Understanding DDoS Attacks: Simulation, Analysis & Defense

Slide Note
Embed
Share

Delve into the world of Distributed Denial of Service (DDoS) attacks with this comprehensive study covering the architecture, advantages, bot installation phases, attack methods, defenses, and simulation. Learn about the detrimental impact of DDoS attacks on servers, their multi-tiered structure, and the challenges in defending against them. Explore the simplicity and anonymity of DDoS attacks, highlighting the need for robust security measures to mitigate their disruptive effects.

okey
okey Follow

Uploaded on Nov 20, 2024 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

E N D

Presentation Transcript

  1. Simulation and Analysis of DDosAttacks 2012 International Conference on Emerging Trends in Science, Engineering and Technology Poongothai, M Sathyakala, M Department of Information Technology ,Institute of Road and Transport Technology, Erode Tamilnadu, India Department of Information Technology ,Institute of Road and Transport Technology, Erode Tamilnadu, India Speaker: 101061555 1

  2. Outline Introduction to DDosAttack DDosAttack Architecture Advantages of DDosAttack Four Phase of bot installation DDosAttack Methods DDos Defenses Simulation Conclusion 2

  3. Intruduction to DDosAttack Distributed Denial of Service(DDos) Overloads the targeted server with useless traffic, crashes the server and leaves it unable to properly communicate with the legitimate users. Consume mainly the victim s bandwidth, processing capacity and storage capacity. May need human intervention to resume. 3

  4. DDosAttack Architecture 4

  5. Advantages of DDosAttack Simple No sophisticated mechanisms. A single hacker can do. Difficult to trace Multi-tiered structure. IP source spoofing. 5

  6. Advantages of DDosAttack Similar to legitimate traffic Attack streams from numerous machines converge near the victim. Robust Attacks will continue even if one node is dead. 6

  7. Four Phase of Bot Installation What is Bot? A program that automatically operates as an user or another program. Installed in the internal-node computers called handlers or agents . Wait for the hacker to initiate the attack remotely. 7

  8. Four Phase of Bot Installation 1.Scanning Installed bots scan lots of computers for security flaws. 2.Exploitation Susceptible hosts are found and compromised hosts are listed. 8

  9. Four Phase of Bot Installation 3.Deployment The handler software is installed in the compromised hosts. 4.Propagation Handler then scans for vulnerable hosts and compromises them, called agents/Daemon . 9

  10. DDosAttack Methods Methods Smurf Floods Floods the network with ICMP ECHO requests with the victim s address, then the victim will filled with ping responses. ICMP Floods The Attacker generates lots of ICMP ECHO packets directed at the victim. Finally, the victim is busy replying all the ECHO requests. 10

  11. DDosAttack Methods UDP/TCP Floods Send a large number of UDP/TCP packets to the victim and tie up the available network bandwidth. TCP SYN Floods Not to give the final ACK packet and make the victim waste the allocated buffer. 11

  12. DDosAttack Methods 12

  13. DDosAttack Methods Dynamics Application attacks Protocol attacks Operating system attacks Host attacks Network attacks Infrastructure attacks 13

  14. DDos Defense Classification Preventive Eliminate the vulnerabilities in the system and prevent the attacker from gaining a group of zombie machines. Survival Increase the victim s sources for surviving during the attack. Responsive Control the attack streams from influencing the victim. 14

  15. DDos Defense Strategy Agent identification who is attacking? Rate limiting Impose a rate limit on the incoming streams. Filtering Filter out the attack streams. Reconfiguration Change the topology of the networks near the victim. 15

  16. DDos Defense Countermeasures Path isolation Routers isolate traffic path, and this information can be used to deploy filters on the path. Privileged customer Customers used to communicate with the server will have the first priority. 16

  17. DDos Defense Traffic baselining Filter the traffic when some traffic parameter exceed their expected value. Resource multiplication More resources are deployed to sustain large attacks. Legitimate traffic inflation Multiply the legitimate traffic. 17

  18. Simulation Three considerations DDos attack traffic Legitimate traffic Network topology Software used - NS2 Can replicate threats of interests in a secure environment. 18

  19. Simulation 19

  20. Conclusion Evolution in intruder tools will continue. Even if the system/network is robust, others may be not. Thus, the security issue still exists. 20

Related


Understanding DDoS Attacks and Defense Strategies

Understanding DDoS Attacks and Defense Strategies

min_nog
Automated Signature Extraction for High Volume Attacks in Cybersecurity

Automated Signature Extraction for High Volume Attacks in Cybersecurity

klos_k
Challenges of Cloud Auto-Scaling Mechanisms in DDoS Attacks

Challenges of Cloud Auto-Scaling Mechanisms in DDoS Attacks

land_an
Types Cyber Attacks: Cyber Security Training Workshop

Types Cyber Attacks: Cyber Security Training Workshop

anara
Overview of DoS and DDoS Attacks in Cybersecurity

Overview of DoS and DDoS Attacks in Cybersecurity

annaliyah
Understanding Network Security Vulnerabilities and Attacks

Understanding Network Security Vulnerabilities and Attacks

leyo_5
Understanding Network Denial of Service (DoS) Attacks

Understanding Network Denial of Service (DoS) Attacks

zahra
Targeted Deanonymization via the Cache Side Channel: Attacks and Defenses

Targeted Deanonymization via the Cache Side Channel: Attacks and Defenses

jmora
Understanding Denial-of-Service Attacks and Defense Strategies

Understanding Denial-of-Service Attacks and Defense Strategies

delphi
The Right Way to Code Simulation Studies in Stata

The Right Way to Code Simulation Studies in Stata

gama500
Cache-Based Attack and Defense on ARM Platform - Doctoral Dissertation Thesis Defense

Cache-Based Attack and Defense on ARM Platform - Doctoral Dissertation Thesis Defense

del_ran
System Modeling and Simulation Overview

System Modeling and Simulation Overview

buffy
Understanding Network-based Attacks in the Cloud: The Dark Menace

Understanding Network-based Attacks in the Cloud: The Dark Menace

kat_r
Defense Modeling and Simulation Coordination Office Overview

Defense Modeling and Simulation Coordination Office Overview

pau_489
Basin Manipulation Simulation Analysis Tool Overview

Basin Manipulation Simulation Analysis Tool Overview

ama_g
Preventing Active Timing Attacks in Low-Latency Anonymous Communication

Preventing Active Timing Attacks in Low-Latency Anonymous Communication

kmike
Information Security Tabletop Exercise: Malware & DDOS Attack

Information Security Tabletop Exercise: Malware & DDOS Attack

jay
Guidelines for DDOs on Accounts Management

Guidelines for DDOs on Accounts Management

mmeld
Understanding Computer Simulation and Modeling Tools

Understanding Computer Simulation and Modeling Tools

jah_s
Managing Covid-19 Cyber and Data Protection Risks

Managing Covid-19 Cyber and Data Protection Risks

kaisen
Mitigation of DMA-based Rowhammer Attacks on ARM

Mitigation of DMA-based Rowhammer Attacks on ARM

baylee
Strategies to Protect School Systems from Cyber Attacks

Strategies to Protect School Systems from Cyber Attacks

alins
Overview of Army Modeling and Simulation Office

Overview of Army Modeling and Simulation Office

samira
Comprehensive Guide on XSS Attacks and Defense Strategies

Comprehensive Guide on XSS Attacks and Defense Strategies

analilias

More Related Content