Team 6: (DDoS) The Amazon Cloud Attack Kevin Coleman, Jeffrey Starker, Karthik Rangarajan, Paul Beresuita, Arunabh Verma and Amay Singhal.

Slides:



Advertisements
Similar presentations
Ragib Hasan Johns Hopkins University en Spring 2010 Lecture 3 02/15/2010 Security and Privacy in Cloud Computing.
Advertisements

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
1 Computer Networks: A Systems Approach, 5e Larry L. Peterson and Bruce S. Davie Chapter 8 Network Security Copyright © 2010, Elsevier Inc. All rights.
 Natural consequence of the way Internet is organized o Best effort service means routers don’t do much processing per packet and store no state – they.
1 NETE4631 Cloud deployment models and migration Lecture Notes #4.
Infrastructure as a Service (IaaS) Amazon EC2
Lesson 1: Configuring Network Load Balancing
Jak zwiększyć bezpieczeństwo i wysoką dostępność aplikacji wg
Richard Stallman and Cloud Computing Why we should avoid the could…
Microsoft Load Balancing and Clustering. Outline Introduction Load balancing Clustering.
FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.
Common forms and remedies Neeta Bhadane Raunaq Nilekani Sahasranshu.
BOTNETS & TARGETED MALWARE Fernando Uribe. INTRODUCTION  Fernando Uribe   IT trainer and Consultant for over 15 years specializing.
Port Scanning.
BY- NIKHIL TRIPATHI 12MCMB10.  What is a FIREWALL?  Can & Can’t in Firewall perspective  Development of Firewalls  Firewall Architectures  Some Generalization.
Hafez Barghouthi. Model for Network Access Security (our concern) Patrick BoursAuthentication Course 2007/20082.
MSIT 458 – The Chinchillas. Offense Overview Botnet taxonomies need to be updated constantly in order to remain “complete” and are only as good as their.
Cloud Computing for the Enterprise November 18th, This work is licensed under a Creative Commons.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
DNS POISONING + CENSORSHIP LAB DUSTIN VANDENBERG, VIPUL AGARWAL, LIANG ZHAO.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 8 – Denial of Service.
Firewalls Paper By: Vandana Bhardwaj. What this paper covers? Why you need a firewall? What is firewall? How does a network firewall interact with OSI.
Being an Intermediary for Another Attack Prepared By : Muhammad Majali Supervised By : Dr. Lo’ai Tawalbeh New York Institute of Technology (winter 2007)
Firewall and Internet Access Mechanism that control (1)Internet access, (2)Handle the problem of screening a particular network or an organization from.
1 NETE4631 Amazon Cloud Offerings Lecture Notes #6.
Cloud Computing & Amazon Web Services – EC2 Arpita Patel Software Engineer.
CIS 450 – Network Security Chapter 3 – Information Gathering.
Ragib Hasan University of Alabama at Birmingham CS 491/691/791 Fall 2012 Lecture 4 09/10/2013 Security and Privacy in Cloud Computing.
Richard Stallman and Cloud Computing Why we should avoid the could…
Security at NCAR David Mitchell February 20th, 2007.
Lecture 1 Page 1 CS 239, Fall 2010 Distributed Denial of Service Attacks and Defenses CS 239 Advanced Topics in Computer Security Peter Reiher September.
McLean HIGHER COMPUTER NETWORKING Lesson 14 Firewalls & Filtering Comparison of Internet content filtering methods: firewalls, Internet filtering.
Denial of Service Datakom Ht08 Jesper Christensen, Patrick Johansson, Robert Kajic A short introduction to DoS.
BY SYDNEY FERNANDES T.E COMP ROLL NO: INTRODUCTION Networks are used as a medium inorder to exchange data packets between the server and clients.
Security in Cloud Computing Zac Douglass Chris Kahn.
1 Firewall Rules. 2 Firewall Configuration l Firewalls can generally be configured in one of two fundamental ways. –Permit all that is not expressly denied.
ITGS Network Architecture. ITGS Network architecture –The way computers are logically organized on a network, and the role each takes. Client/server network.
Important Questions Moving to the Cloud (Or even splitting the environment) Stephen Wynkoop ( )SSWUG.ORG.
Firewall Matthew Prestifilippo, Bill Kazmierski, Pat Sparrow.
70-412: Configuring Advanced Windows Server 2012 services
DoS/DDoS attack and defense
5. The Transport Layer 5.1 Role of Transport Layer It bridge the gab between applications and the network layer. Provides reliable cost-effective data.
Autonomic Response to Distributed Denial of Service Attacks Paper by: Dan Sterne, Kelly Djahandari, Brett Wilson, Bill Babson, Dan Schnackenberg, Harley.
Firewalls Priyanka Verma & Jessica Wong. What is it? n A firewall is a collection of security measures designed to prevent unauthorised electronic access.
An Analysis of Using Reflectors for Distributed Denial-of- Service Attacks Paper by Vern Paxson.
Role Of Network IDS in Network Perimeter Defense.
Launch Amazon Instance. Amazon EC2 Amazon Elastic Compute Cloud (Amazon EC2) provides resizable computing capacity in the Amazon Web Services (AWS) cloud.
Denial of Service Attacks Simulating Strategic Firewall Placement By James Box, J.A. Hamilton Jr., Adam Hathcock, Alan Hunt.
IS3220 Information Technology Infrastructure Security
Matt Jennings.  What is DDoS?  Recent DDoS attacks  History of DDoS  Prevention Techniques.
Cloud Computing 10 Cloud Computing 10. Cloud Computing 10 You’ll have heard about the ‘Cloud’ Lots of you will use it! But you need to be clear about.
Lecture 12 Page 1 CS 136, Spring 2009 Network Security: Firewalls CS 136 Computer Security Peter Reiher May 12, 2009.
© 2015 MetricStream, Inc. All Rights Reserved. AWS server provisioning © 2015 MetricStream, Inc. All Rights Reserved. By, Srikanth K & Rohit.
Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.
“Enterprise Network Design and Implementation for Airports” Master’s Thesis - Ashraf Ali Department of Computing and Information Sciences This project.
Website Deployment Week 12. Software Engineering Practices Consider the generic process framework – Communication – Planning – Modeling – Construction.
Mapping/Topology attacks on Virtual Machines
Security Group Amazon RDS Mysql Media Request S3
Port Knocking Benjamin DiYanni.
CITA 352 Chapter 5 Port Scanning.
Instructor Materials Chapter 7 Network Security
Written by : Thomas Ristenpart, Eran Tromer, Hovav Shacham,
“Enterprise Network Design and Implementation for Airports” Master’s Thesis: By Ashraf Ali and advised by professor Nicholas Rosasco Introduction Practical.
Welcome to AWS Certification Exam
Introduction to Networking
AWS COURSE DEMO BY PROFESSIONAL-GURU. Amazon History Ladder & Offering.
Digital Pacman: Firewall Edition
* Essential Network Security Book Slides.
Incident response and intrusion detection
Presentation transcript:

Team 6: (DDoS) The Amazon Cloud Attack Kevin Coleman, Jeffrey Starker, Karthik Rangarajan, Paul Beresuita, Arunabh Verma and Amay Singhal

What Happened? Bitbucket was down for over 19 hours DDoS took down the connection between Bitbucket and The Amazon Elastic Computing Cloud (EC2) UDP packets and TCP SYN connection packets

The Attack

What was the impact? Because of this attack, Bitbucket received over 19 hours of downtime Their customers could not access any of their source code hosted by Bitbucket This attack showed that cloud computing is not as safe as most people think. Although, this is one of the first times the attack has happened and it only affected Bitbucket.

Why did the attack succeed? Initial complaint from Bitbucket dismissed as temporary Tech support at Amazon denied anything was wrong with their system, asking Bitbucket to look at their own 8 hours after the problem was reported, Amazon accepted that the problem was on their system Because of this initial dismissal, it took Amazon some time to figure out the attack pattern There are now confirmed reports that the EC2 service was exposed to external Internet traffic

Why did the attack succeed? Jesper Nøhr, owner of Bitbucket, says Amazon’s OoS system failed when the cloud came under attack Amazon also did not have measures to detect a large number of UDP packets targeted to the same IP address Having this measure could have easily prevented this attack from happening While it is largely clear how the attack succeeded, it is still not clear how the internal EC2 and EBS were exposed to external internet traffic EC2 and EBS were considered secure from such attacks since they are on the internal network between Amazon and its customers Faint rumors still do rounds that it might have been one of Amazon’s customers that launched this attack, but this possibility is unlikely

What happened in the aftermath? Bitbucket, at one point, was considering switching service and received offers from various providers Nohr (creator Bitbucket) speculates the fact that their storage share common network interface with the one that connects the site with the outside world Amazon issued a statement for the incidence Discussions followed which raised some concerns about the service

Amazon’s statement Amazon issued the following statement: ".....one of our customers reported a problem with their Amazon Elastic Block Store (EBS). This issue was limited to this customer's single Amazon EBS volume....…. While the customer perceived this issue to be slowness of their EBS volume………. but rather that the customer's Amazon EC2 instance was receiving a very large amount of network traffic…….... we worked with the customer ….. to help mitigate the unwanted traffic they were receiving…. apply network filtering techniques which have kept their site functioning properly….…. continue to improve the speed with which we diagnose issues like this… use features like Elastic Load Balancing and Auto- Scaling to architect their services to better handle this sort of issue…."

What was done to make system less vulnerable? Transparency - Network Traffic information Improved Customer Support Better data filters and detection systems

Threat Prevention: Transparency Providing to the customer: Network traffic information Technical support for attack detection Elastic Load Balance Auto-Scaling Distribute instances in multiple availability zones and regions.

Threat Prevention: Improved Customer Support Amazon’s technical support failed to properly diagnose the issue quickly Amazon didn’t trust Bitbucket’s information, which in-correct time wasting diagnoses 11 hours were lost due to poor diagnoses

Threat Prevention: Diversify Server Farms Relying on specific cloud provider is dangerous Having a second provider accelerates website recovery time after a DDoS attack Spreading resources between providers prevents a complete system failure.

Threat Prevention: Improve Data Filters Detecting harmful packets must be improved Stopping harmful packets from reaching sensitive equipment reduces system vulnerability

What chapter in the book will be helpful? Chapter 7, specially 7.2

Sources news/100609_Outage_Hits_Amazon_Cloud_Customer_Hard os_aftermath/ amazon-and-whats-coming/

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.