Simulation and Analysis of DDos Attacks Poongothai, M Department of Information Technology,Institute of Road and Transport Technology, Erode Tamilnadu,

Slides:



Advertisements
Similar presentations
(Distributed) Denial of Service Nick Feamster CS 4251 Spring 2008.
Advertisements

NETWORK SECURITY ADD ON NOTES MMD © Oct2012. IMPLEMENTATION Enable Passwords On Cisco Routers Via Enable Password And Enable Secret Access Control Lists.
Network and Application Attacks Contributed by- Chandra Prakash Suryawanshi CISSP, CEH, SANS-GSEC, CISA, ISO 27001LI, BS 25999LA, ERM (ISB) June 2006.
Denial of Service & Session Hijacking.  Rendering a system unusable to those who deserve it  Consume bandwidth or disk space  Overwhelming amount of.
Overview of Distributed Denial of Service (DDoS) Wei Zhou.
Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 7 “Denial-of-Service-Attacks”.
Security (Continued) V.T. Raja, Ph.D., Oregon State University.
Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.
Network Attacks Mark Shtern.
 Unlike other forms of computer attacks, goal isn’t access or theft of information or services  The goal is to stop the service from operating o.
Computer Security and Penetration Testing
Distributed Denial of Service Attacks CMPT Distributed Denial of Service Attacks Darius Law.
IP Spoofing, CS2651 IP Spoofing Bao Ho ToanTai Vu CS Security Engineering Spring 2003 San Jose State University.
Outline Definition Point-to-point network denial of service
Beyond the perimeter: the need for early detection of Denial of Service Attacks John Haggerty,Qi Shi,Madjid Merabti Presented by Abhijit Pandey.
UNCLASSIFIED Secure Indirect Routing and An Autonomous Enterprise Intrusion Defense System Applied to Mobile ad hoc Networks J. Leland Langston, Raytheon.
Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.
Analysis of Attack By Matt Kennedy. Different Type of Attacks o Access Attacks o Modification and Repudiation Attacks o DoS Attacks o DDoS Attacks o Attacks.
Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 7: Denial-of-Service Attacks.
Defending Against Flooding Based DoS Attacks : A tutorial - Rocky K.C. Chang, The Hong Kong Polytechnic University Presented by – Ashish Samant.
Attack Profiles CS-480b Dick Steflik Attack Categories Denial-of-Service Exploitation Attacks Information Gathering Attacks Disinformation Attacks.
Lecture 15 Denial of Service Attacks
Chapter 9 Phase 3: Denial-of-Service Attacks. Fig 9.1 Denial-of-Service attack categories.
Game-based Analysis of Denial-of- Service Prevention Protocols Ajay Mahimkar Class Project: CS 395T.
An Overview Zhang Fu Outline What is DDoS ? How it can be done? Different types of DDoS attacks. Reactive VS Proactive Defence.
Internet Relay Chat Security Issues By Kelvin Lau and Ming Li.
Denial of Service Attacks: Methods, Tools, and Defenses Authors: Milutinovic, Veljko, Savic, Milan, Milic, Bratislav,
DDoS Attack and Its Defense1 CSE 5473: Network Security Prof. Dong Xuan.
Common forms and remedies Neeta Bhadane Raunaq Nilekani Sahasranshu.
Introduction to Honeypot, Botnet, and Security Measurement
1Federal Network Systems, LLC CIS Network Security Instructor Professor Mort Anvair Notice: Use and Disclosure of Data. Limited Data Rights. This proposal.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 8 – Denial of Service.
Being an Intermediary for Another Attack Prepared By : Muhammad Majali Supervised By : Dr. Lo’ai Tawalbeh New York Institute of Technology (winter 2007)
1 Network Packet Generator Midway presentation Supervisor: Mony Orbach Presenting: Eugeney Ryzhyk, Igor Brevdo.
Denial of Service (DoS) Attacks in Green Mobile Ad–hoc Networks Ashok M.Kanthe*, Dina Simunic**and Marijan Djurek*** MIPRO 2012, May 21-25,2012, Opatija,
--Harish Reddy Vemula Distributed Denial of Service.
EC-Council Copyright © by EC-Council All Rights reserved. Reproduction is strictly prohibited Security News Source Courtesy:
1 CHAPTER 3 CLASSES OF ATTACK. 2 Denial of Service (DoS) Takes place when availability to resource is intentionally blocked or degraded Takes place when.
Lecture 18 Page 1 Advanced Network Security Distributed Denial of Service Attacks Advanced Network Security Peter Reiher August, 2014.
DOS. Overview Denial of Service (DoS) is the act of performing an attack which prevents the system from providing services to legitimate users When successful,
Distributed Denial of Service Attacks Shankar Saxena Veer Vivek Kaushik.
Lecture 22 Network Security CS 450/650 Fundamentals of Integrated Computer Security Slides are modified from Hesham El-Rewini.
Group 8 Distributed Denial of Service. DoS SYN Flood DDoS Proposed Algorithm Group 8 What is Denial of Service? “Attack in which the primary goal is to.
Denial of Service Sharmistha Roy Adversarial challenges in Web Based Services.
NETWORK ATTACKS Dr. Andy Wu BCIS 4630 Fundamentals of IT Security.
Denial of Service Attacks
Denial of Service Attack 발표자 : 전지훈. What is Denial of Service Attack?  Denial of Service Attack = DoS Attack  Service attacks on a Web server floods.
Chapter 7 Denial-of-Service Attacks Denial-of-Service (DoS) Attack The NIST Computer Security Incident Handling Guide defines a DoS attack as: “An action.
Network Programming and Network Security Lane Thames Graduate Research Assistant.
McLean HIGHER COMPUTER NETWORKING Lesson 13 Denial of Service Attacks Description of the denial of service attack: effect: disruption or denial of.
________________ CS3235, Nov 2002 (Distributed) Denial of Service Relatively new development. –Feb 2000 saw attacks on Yahoo, buy.com, ebay, Amazon, CNN.
Computer Science and Engineering Computer System Security CSE 5339/7339 Session 25 November 16, 2004.
DoS/DDoS attack and defense
Autonomic Response to Distributed Denial of Service Attacks Paper by: Dan Sterne, Kelly Djahandari, Brett Wilson, Bill Babson, Dan Schnackenberg, Harley.
SEMINAR ON IP SPOOFING. IP spoofing is the creation of IP packets using forged (spoofed) source IP address. In the April 1989, AT & T Bell a lab was among.
Network Security Threats KAMI VANIEA 18 JANUARY KAMI VANIEA 1.
An Analysis of Using Reflectors for Distributed Denial-of- Service Attacks Paper by Vern Paxson.
DOS Attacks Lyle YapDiangco COEN 150 5/21/04. Background DOS attacks have been around for decades Usually intentional and malicious Can cost a target.
Denial of Service A comparison of DoS schemes Kevin LaMantia COSC 316.
Denail of Service(Dos) Attacks & Distributed Denial of Service(DDos) Attacks Chun-Chung Chen.
Denial-of-Service Attacks
AP Waseem Iqbal.  DoS is an attack on computer or network that reduces, restricts or prevents legitimate of its resources  In a DoS attack, attackers.
Comparison of Network Attacks COSC 356 Kyler Rhoades.
DDoS Attacks on Financial Institutions Presentation
Defending Against DDoS
Lab 2: TCP IP Attacks ( Indirect)
Defending Against DDoS
Intro to Denial of Serice Attacks
Outline Basics of network security Definitions Sample attacks
DDoS Attack and Its Defense
Presentation transcript:

Simulation and Analysis of DDos Attacks Poongothai, M Department of Information Technology,Institute of Road and Transport Technology, Erode Tamilnadu, India Sathyakala, M Department of Information Technology,Institute of Road and Transport Technology, Erode Tamilnadu, India Speaker: 鍾國君 2012 – International Conference on Emerging Trends in Science, Engineering and Technology 1

Outline Introduction to DDos Attack DDos Attack Architecture Advantages of DDos Attack Four Phase of bot installation DDos Attack Methods DDos Defenses Simulation Conclusion 2

Intruduction to DDos Attack Distributed Denial of Service(DDos) ◦ Overloads the targeted server with useless traffic, crashes the server and leaves it unable to properly communicate with the legitimate users. ◦ Consume mainly the victim’s bandwidth, processing capacity and storage capacity. ◦ May need human intervention to resume. 3

DDos Attack Architecture 4

Advantages of DDos Attack Simple ◦ No sophisticated mechanisms. ◦ A single hacker can do. Difficult to trace ◦ Multi-tiered structure. ◦ IP source spoofing. 5

Advantages of DDos Attack Similar to legitimate traffic ◦ Attack streams from numerous machines converge near the victim. Robust ◦ Attacks will continue even if one node is dead. 6

Four Phase of Bot Installation What is Bot? ◦ A program that automatically operates as an user or another program. ◦ Installed in the internal-node computers called “handlers” or “agents”. ◦ Wait for the hacker to initiate the attack remotely. 7

Four Phase of Bot Installation 1.Scanning ◦ Installed bots scan lots of computers for security flaws. 2.Exploitation ◦ Susceptible hosts are found and compromised hosts are listed. 8

Four Phase of Bot Installation 3.Deployment ◦ The “handler software” is installed in the compromised hosts. 4.Propagation ◦ Handler then scans for vulnerable hosts and compromises them, called “agents/Daemon”. 9

DDos Attack Methods Methods ◦ Smurf Floods  Floods the network with ICMP ECHO requests with the victim’s address, then the victim will filled with ping responses. ◦ ICMP Floods  The Attacker generates lots of ICMP ECHO packets directed at the victim. Finally, the victim is busy replying all the ECHO requests. 10

DDos Attack Methods ◦ UDP/TCP Floods  Send a large number of UDP/TCP packets to the victim and tie up the available network bandwidth. ◦ TCP SYN Floods  Not to give the final ACK packet and make the victim waste the allocated buffer. 11

DDos Attack Methods 12

DDos Attack Methods Dynamics ◦ Application attacks ◦ Protocol attacks ◦ Operating system attacks ◦ Host attacks ◦ Network attacks ◦ Infrastructure attacks 13

DDos Defense Classification ◦ Preventive  Eliminate the vulnerabilities in the system and prevent the attacker from gaining a group of zombie machines. ◦ Survival  Increase the victim’s sources for surviving during the attack. ◦ Responsive  Control the attack streams from influencing the victim. 14

DDos Defense Strategy ◦ Agent identification  who is attacking? ◦ Rate limiting  Impose a rate limit on the incoming streams. ◦ Filtering  Filter out the attack streams. ◦ Reconfiguration  Change the topology of the networks near the victim. 15

DDos Defense Countermeasures ◦ Path isolation  Routers isolate traffic path, and this information can be used to deploy filters on the path. ◦ Privileged customer  Customers used to communicate with the server will have the first priority. 16

DDos Defense ◦ Traffic baselining  Filter the traffic when some traffic parameter exceed their expected value. ◦ Resource multiplication  More resources are deployed to sustain large attacks. ◦ Legitimate traffic inflation  Multiply the legitimate traffic. 17

Simulation Three considerations ◦ DDos attack traffic ◦ Legitimate traffic ◦ Network topology Software used - NS2 ◦ Can replicate threats of interests in a secure environment. 18

Simulation 19

Conclusion Evolution in intruder tools will continue. Even if the system/network is robust, others may be not. Thus, the security issue still exists. 20