Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Running Head: DENIAL OF SERVICE (DOS) OUTBREAKS STUDY AND ANALYSIS The e-Research Paper on, Denial of Service (DoS) Outbre...
DENIAL OF SERVICE (DOS) OUTBREAKS STUDY AND ANALYSIS 2 CERTIFICATE OF AUTHENTICITY This is to indorse that this academic e...
DENIAL OF SERVICE (DOS) OUTBREAKS STUDY AND ANALYSIS 3 APPROVAL FOR SCHOLARLY DISSEMINATION AUTHOR COPYRIGHT PROCLAMATION ...
DENIAL OF SERVICE (DOS) OUTBREAKS STUDY AND ANALYSIS 4 media conversion and online/offline printing or supplementary allie...
DENIAL OF SERVICE (DOS) OUTBREAKS STUDY AND ANALYSIS 5 regulation. Proclamations regarding the author’s forthcoming direct...
DENIAL OF SERVICE (DOS) OUTBREAKS STUDY AND ANALYSIS 6 APPRENTICE DECLARATION I hereby proclaim and indorse that this acad...
DENIAL OF SERVICE (DOS) OUTBREAKS STUDY AND ANALYSIS 7 ABBREVIATIONS DoS - Denial of Service BoF - Buffer Over-Flow DDoS -...
DENIAL OF SERVICE (DOS) OUTBREAKS STUDY AND ANALYSIS 8 CHARGEN - Character Generator Protocol X-Mas Tree - Christmas Tree ...
DENIAL OF SERVICE (DOS) OUTBREAKS STUDY AND ANALYSIS 9 DD4BC - Distributed Denial of Service for Bitcoin TDoS - Telephony ...
DENIAL OF SERVICE (DOS) OUTBREAKS STUDY AND ANALYSIS 10 ABSTRACT Denial of Service attacks are in the contemporary world a...
DENIAL OF SERVICE (DOS) OUTBREAKS STUDY AND ANALYSIS 11 INTENTIONALLY BLANK
DENIAL OF SERVICE (DOS) OUTBREAKS STUDY AND ANALYSIS 12 INTRODUCTION TO THE STUDY The DoS (Denial of Service) Attacks are ...
DENIAL OF SERVICE (DOS) OUTBREAKS STUDY AND ANALYSIS 13 2010) and (Rossow, 2016). These amplification attacks use TCP boos...
DENIAL OF SERVICE (DOS) OUTBREAKS STUDY AND ANALYSIS 14 LIST OF REFERENCES This appendix comprises bibliographic citations...
DENIAL OF SERVICE (DOS) OUTBREAKS STUDY AND ANALYSIS 15 REFERENCES Geraldine Strawbridge, 2019, 10 Biggest DDoS Attacks an...
DENIAL OF SERVICE (DOS) OUTBREAKS STUDY AND ANALYSIS 16 Daniel Palmer, 2016, Experts cast doubt on Census DDoS claims. [on...
DENIAL OF SERVICE (DOS) OUTBREAKS STUDY AND ANALYSIS 17 Ryan Naraine, 2009, Windows 7, Vista exposed to "teardrop attack"....
DENIAL OF SERVICE (DOS) OUTBREAKS STUDY AND ANALYSIS 18 Ionut Ilascu, 2014, 38-Day Long DDoS Siege Amounts to Over 50 Peta...
DENIAL OF SERVICE (DOS) OUTBREAKS STUDY AND ANALYSIS 19 INTENTIONALLY BLANK
DENIAL OF SERVICE (DOS) OUTBREAKS STUDY AND ANALYSIS 20 APPENDIX: 001 PGP Key of the Author -----BEGIN PGP PUBLIC KEY BLOC...
Upcoming SlideShare
Loading in …5
×

Denial of Service (DoS) Outbreaks Study and Analysis

20 views

Published on

Denial of Service attacks are in the contemporary world a recurrently resources of cyber outbreak that distresses extremely on network security as well as cyber-security and the renowned state of online legitimate facilities. This e-paper evaluates the DoS attack vectors with its pertinent allied factors and offers a thoroughgoing academic analysis of prevailing DoS attacks and associated DoS attack vectors practices, proposed to discover rugged and rigid approach to boost the knowledge on DoS attacks saga and their valiant future aspects to make the cyber-world agitate and challenge the existing network and cyber-defense strategies governing by the authoritative entities.

Published in: Internet
no profile picture user

  • Be the first to comment

  • Be the first to like this

Denial of Service (DoS) Outbreaks Study and Analysis

  1. 1. Running Head: DENIAL OF SERVICE (DOS) OUTBREAKS STUDY AND ANALYSIS The e-Research Paper on, Denial of Service (DoS) Outbreaks Study and Analysis T. A. D. S. Sameera de Alwis. Ph.D. | D.B.A Course on Counterintelligence Methods – Academic Research Paper McAfee Institute - USA DATE OF SUBMISSION : 14th July 2020 VERSION SVN # : 1.000.000 REFERENCING STYLE : Harvard Modern CITATION STYLE : Harvard Modern COMPLIANCE INFO STUB : ISO/IEC 27001 (Guided 27002 Info-Security Standard) TRACKING ID # : CI-1.00.000-GENERIC-DR.SAM-2020 UNICODE FONT TYPE : UTF-8 - Times New Roman BINARY BYTE ORDER : LITTLE ENDIAN (INTEL) – XML Unicode LANGUAGE DICTIONARY AND THESAURUS USED: EN-US (United States - English) ANTI-TAMPER DIGITAL FINGERPRINT (CHECKSUM): 2B4D:0D4A (CRC32) PGP : 6B1462A356393374CE8135A55C66BFEB8F18D8143E789C56F9A04F2437BE6581
  2. 2. DENIAL OF SERVICE (DOS) OUTBREAKS STUDY AND ANALYSIS 2 CERTIFICATE OF AUTHENTICITY This is to indorse that this academic electronic research paper is entitled “Denial of Service (DoS) Outbreaks Study and Analysis” acquiesced to “McAfee Institute - USA” in partial fulfillment of the prerequisite for the award of the specialist certification of “Counterintelligence Methods” is an authentic and innovative effort conceded by “T. A. D. S. Sameera de Alwis. Ph.D. | D.B.A” with conscription for “Specialist Certification” under the firm/vigilant supervision of “McAfee Institute - USA”. The substance personified in this academic electronic research paper is authentic effort done by the scholar and has not been acquiesced whether to this institute or to whichever supplementary university/academic organization for the fulfillment of the prerequisite of whichever additional course of study. I hereby confirm that I have read this academic electronic research paper and in my precise judgment it is a fully focused topic adequate and oriented in scope and superiority as an academic electronic research paper for the specialist academic course of “Counterintelligence Methods”. Approved for the University and Institute Committee/University Grant Commission on Graduate Studies
  3. 3. DENIAL OF SERVICE (DOS) OUTBREAKS STUDY AND ANALYSIS 3 APPROVAL FOR SCHOLARLY DISSEMINATION AUTHOR COPYRIGHT PROCLAMATION AND END USER LICENSE AGREEMENT This academic electronic research paper is a solitary possession, intellect and asset of the author or the content provider. And the author hereby grants every appropriate global established and scholastic requisite sole right to the particular institute. This official consent grants to the institute sole right to reproduce the partial or full portion/section by whichever appropriate global scholastically accepted and international standardized scholastic technique of this academic electronic research paper nevertheless only upon the appropriate “authorized request” from the author of this academic electronic research paper under the austere/firm license state of Non- Commercial (sole scholastic determination only). It is the tacit that only the “authorized request” consists of the endorsed consent on the part of the requesting party that said reproduction or supplementary modification/tampering is for his/her private (confidential) or public use and that subsequent reproduction or supplementary modification/tampering should not occur without written endorsement/consensus or explicit permission from the author of this academic electronic research paper. Individuals using this thesis is subject to the appropriate terms and firm state of affairs stated in this section. The unauthorized commercial use of this academic electronic research paper comprising partial or full portion/section is strictly prohibited under the governing lawsuits of both indigenous and worldwide unless expressly permitted by the content provider. Additionally, whichever portion/section of this academic electronic research paper used in books, papers, and/or supplementary works must be appropriately referenced/cited to this academic electronic research paper. The copy of this academic electronic research paper has been provided on condition that anyone who consults it is implicit to recognize that its sole copyright reserved with the original author and that no quotation/section from the academic electronic research paper and no information derived from it may be published/posted without the prior written consent of the author of this academic electronic research paper. Users who granted to use this academic electronic research paper may not post/publish whichever content of this academic electronic research paper on public or private (unrestricted/restricted) online/offline websites, forums, discussion-boards, emails, portals, gopher services, paste-bins, newsgroups, IRCs, BBSs or supplementary electronic media over whichever prevailing global computer/network and internetwork protocols without the prior explicit permission from the respective owner of this academic electronic research paper. If someone make content from this academic electronic research paper available electronically, it must be posted/published (access-restricted or unrestricted and public/private) above stated online media, up on the sole endorsement by the original author of this academic electronic research paper. Then users who has the appropriate access to this academic electronic research paper may also have the explicit access to its content and use them devoid of devouring whichever legal precincts. Whichever exceptional usages for explicit tasks (distinctive operational activities other than usage or content extraction) comprising document media transfer, document media export, document
  4. 4. DENIAL OF SERVICE (DOS) OUTBREAKS STUDY AND ANALYSIS 4 media conversion and online/offline printing or supplementary allied activities of this academic electronic research paper are strictly prohibited unless expressly permitted by the author. Whichever unauthorized content (text/image and/or supplementary resource) extraction, reproduction, duplication, alteration, modification, or supplementary tampering/publishing and/or using of this academic electronic research paper is strictly forbidden and illicit under the governing intellectual property legal regulations in worldwide continents (Ex. Digital Millennium Copyright Act (DMCA)), governing intellectual property legal regulations in domestic continent (Ex. Intellectual Property Act No#. 36 of 2003 – Sri Lanka) and/or supplementary governing law suits prevailing in the biosphere and may consequence offense of criminal and/or civil legal prosecutions and penalizes to the maximum extent under the aforesaid governing law suits. Whichever sentiment, discovery, interpretation, conclusion or recommendation expressed in this material are those of the author and do not essentially reflect the interpretation, policy or position and/or whichever supplementary associated effort of the Ministry of Defense (M.o.D), Governing Military Forces, Department of Police, Criminal Investigations Department (C.I.D), State Intelligence Service (S.I.S), Department of Justice (D.o.J), Ministry of Law, the supplementary associated Sri Lankan governmental authorities and/or whichever worldwide prevailing government. Attention is drawn to the information that copyright of this academic electronic research paper reserved with its original author. In conclusion, the author of this academic electronic research paper reserves every right to publish/modify this academic electronic research paper freely/commercially in the literature at whichever time/location and partial or full portion/section of this academic electronic research paper. This academic electronic research paper may be made available for scholastic consultation within the particular granted university library/alumna’s (alumni) section and may be photocopied/printed or lent to supplementary granted libraries for the determination of scholastic consultation or similar manner. The explicitly granted/permitted scholastic uses of this academic electronic research paper are lecture hall instructions and associated scholastic activities (such as scholar projects/assignments, scholastic handouts, research and conceptual papers, presentations and etc.), display/demonstration or performance as part of a noncommercial scholarly and/or educational presentations (such as in classes, seminars, lectures, workshops, exhibitions, conferences or similar noncommercial scholarly and educational activities), student and/or faculty portfolios, theses, term papers, intranet or internet course websites/portals (Ex. Moodle, Microsoft SharePoint Portal, etc.) and academic electronic research paper only for review and study purposes. This academic electronic research paper is updated/upgraded as of the initial date of publication and may be transformed by the author at whichever time retro from whichever diverse topographical location in the biosphere. This academic electronic research paper is licensed in accordance to the terms and state of affairs of the stated EULA which is provided under the firm and exclusive authority of the author. The user/viewer is liable for certifying acquiescence with the governing laws and the regulations pertinent to it. The author does not liable to provide whichever legal assistance or legal manifestation or authorization that his/her authored exertion concomitant to this documentation will authorize that the end-user/viewer is in obedience with whichever the governing law suit or
  5. 5. DENIAL OF SERVICE (DOS) OUTBREAKS STUDY AND ANALYSIS 5 regulation. Proclamations regarding the author’s forthcoming directions and intents are subject to the amendments or withdrawals with/without prior notice epitomize only the goals and objectives. The information in this academic electronic research paper is provided “as is” without whichever license, express or implied comprising without whichever licenses of merchantability, appropriateness for a precise determination and whichever assurance or condition of non- infringement. Every stated enumerated and declared company/business name, title, designation, tag, term, label, trademark, product/brand name, logo, trade symbol, service mark, registered trademark, registered service mark, supplementary copyrighted/patented resources and merchandises (commercial (comprising trial-ware and shareware) licenses, donation-ware (give- away) licenses and GNU F.O.S.S public licenses (Open Source comprising B.S.D and Creative- Common) license forms stated this academic electronic research paper in numerous worldwide jurisdictions and are the sole possessions of their respective proprietors with or without which they are allied. Every original copyright is reserved with them and sole rights are also reserved as they stated in their evocative public/private EULAs (End User License Agreement). And every legal act, term, law suite, legislation, equilibrium, general term, footing, state of affair, sectorial rule, regulation and procedure is covered under the D.M.C.A (Digital Millennium Copyright Act) as such worldwide legal frameworks and regulations as well as indigenous governing law suites. Limited worldwide copyrighted, patented resources and merchandises are legally covered within the academic electronic research paper boundary would also be observed to Intellectual Property Act (I.P.A) No# 36 of 2003 – Sri Lanka. The specific intellectual and copyright violation investigation and legal prosecution and regulatory body in continent is the B.S.A (Business Software Alliance is a worldwide body) Sri Lankan chapter and they have sole right to lawfully prosecute whichever corporate or enterprise with the provision of the Department of Police of Sri Lanka. Date: 14th July 14, 2020 Author: T. A. D. S. Sameera De Alwis, Ph.D. | D.B.A Copyright © 1976-2020, Dr. Sameera de Alwis. All Rights Reserved. Colombo, Sri Lanka.
  6. 6. DENIAL OF SERVICE (DOS) OUTBREAKS STUDY AND ANALYSIS 6 APPRENTICE DECLARATION I hereby proclaim and indorse that this academic electronic research paper exertion aristocratic “Denial of Service (DoS) Outbreaks Study and Analysis” is my sole private, innovative, revolutionize effort and has not been inaugurated in collaboration with whichever supplementary organization/establishment and no part/share of it has been acquiesced and/or submitted for whichever supplementary degree/study determination or published in whichever supplementary allied from till date. ___________________________________ Author of the e-Research Paper T. A.D. S. Sameera de Alwis, Ph.D. | D.B.A Digitally signed by Dr. Sameera De Alwis DN: cn=Dr. Sameera De Alwis, c=LK, o=Cyber-Intel Online (Pvt) Ltd, ou=Cyber-Intelligence, email=business@cyberintel.online SN: C=LK OU=Cyber-Intelligence CN=Dr. Sameera De Alwis O=Cyber-Intel Online (Pvt) Ltd E=business@cyberintel.online Reason: I attest to the accuracy and integrity of this document Location: Sri Lanka Date: 2020.07.15 03:02:08 +05'30'
  7. 7. DENIAL OF SERVICE (DOS) OUTBREAKS STUDY AND ANALYSIS 7 ABBREVIATIONS DoS - Denial of Service BoF - Buffer Over-Flow DDoS - Distributed Denial of Service PPS - Packets Per Second Mbps - Mega Bits Per Second Gbps - Giga Bits Per Second Tbps - Tera Bits Per Second C&C - Command-and-Control C2S - Command-and-Control Server IRC - Internet Relay Chat RDoS - Reflection or Reflective Denial of Service DRDoS - Distributed Reflection or Reflective Denial of Service DNS - Domain Name System DNSSEC - Domain Name System Security NTP - Network Time Protocol TCP - Transmission Control Protocol HOIC - High Orbit Ion Canon LOIC - Low Orbit Ion Canon NetBIOS - Network Basic Input/Output System CoAP - Constrained Application Protocol SNMP - Simple Network Management Protocol
  8. 8. DENIAL OF SERVICE (DOS) OUTBREAKS STUDY AND ANALYSIS 8 CHARGEN - Character Generator Protocol X-Mas Tree - Christmas Tree SSDP - Simple Service Discovery Protocol Kad - Kademlia Protocol QOTD - Quote of the Day Protocol UDP - User Datagram Protocol TFN - Tribe Flood Network TFN2K - Tribe Flood Network 2000 SYN - Synchronize ICMP - Internet Control Message Protocol P2P - Peer-to-Peer HTTP - Hyper-Text Transfer Protocol PDoS - Permanent Denial of Service CC - Challenge Collapsar RUDY - R-U-Dead-Yet UPnP - Universal Plug and Play TTL - Time-To-Live XML - Extensible Markup Language XDoS - XML Denial of Service WAF - Web Application Firewall vDoS - Virtualized Denial of Service APDoS - Advanced Persistent Denial of Service OSINT - Open-Source Intelligence
  9. 9. DENIAL OF SERVICE (DOS) OUTBREAKS STUDY AND ANALYSIS 9 DD4BC - Distributed Denial of Service for Bitcoin TDoS - Telephony Denial of Service VoIP - Voice-over Internet Protocol Caller-ID - Caller Identifier CLI - Caller Identifier SMS - Short Message Service
  10. 10. DENIAL OF SERVICE (DOS) OUTBREAKS STUDY AND ANALYSIS 10 ABSTRACT Denial of Service attacks are in the contemporary world a recurrently resources of cyber outbreak that distresses extremely on network security as well as cyber-security and the renowned state of online legitimate facilities. This e-paper evaluates the DoS attack vectors with its pertinent allied factors and offers a thoroughgoing academic analysis of prevailing DoS attacks and associated DoS attack vectors practices, proposed to discover rugged and rigid approach to boost the knowledge on DoS attacks saga and their valiant future aspects to make the cyber-world agitate and challenge the existing network and cyber-defense strategies governing by the authoritative entities. KEYWORDS: DoS, DDoS, RDoS, DRDoS, Botnet, Bot, Zombies, Cyber Crime, Cyber Army, Counter Attacks, Denial of Service, Hackers, Outbreaks, Cyber Security, Cyber, Intelligence, Distributed Denial of Service, HOIC, High-Orbit Ion Canon, XDoS, vDoS, LOIC, Low-Orbit Ion Canon, Booters, DD4BC, Distributed Denial of Service for Bitcoin, TCP Boosters, APDoS, Advanced Persistent Denial of Service.
  11. 11. DENIAL OF SERVICE (DOS) OUTBREAKS STUDY AND ANALYSIS 11 INTENTIONALLY BLANK
  12. 12. DENIAL OF SERVICE (DOS) OUTBREAKS STUDY AND ANALYSIS 12 INTRODUCTION TO THE STUDY The DoS (Denial of Service) Attacks are the utmost prevalent cyber-attack form in the business- domain and yet it is the most infamous successful attack even for the script-kiddies. The DoS attacks are characteristically achieved by overflowing the targeted victimized computer system or cloud-based resource with bogus network request traffic in an attempt to override the victimized web/network systems and disrupt specific categories or every authentic network traffic request from being contented (Chappell, 2014). There are two (2) forms of DoS types Remote DoS/Local DoS (deviated from Local DoS attacks such as fuzzing or fork-bomb or BoF (Buffer-Overflow) itemized in software vulnerabilities domain. In this context of DoS attack, the attacker searches a machine, system, or network or web/cloud resource inaccessible to its envisioned end-users by permanently/temporarily disrupting the legitimate web/network or cloud services of hosts linked to the cyber-space (GovCERT(AU), 2009) and (US-CERT.CISA(GOV), 2009). Most DDoS or Distributed DoS attacks are bandwidth focused and infrequently specific DDoS is not bandwidth focused such as Network Protocol Level DoS Attacks are consuming lower bandwidths with PPS (Packets Per Second) and DDoS outbreaks are measured by how many volumes of bits sends to the target end-point per second such as Mbps, Gbps, Tbps (TheRegister, 2004) and (Palmer, 2016). There are numerous gravest and notable incidents reported from the world such as Mafiaboy (2000) against CNN, Amazon, eBay, Dell, and Yahoo, Estonia suffered (2007) due to Russian Cyber-warfare, Bank of America, JP Morgan Chase, U.S. Bancorp, Citigroup, and PNC Bank suffered in 2012 with 60 Gbps DoS, Cyberbunker (Dutch Hoster) suffered DoS in 2013 with 300 Gbps due to Spamhaus blockage, CloudFlare suffered in 2014 with 400 Gbps, Occupy Central (Hong-Kong) suffered 500 Gbps in 2014, BBC (2015) with 600 Gbps, GitHub (2015) due to avoiding Chinese State Censorship, Dyn (2016) attack Amazon, Netflix, Airbnb, Spotify, Twitter, PayPal, and Reddit suffered, KrebsOnSecurity suffered (2016) 665 Gbps DDoS (Greene, 2016) and (Krebs, 2016), OVH (French Hoster) in 2016 with 1.5 Tbps (Goodin, 2016) and (Khandelwal(TheHackerNews), 2016), GitHub (2018) with 1.35 Tbps DDoS, etc. (Strawbridge, 2019) and (A10 Staff, 2018). The Distributed Denial of Service A.K.A DDoS refers to the engagement of mammoth numbers of bots (zombies) or termed as DDoS Bot-Army or DDoS Botnet mostly deployed (within the hacked/compromised computers/networked, and/or IoT devices (Mirai Botnet), etc.) in geographically dissimilar locations with the volume of few hundred-thousand to millions and controlled by Bot-Herder or Bot-Master over the C2S or C&C (Command and Control) Server inside the Public IRC Channels (Tqaweekly, 2014). These DDoS Zombies are deployed to attack servers, systems, devices/software programs, cloud, or national critical infrastructures. Typically, DDoS attacks generated by exploiting vulnerabilities in computer/web or cloud system and the key intruder system turns into the DDoS Central and fetched into the operations to detect/exploit vulnerable systems in the same network segment using pivoting or planting a zombie or within the context of cyber-space to turn the vulnerable systems into DDoS bot as a part of Botnet (Imperva, 2015) and (Khandelwal, 2015). The RDoS (Reflection or Reflective DoS)/DRDoS (Distributed Reflection DoS) or amplification attacks use reflectors (Bot-Herder sends the Magic-Packet over IRC connected C&C to amplify the attack use of reflector-bots) to overwhelm the linked systems (Ex. Reflective DNS Response Attack against robust DNS servers (misconfigured or without the use of DNSSEC) (Zawoznik, Azaria, Zeifman, 2018) and the RDoS/DRDoS use of a hypothetically valid third-party software components to send the bogus network traffic to a victimized system (US-CERT.CISA(GOV), 2013), eventually spoofing their self-identity (NTP,
  13. 13. DENIAL OF SERVICE (DOS) OUTBREAKS STUDY AND ANALYSIS 13 2010) and (Rossow, 2016). These amplification attacks use TCP boosters/stressor or TCP booters (such as Jays Booter) to amplify their firepower (Krebs, 2015) such as HOIC/LOIC developed in the era of cyber- propaganda such as LulzSec/Anonymous (Ex. #Operation Payback), etc. (Jauregui, 2013). These attack forms can be propagated with UDP as well and the protocols use for RDoS are NetBIOS, CoAP, SNMPv2, CHARGEN, SSDP, Kad, QOTD, Steam, NTP, Quake Network, DNS (UDP), Memcached, BitTorrent (Adamsky, Khayam, Jäger, Rajarajan, 2015), (Paxson, 2001), and (Zargar, Joshi, Tipper, 2013). There are numerous forms of DoS attacks counting from ancient Trinoo DDoS (Boyle, 2008), Tribe Flood Network (TFN or TFN2K had capabilities such as flooding UDP/SYN/ICMP packets, Peer-to-Peer (P2P) DoS (Lemos, 2007) and (Prolexic, 2007), DoS Level II, Nuke, LAND, Banana, Smurf Attack, X- Mas (Christmas) Tree Packet Flood, automated malware forms such as MyDoom (PaloaltoNetworks, 2020) and moreover sophisticated and most complex forms of attacks such as HTTP Slow POST DoS, TCP-SYN Flood (Eddy/IETF, 2007), PDoS (Permanent DoS) (Radware, 2017), Slow Read/Shrew/Degradation-of- Service Attack (Indiana University, 2010), SACK Panic (Ubuntu, 2019), Challenge Collapsar (CC) (HuaweiCloud, 2020), R-U-Dead-Yet (RUDY) with Slowloris or PyLoris tools, UPnP Flood (Franklin Jr., 2018) and (Zawoznik, Azaria, Zeifman, 2018), TTL Expiry/Teardrop Attacks (Cisco, 2014) and (Carnegie Mellon University, 2017), Sophisticated Low-Bandwidth DDoS (Naraine, 2009), XMLDoS (XDoS) against WAF subsystems (Higgins, 2013), etc. The future of DoS attacks empowers with follow vDoS (Virtualized DoS – Cloud-Based Pay-As-You-Go Services or DDoS-for-Hire Service) (Europol, 2019) and (D'Anastasio, 2018), APDoS (Advanced Persistent DoS) with literal movements for Post APT attacks or pre-attack for OSINT (the lengthiest incessant period reported so far persisted 38 days and attack tangled approximately 50 plus petabits of malicious traffic) (Ilascu(Softpedia), 2014) and (Greenwald(The Intercept), 2014), DD4BC (DDoS for Bitcoin) and TDoS (Telephony DoS) abusing VoIP traffic and generate a mammoth volume of telephone voice calls with Caller-ID/CLI spoof nodes, and also SMS Flooding, Black Fax or Fax Loop Transmissions against companies or any other organization in the world (Imperva, 2019), (Solon(Bloomberg), 2015) and (Brenner(Akamai), 2015).
  14. 14. DENIAL OF SERVICE (DOS) OUTBREAKS STUDY AND ANALYSIS 14 LIST OF REFERENCES This appendix comprises bibliographic citations for the specific subject matters comprising identified cyber defense, outbreak, and associated literature. This set of literatures were used for numerous analyses within the contextual arena of this entire academic electronic research paper. The certain bibliographic citations of the specified documents castoff for the cyber outbreak and associated terminology analysis and rest of the documents were castoff for the cyber defense and associated terminology analysis. Please note that several stated (cited) sensitive/vital documents and resources were extracted from the published online dumps and leaks of email and web archives. Author holds no specific responsibility for any visible or invisible impairment cause of these reference articles. LEGAL DISCLAIMER THIS SECTION IS PROVIDED "AS IS" WITH NO WARRANTY. THE END-USER MUST ASSUME THE RISK FACTORS OF USING THIS SECTION. YOUR USAGE OF THIS IMPLIES YOUR ACCEPTANCE OF THESE TERMS AND STATE OF AFFAIRS. YOU SHOULD JUDICIOUSLY READ THE FOLLOWING TERMS AND STATE OF AFFAIRS BEFORE USING THIS SECTION. IF YOU DO NOT AGREE WITH THE STATED TERMS AND STATE OF AFFAIRS, PLEASE DO NOT USE THIS SECTION. TERMS AND CONDITIONS/STATE OF AFFAIRS UNDER NO STATE OF AFFAIRS WILL [T. A. D. S. Sameera de Alwis, Ph.D. | D.B.A] OR HIS ASSOCIATES, OR ITS ACQUAINTANCES/AFFILIATES, [McAfee Institute (USA)] OR ITS ACQUAINTANCES/AFFILIATES AND STATED (AS NAMES) WHICHEVER INDIVIDUALS OR THEIR COLLEAGUES/ASSOCIATES BE LAWFULLY OR SUPPLEMENTARY MANNERLY LIABLE TO THE EXPLICIT BUSINESS/ORGANIZATION, AND/OR WHICHEVER SUPPLEMENTARY INDIVIDUAL OR ENTITY FOR WHICHEVER FORFEITURE OF USE, REVENUE OR PROFIT LOSS OR DAMAGED DATA OR SUPPLEMENTARY COMMERCIAL OR ECONOMIC FORFEITURE OR REPUTATIONAL FOR WHICHEVER DIRECT, INDIRECT, INCIDENTAL, SPECIAL, STATUTORY, PUNITIVE, EXEMPLARY, OR CONSEQUENTIAL DAMAGES/LOSSES WHATSOEVER ASSOCIATED TO THE USE OR RELIANCE UPON THIS SECTION AND ALL TESTING AMENITIES, EVEN IF ADVISED OF THE LIKELIHOOD OF SUCH DAMAGES OR IF SUCH DAMAGES/LOSSES ARE FORESEEABLE. REFERENCES SHELL The online availability of these materials and/or resources are being designated with the “[online]” tag at the tail of every bibliographic entry in this section and the last access date of the material or resource stated as the syntax/format of “(Last Accessed: [month]/[date]/[year])”.
  15. 15. DENIAL OF SERVICE (DOS) OUTBREAKS STUDY AND ANALYSIS 15 REFERENCES Geraldine Strawbridge, 2019, 10 Biggest DDoS Attacks and How Your Organisation Can Learn from Them. [online] https://www.metacompliance.com/blog/10-biggest-ddos-attacks-and-how- your-organisation-can-learn-from-them/ (Last Accessed: 07/14/2020). A10 Staff, 2018, 5 Most Famous DDoS Attacks. [online] https://www.a10networks.com/blog/5- most-famous-ddos-attacks/ (Last Accessed: 07/14/2020). Tim Greene, 2016, Security Blogger Krebs Says IoT DDoS Attack Was Payback for a Blog. [online] https://www.networkworld.com/article/3124400/security-blogger-krebs-says-iot-ddos- attack-was-payback-for-a-blog.html (Last Accessed: 07/14/2020). Brian Krebs, 2016, KrebsOnSecurity Hit with Record DDoS. [online] https://krebsonsecurity.com/2016/09/krebsonsecurity-hit-with-record-ddos/ (Last Accessed: 07/14/2020). GovCERT(AU), 2009, Managing Denial of Service (DoS) Attacks Summary Report for CIOs and CSOs. [online] https://www.tisn.gov.au/Documents/ITSEAG+Managing+Denial+of+Service+(DoS)+Attacks+- +Summary+Report+for+CIOs+and+CSOs.pdf (Last Accessed: 07/14/2020). Imperva, 2015, The Top 10 DDoS Attack Trends. [online] https://www.imperva.com/docs/DS_Incapsula_The_Top_10_DDoS_Attack_Trends_ebook.pdf (Last Accessed: 07/14/2020). PaloAltoNetworks, 2020, What is a denial of service attack (DoS)?. [online] https://www.paloaltonetworks.com/cyberpedia/what-is-a-denial-of-service-attack-dos (Last Accessed: 07/14/2020). US-CERT.CISA(GOV), 2009, Understanding Denial-of-Service Attacks. [online] https://us- cert.cisa.gov/ncas/tips/ST04-015 (Last Accessed: 07/14/2020). TheRegister, 2004, US credit card firm fights DDoS attack. [online] https://www.theregister.com/2004/09/23/authorize_ddos_attack/ (Last Accessed: 07/14/2020). Europol, 2019, Authorities across the world going after users of biggest DDoS-for-hire website. [online] https://www.europol.europa.eu/newsroom/news/authorities-across-world-going-after- users-of-biggest-ddos-for-hire-website (Last Accessed: 07/14/2020). Andres Jauregui, 2013, Anonymous DDoS Petition: Group Calls on White House to Recognize Distributed Denial of Service as Protest. [online] https://www.huffpost.com/entry/anonymous- ddos-petition-white-house_n_2463009 (Last Accessed: 07/14/2020). Cecilia D'Anastasio, 2018, FBI Seizes 15 DDoS-For-Hire Websites. [online] https://kotaku.com/fbi-seizes-15-ddos-for-hire-websites-1831239141 (Last Accessed: 07/14/2020).
  16. 16. DENIAL OF SERVICE (DOS) OUTBREAKS STUDY AND ANALYSIS 16 Daniel Palmer, 2016, Experts cast doubt on Census DDoS claims. [online] https://delimiter.com.au/2016/08/19/experts-cast-doubt-census-ddos-claims/ (Last Accessed: 07/14/2020). Bill Chappell, 2014, People Overload Website, Hoping to Help Search for Missing Jet. [online] https://www.wnmufm.org/post/people-overload-website-hoping-help-search-missing- jet#stream/0 (Last Accessed: 07/14/2020). NTP, 2010, DRDoS/Amplification Attack using ntpdc monlist command. [online] http://support.ntp.org/bin/view/Main/SecurityNotice#April_2010_DRDoS_Amplification_A (Last Accessed: 07/14/2020). Christian Rossow, 2016, Amplification Hell: Revisiting Network Protocols for DDoS Abuse. [online] https://web.archive.org/web/20160304015033/http://www.internetsociety.org/sites/default/files/0 1_5.pdf (Last Accessed: 07/14/2020). Vern Paxson, 2001, An Analysis of Using Reflectors for Distributed Denial-of-Service Attacks. [online] AT&T Center for Internet Research at ICSI (International Computer Science Institute) http://www.icir.org/vern/papers/reflectors.CCR.01/reflectors.html (Last Accessed: 07/14/2020). Cisco, 2014, TTL Expiry Attack Identification and Mitigation. [online] https://tools.cisco.com/security/center/resources/ttl_expiry_attack.html (Last Accessed: 07/14/2020). Curtis Franklin Jr., 2018, New DDoS Attack Method Leverages UPnP "Lock down UPnP routers" researchers say. [online] https://www.darkreading.com/new-ddos-attack-method-leverages- upnp/d/d-id/1331799 (Last Accessed: 07/14/2020). Avishay Zawoznik, Johnathan Azaria, and Igal Zeifman, 2018, New DDoS Attack Method Demands a Fresh Approach to Amplification Assault Mitigation. [online] https://www.imperva.com/blog/new-ddos-attack-method-demands-a-fresh-approach-to- amplification-assault-mitigation/ (Last Accessed: 07/14/2020). US-CERT.CISA(GOV), 2013, DNS Amplification Attacks. [online] https://us- cert.cisa.gov/ncas/alerts/TA13-088A (Last Accessed: 07/14/2020). Ubuntu, 2019, SACK Panic and Other TCP Denial of Service Issues. [online] https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SACKPanic (Last Accessed: 07/14/2020). W. Eddy, 2007, TCP SYN Flooding Attacks and Common Mitigations. [online] Network Working Group https://tools.ietf.org/html/rfc4987 (Last Accessed: 07/14/2020). Carnegie Mellon University, 2017, 1997 CERT Advisories. [online] https://resources.sei.cmu.edu/asset_files/WhitePaper/1997_019_001_496176.pdf (Last Accessed: 07/14/2020).
  17. 17. DENIAL OF SERVICE (DOS) OUTBREAKS STUDY AND ANALYSIS 17 Ryan Naraine, 2009, Windows 7, Vista exposed to "teardrop attack". [online] https://www.zdnet.com/article/windows-7-vista-exposed-to-teardrop-attack/ (Last Accessed: 07/14/2020). HuaweiCloud, 2020, Anti-DDoS. [online] https://support.huaweicloud.com/en- us/antiddos_faq/antiddos-faq.pdf (Last Accessed: 07/14/2020). Phillip Boyle, 2008, Distributed Denial of Service Attack Tools: trinoo and wintrinoo. [online] SANS Institute, https://web.archive.org/web/20080515025103/http://www.sans.org/resources/idfaq/trinoo.php (Last Accessed: 07/14/2020). Brian Krebs, 2015, Stress-Testing the Booter Services, Financially. [online] https://krebsonsecurity.com/2015/08/stress-testing-the-booter-services-financially/ (Last Accessed: 07/14/2020). Radware, 2017, "BrickerBot" Results in PDoS Attack. [online] https://security.radware.com/ddos- threats-attacks/brickerbot-pdos-permanent-denial-of-service/ (Last Accessed: 07/14/2020). Adamsky, Khayam, Jäger, Rajarajan, 2015, P2P File-Sharing in Hell: Exploiting BitTorrent Vulnerabilities to Launch Distributed Reflective DoS Attacks. [online] https://www.usenix.org/conference/woot15/workshop-program/presentation/p2p-file-sharing- hell-exploiting-bittorrent (Last Accessed: 07/14/2020). Tqaweekly, 2014, 5 Famous Botnets that held the internet hostage. [online] Episode #5-11 https://tqaweekly.com/episodes/season5/tqa-se5ep11.php (Last Accessed: 07/14/2020). Zargar, Joshi, Tipper, 2013, Survey of Defense Mechanisms Against Distributed Denial of Service (DDoS) Flooding Attacks. [online] http://d-scholarship.pitt.edu/19225/1/FinalVersion.pdf (Last Accessed: 07/14/2020). Dan Goodin, 2016, Record-breaking DDoS reportedly delivered by >145k hacked cameras Once unthinkable, 1 terabit attacks may soon be the new normal. [online] https://arstechnica.com/information-technology/2016/09/botnet-of-145k-cameras-reportedly- deliver-internets-biggest-ddos-ever/ (Last Accessed: 07/14/2020). Swati Khandelwal, 2016, World's largest 1 Tbps DDoS Attack launched from 152,000 hacked Smart Devices. [online] https://thehackernews.com/2016/09/ddos-attack-iot.html (Last Accessed: 07/14/2020). Imperva, 2019, Global DDoS Threat Landscape. [online] https://www.imperva.com/resources/reports/Imperva_DDOS_Report_20200131.pdf (Last Accessed: 07/14/2020). Bill Brenner, 2015. Q4 2014 State of the Internet. [online] Security Report: Numbers, https://blogs.akamai.com/2015/01/q4-2014-state-of-the-internet---security-report-some- numbers.html (Last Accessed: 07/14/2020).
  18. 18. DENIAL OF SERVICE (DOS) OUTBREAKS STUDY AND ANALYSIS 18 Ionut Ilascu, 2014, 38-Day Long DDoS Siege Amounts to Over 50 Petabits in Bad Traffic. [online] https://news.softpedia.com/news/38-Day-Long-DDoS-Siege-Amounts-to-Over-50-Petabits-in- Bad-Traffic-455722.shtml (Last Accessed: 07/14/2020). Robert Lemos, 2007, Peer-to-peer networks co-opted for DOS attacks. [online] https://www.securityfocus.com/news/11466 (Last Accessed: 07/14/2020). Kelly Jackson Higgins, 2013, DDoS Attack Used "Headless" Browsers In 150-Hour Siege. [online] https://www.darkreading.com/attacks-breaches/ddos-attack-used-headless-browsers-in- 150-hour-siege/d/d-id/1140696? (Last Accessed: 07/14/2020). Prolexic, 2007, P2P DDoS Attacks. [online] https://web.archive.org/web/20070803175513/http://www.prolexic.com/news/20070514- alert.php (Last Accessed: 07/14/2020). Swati Khandelwal, 2015, Hacking CCTV Cameras to Launch DDoS Attacks. [online] https://thehackernews.com/2015/10/cctv-camera-hacking.html (Last Accessed: 07/14/2020). Glenn Greenwald, 2014, Hacking Online Polls and Other Ways British Spies Seek to Control the Internet. [online] https://theintercept.com/2014/07/14/manipulating-online-polls-ways-british- spies-seek-control-internet/ (Last Accessed: 07/14/2020). Indiana University, 2010, Types of DDoS Attacks. [online] https://web.archive.org/web/20100914222536/http://anml.iu.edu/ddos/types.html (Last Accessed: 07/14/2020). Olivia Solon, 2015, Cyber-Extortionists Targeting the Financial Sector Are Demanding Bitcoin Ransoms. [online] https://www.bloomberg.com/news/articles/2015-09-09/bitcoin-ddos-ransom- demands-raise-dd4bc-profile?mod=djemRiskCompliance (Last Accessed: 07/14/2020).
  19. 19. DENIAL OF SERVICE (DOS) OUTBREAKS STUDY AND ANALYSIS 19 INTENTIONALLY BLANK
  20. 20. DENIAL OF SERVICE (DOS) OUTBREAKS STUDY AND ANALYSIS 20 APPENDIX: 001 PGP Key of the Author -----BEGIN PGP PUBLIC KEY BLOCK----- Comment: User-ID : Dr. Sameera De Alwis - Cyber-Intel Online (Pvt) Ltd <business@cyberintel.online> Comment: Created : 8/11/2019 2:37 PM Comment: Expires : 8/31/2022 12:00 PM Comment: Type : 4096-bit RSA (secret key available) Comment: Usage : Signing, Encryption, Certifying User-IDs, SSH Authentication Comment: Fingerprint: 3C0C64DC3163852355D6C87545DAA4AD508BC7EC mQINBF1P2sMBEADdS+S71zw449zVR7r7Ff/6NSWZtI2unQbqFpaMuxgU/R2m56l/ Vg10rdeYPKIhOktpMXlVwMsKqcg0RhjED9knBAf6d/8TRaYgoML0PBT3mawB9V62 crbr/IgVMJ/XSZbXiJ2ZKPDjD6x9Ux4+L6nms7eKePWQeJDEdwI+T9EhNANPZ3fk GApr4pEhgjOYBdzWuuTX7G1Yl5xUqtl8AGaDAZPyCLRptbwr3C6Gikrg6voVV16d 3+7ymYd5wGIrNzNilut5iF0wz9zZ3YIY+jGdwBub7Ff2A3YaCRwA5nNqfvnKJ4wm 7APDq3q1GTVuxT8gr+TUc6bo9jd/MIA2VlATaijdkoCRWo0rU+/ik6UcbwnpNaNm 0ClofHL8ZcPKBxrNXc89bCWMoLD3sA7i3zuTuN98ONEk+4opAzMnsffcqggWuR8q QPaf0L0ww7slUdHXEf+SoQ+s4YJEYrCqFkM6P1lciaaTnc16uLergE5AFQrL17uK jL2220iZAdg0wILANzSQ/d6RTSizDGgy9JXI+QjgY7Q2H6Pjk5LgPo4oMkSdDyey WU5DckHihS/wKbz5TAx1yQqv2Mpnjyifv1gL7M6eyazVz+wPO5rC1bCDMMQ8odON 5XXMsS9tMEEL56Ipk+jUM/7/9Z9PcPxTQF8i8Ljr3aAIaddP6Iv6L4fzUQARAQAB tFxEci4gU2FtZWVyYSBEZSBBbHdpcyAtIEN5YmVyLUludGVsIE9ubGluZSAoUHZ0 KSBMdGQgLSBTcmkgTGFua2EgPGJ1c2luZXNzQGN5YmVyaW50ZWwub25saW5lPokC VAQTAQgAPhYhBDwMZNwxY4UjVdbIdUXapK1Qi8fsBQJdT9rDAhsjBQkFvyUlBQsJ CAcCBhUKCQgLAgQWAgMBAh4BAheAAAoJEEXapK1Qi8fsyKgQAMz2Abu/Oh1dydqz CiKVZvA+8PcW5trzWyCDd4w+ET+ZCn2flLcO1Enx9mTCIMg8nw9cRsEZQOrauIaw ztcHdJthlr4PquK6sP2MDj5VeQFCqW3gCxLjIJvyfdWTE1f0miGXTLjVrwPLkZkh jrw6l6fvYeBs82OK/lD7zXJOkHdIyuKoHv4w8OLuJeK923DxjdP9xPofJT3IvOPe NgVuVw8ZOO4agWzuOKn4aGgp7nke2pF2yrneTfJXAeP5tz4x4UwLCBz8yqYuCaki SmhzE9lReiGc2bApHyYMol05hehJMBm9aeH7Zz9HZUEsEpqlXC9Nhi9sIIy7UM/K Z0GtzwjKHnbKuR/FrwHdc/4rFpvf0PpKPfXPTBdcVZMWhHvbL2nCBRVX6IE4uTPR AGH8mPqoTBq4hiEHZj22MtaNEMQpViFQmGskGlSY6G+/Jy6m6MwvRRhSsCkzA/Gt 9YBFwJ+IbxcdeBxohAzu0uIsgkOViPlUqAdDcM/07g19k4d/LndBM/3Jli9z38Wd tjD146wvTWbcRgh+2f/hpuvxNouRE55BMixcS5O+4NXDbyhZUHPk++D7fTFqLz6u GgON/UBXOrEvtFQPYlw8eag1EWvL/Zkg9up5JJb1HBq8gRT6etC8iHLoiFN+BoDY WaQEsW0SpIG6nBaxWLBSG3sG2XTiuQINBF1P2sMBEACpi8OZ+MMtPcIdXd2CJgQi w3KG/pw3uCFNi2TdKT/WluHCGIYSRAJlVFNUHxxRpR0oe3nJs4z88dh6ApkzFWYC gBN6w6TpRsKgfGJ5LTnxDCqtkpSpyFp4wHXG5s/FW7y/Vj0J/xVJQyUsRxT6aSbi Sm75V2eYHrvz8Mz0t90WlP1Mb2GdBh/ORUiXUsoqfLs7rEiNmKFnpSesbFI1Xr1h UD+7T/xo3sdDtcsKh90hE8am0V1CCOtQPjNGymmgr0u8Thzpvt70o1YWDxhMWl4f C/BUbM1LXKklPaZ4kbMHojfDHMXZPTZ9RrkJ5WXRRbrMJRKhZO8U6+ZApPiyiCgj KeWwmzvq0BOfDAHMo/+Qi3tv7aiJtVZTWFGOZU5DcbAnErCe7rePb1WI/3ORkHhE LkJ/9wMxCtJToQgL13F4+cpy2eAS67D4QqqNlZwSKTKGLyb7hxKSXMrTX9sAyYsJ AaVzKG5JxRI9crpUIAwuRzvYRIeqOUWVyAKUP1KTTqqdawt4POipKTTqAiB2p4GC ozmtqXE4uQA6DT66JbKDhb+JDbfAEVkwy80GeIZjiR3pdM5dclOSFHOmRWrXBpUw Kam3CIEPPgZgHL0R8kdyQQetrmn5ezwkJtoEj6f997t5zZowXtU4w6j+CQIHh1Ee jx2Ss2Uqu+0oiMBFvo/iLQARAQABiQI8BBgBCAAmFiEEPAxk3DFjhSNV1sh1Rdqk rVCLx+wFAl1P2sMCGwwFCQW/JSUACgkQRdqkrVCLx+yHoQ//RLDifdAQYV67zrwE jSM3U4JoLvTzA3JF9g0HKE1n188OylMOFRMlw/rhNDjIfmU7iV0hoQ2EV32PWZ7m QQ7b/GgE2fQvKjrIoT6UH8jbo7hP9bNlDVTlKX2USitifBLuvQdJCnPDCiGYMi/i HJIYmWPSP0B29rzsoHuaE6+mwFg1xNdrxjYy9ug7vMYxVWRy/Vxuy6US6m6xKFGq DwgkNGhF8p9ZQlo+QWXS6XhGQ2djJ11bnt+EYFIte/wIVhYeF8lMjjMBP3Jd8Ak5 /4vTNID2YL7OQ0+2HSe5UtFB0MCUJz6qmMy9wpqEr3j4DrgEZuygNag2SS+WLM6/ 6mbS5v8/9Pmy3mH5/DDsYbzkACI/g05fAiWHE5zCc+FQ2jnHJEiuleCLPCxYLQbS gaIQeMDJi7mnq0yEnYfLIWjAzQiimANeeymDlmoQGDb2+pA/DzgCJ8ToyoR/VVJZ 6ReF19TgsTwzqwBQ3mx0agTVprjHcN2kBeCb9TDJQ7SOtnyVD7iw34XGLM71klnf HxcKOUPbRUROlZ/0UxWbySGNpsoO00ZOj/hquWbua9KhRrv0hV1Bo2XVzqIkciA8 Eoj757sO4ezQ4PYCjw+uP2B05WMK3CDGoUQCwNmWF5SWKofGXnL48HX/tXxE9L2D HR/kepNCmbpNVTScMdXWSA1rwOs= =JgXL -----END PGP PUBLIC KEY BLOCK-----

×