenstein
  • 11. 6. Attack Architectures > Reflector and Amplifier Attacks > Reflection Attacks source: Stallings/Brown (2012), p. 247 ff. Risk & Security Management – DoS Attacks 09.11.2012University of Liechtenstein
  • 12. 6. Attack Architectures > Reflector and Amplifier Attacks > Amplification Attacks source: Stallings/Brown (2012), p. 259 Risk & Security Management – DoS Attacks 09.11.2012University of Liechtenstein
  • 13. 7. Defenses against DoS-Attacks > Attack prevention and preemption (before the attack) > Attack detection and filtering (during the attack) > Attack source traceback and identification (during and after the attack) Risk & Security Management – DoS Attacks 09.11.2012University of Liechtenstein
  • 14. 8. Responding to a DoS-Attack > Incident response plan > Details of how to contact technical personal for ISP > Flooding attacks can only be filtered upstream from user’s network connection > Details of how to respond to the attack > Implementation of standard antispoofing, directed broadcast and rate limiting filtering > Automated network monitoring and instrusion detection system for abnormal traffic flows and identification (attack, misconfiguration, hard- / software failure) Risk & Security Management – DoS Attacks 09.11.2012University of Liechtenstein
  • 15. 8. Responding to a DoS-Attack > Proposal of guideline for organizations 1) Identify the type of attack and traceback 2) Identify best approach to defend against it 3) Capture packets flowing into the organization and analyze them, looking for common attack types (e.g. network analysis tool) 4) Documentation of actions for support of any legal action 5) Develop a strategy to switch to alternative backup servers or commission of new site with new address to restore the service (forward planning) Risk & Security Management – DoS Attacks 09.11.2012University of Liechtenstein
  • 16. Thank you for your attention. Any questions? Risk & Security Management – DoS Attacks 09.11.2012University of Liechtenstein

×