Presentation is loading. Please wait.

Presentation is loading. Please wait.

Network Security: DoS Attack, Smurf Attack, Botnets, Worms

Published byIrma Simons Modified over 6 years ago

Similar presentations

Presentation on theme: "Network Security: DoS Attack, Smurf Attack, Botnets, Worms"— Presentation transcript:

1 Network Security: DoS Attack, Smurf Attack, Botnets, Worms
CS4622 Group 4: Emilio Bapue, James Brown, Daemin Lee, Katelyn Marsala, Armando Mercado

2 Introduction Network Security
What is Network Security? It is any activity designed to protect the usability and integrity of a network and its data. It includes both hardware and software technologies. Effective network security manages access to the network. It targets a variety of threads and stops them from entering or spreading in the network How does network security work? It combines multiple layers of defenses at the edge and in the network. Each network security layer implements policies and controls. Authorized users gain access to network resources, but malicious actors are blocked from carrying out exploits and threads.

3 Types of network securities
Access control Not everyone should have access to your network. To keep out potential attacker, you need to recognize each user and each device. Then you can enforce your security policies. You can block non compliant endpoint devices or give them only limited access. Antivirus and antimalware software Sometimes, malware will infect a network, but lie dormant for days or even weeks. The best antimalware programs not only scan for malware upon entry, but also continuously track files afterword to find anomalies, remove malware, and fix damage.

4 Application security Email security Firewalls
Application may contain holes, or vulnerabilities, that attackers can use to infiltrate your network. Application securities encompasses hardware, software, and processes you use to close those holes security gateways are the number one threat vector for a security breach. Attackers use personal information and and social engineering tactics to build sophisticated phishing campaigns to deceive recipient and send them to sites serving malware. An security application block incoming attacks and control outbound messages to prevent the loss of sensitive data. Firewalls Firewalls put up a barrier between your trusted internal network and untrusted outside network, such as the Internet. They use a set of defined rules to allow or block traffic. A firewall can be hardware, software or both

5 Distributed Denial of Service (DDOS) Attack
an attack in which multiple compromised computer systems attack a target, such as a server, website or other network resource, and cause a denial of service for users of the targeted resource. - Tech Target DDOS Attacks are usually done through sending multiple requests from multiple botnets or users to a given server to the point where it overwhelms the system to the point where it shuts down. The main objective of an attack like this is to prevent access to a system’s resources, usually a website from other end-users. Similar to a DOS attack, but the only difference being that it is done through multiple machines to have the attack be distributed.

6 DDOS Attack Visualized

7 Ways of responding and DDOS attacks
Firewalls Having various spread out backup servers and datacenters in emergencies when servers do go down. Increase Bandwidth DDOS mitigation services

8 Smurf Attack Type of DDoS Attack Originated in the late 1990s
Exploits the Internet Control Message Protocol (ICMP) and Internet Protocol (IP) broadcast addressing ICMP packets exchange information about the state of a network DDoS.Smurf malware 3 Parties involved in the attack: Hacker, Target, and Intermediate Network.

9 How a Smurf Attack Works

10 Botnets A network of compromised/enslaved computers that can be used to execute malicious code en masse. In addition to the master, there are generally servers that act as intermediaries between the master and the slaves. Primary bot-spreading vectors are: malicious links, attachments, or via automatically triggered downloads that execute & install when visiting a malicious site. Prevention of becoming enslaved depends on user awareness.

11 Botnet Use Examples DDoS- Army of enslaved devices to interrupt network traffic at a specified addresses/ports Keylogging- Enslaved devices have keystrokes monitored & recorded Spam- Enslaved devices used as propagators of spam/phishing s, and potentially malicious links in things like Instant Messenger clients Click Fraud- Enslaved devices are used en masse to visit webpages, & click on advertisements that have payouts based on number of clicks Warez- Enslaved devices used as storage/hosts of pirated software

12 Worms A worm is a malicious program that replicates and spreads through a network Can have a payload, but many do not A common payload for worms is a backdoor for a botnet Spread through both security vulnerabilities and by social engineering Harmful even without a payload a worm will bring a computer network down when spreading Mostly by looking for hosts or causing crashes when exploiting vulnerabilities Helpful Worms, or anti-worms are not unheard of Often appear during worm outbreaks or in simulated environments

13 Mitigating Worm Outbreaks
Isolate potentially vulnerable computers, like servers Keep systems updated with latest patches, especially servers taking requests from internet Implement access controls with firewall Isolate and fix computers that are already compromised

14 History of worms The first worm was written in 1988 by Robert Morris, a Cornell student, at MIT Was intended to count nodes connected to the Internet Spread too rapidly and acted as a DDOS attack that took approximately 6000 computers offline Computer worms were the most widespread from the late 1990s to early 2000s Several worms made the evening news: Code Red, ILOVEYOU, Sasser, etc Worm outbreaks have declined due to better security practices in enterprise and end user networks Making a comeback due to IoT emergence

15 Worm Examples ILOVEYOU Blaster
worm that spread from the Philippines to Hong Kong to Europe to the US on Friday, May 5th 2000, arriving in the US that friday morning Used social engineering to get users to run a Visual Basic script that in turn sent itself to contacts in Outlook Blaster Worm that spread from August to its peak in August 13 then subsided at the end of August Spread through vulnerabilities in the windows RPC service patched a month before Payload launched a DDOS attack against windowsupdate.com from Aug. 15 to Dec. 31. Had a helpful worm associated with it, Welchia, that updated machines with the Blaster vulnerabilities

16 Examples (cont) SQL Slammer Worm that spread on Jan. 25 2003
Spread around the world in under 10 minutes by sending scan packets very rapidly Caused DDOS attacks on some server traffic and crashed routers by overflowing the routing tables and causing too many routing table updates Used a vulnerability in MS SQL Server to propagate

17 Resources/Citations Rouse, Margret, and Kevin Beaver. "What Is Distributed Denial of Service (DDoS) Attack? - Definition from WhatIs.com." SearchSecurity. Tech Target, Jan Web. 17 Apr Botnets. (n.d.). Retrieved April 1, 2017, from Incapsula.com. N.p., n.d. Web. 19 Apr < "What is smurfing? - Definition from WhatIs.com." SearchSecurity. N.p., n.d. Web. 19 Apr < “What is a Computer Worm” PC Tools. Retrieved 21 August < worm/> The Welchia Worm. December 18, Retrieved 20 August < worm/105720> Easttom, Chuck. Computer Security Fundamentals. 2nd ed. Indianapolis, IN: Pearson, Print. Boutin, Paul. "Slammed!". WIRED. Retrieved <

Download ppt "Network Security: DoS Attack, Smurf Attack, Botnets, Worms"

Similar presentations

Thank you to IT Training at Indiana University Computer Malware.

Thank you to IT Training at Indiana University Computer Malware.
Data Communications and Computer Networks Chapter 1 CS 3830 Lecture 5 Omar Meqdadi Department of Computer Science and Software Engineering University of.

Data Communications and Computer Networks Chapter 1 CS 3830 Lecture 5 Omar Meqdadi Department of Computer Science and Software Engineering University of.
Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.

Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.
Introduction to Security Computer Networks Computer Networks Term B10.

Introduction to Security Computer Networks Computer Networks Term B10.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
NetPass and Northwestern By Julian Y. Koh As told by Robert Vance NUIT-Telecom & Network Services.

NetPass and Northwestern By Julian Y. Koh As told by Robert Vance NUIT-Telecom & Network Services.
UNCLASSIFIED Secure Indirect Routing and An Autonomous Enterprise Intrusion Defense System Applied to Mobile ad hoc Networks J. Leland Langston, Raytheon.

UNCLASSIFIED Secure Indirect Routing and An Autonomous Enterprise Intrusion Defense System Applied to Mobile ad hoc Networks J. Leland Langston, Raytheon.
Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.

Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.
Protecting Yourself Online. VIRUSES, TROJANS, & WORMS Computer viruses are the common cold of modern technology. One e-mail in every 200 containing.

Protecting Yourself Online. VIRUSES, TROJANS, & WORMS Computer viruses are the "common cold" of modern technology. One in every 200 containing.
Computer Security Fundamentals by Chuck Easttom Chapter 5 Malware.

Computer Security Fundamentals by Chuck Easttom Chapter 5 Malware.
INTERNET THREATS AND HOW TO PROTECT YOUR COMPUTER -BRIAN ARENDT.

INTERNET THREATS AND HOW TO PROTECT YOUR COMPUTER -BRIAN ARENDT.
1 Computer Security: Protect your PC and Protect Yourself.

1 Computer Security: Protect your PC and Protect Yourself.
Botnets An Introduction Into the World of Botnets Tyler Hudak

Botnets An Introduction Into the World of Botnets Tyler Hudak
Outline  Infections  1) r57 shell  2) rogue software  What Can We Do?  1) Seccheck  2) Virus total  3) Sandbox  Prevention  1) Personal Software.

Outline  Infections  1) r57 shell  2) rogue software  What Can We Do?  1) Seccheck  2) Virus total  3) Sandbox  Prevention  1) Personal Software.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Unit 2 - Hardware Computer Security.

Unit 2 - Hardware Computer Security.
Malware  Viruses  E-mail Virus  Worms  Trojan Horses  Spyware –Keystroke Loggers  Adware.

Malware  Viruses  Virus  Worms  Trojan Horses  Spyware –Keystroke Loggers  Adware.
Being an Intermediary for Another Attack Prepared By : Muhammad Majali Supervised By : Dr. Lo’ai Tawalbeh New York Institute of Technology (winter 2007)

Being an Intermediary for Another Attack Prepared By : Muhammad Majali Supervised By : Dr. Lo’ai Tawalbeh New York Institute of Technology (winter 2007)
Network Security Introduction Some of these slides have been modified from slides of Michael I. Shamos COPYRIGHT © 2003 MICHAEL I. SHAMOS.

Network Security Introduction Some of these slides have been modified from slides of Michael I. Shamos COPYRIGHT © 2003 MICHAEL I. SHAMOS.
ITIS 1210 Introduction to Web-Based Information Systems Chapter 45 How Hackers can Cripple the Internet and Attack Your PC How Hackers can Cripple the.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 45 How Hackers can Cripple the Internet and Attack Your PC How Hackers can Cripple the.

Similar presentations

Ads by Google