Presentation is loading. Please wait.

Presentation is loading. Please wait.

Inferring Denial of Service Attacks David Moore, Geoffrey Volker and Stefan Savage Presented by Rafail Tsirbas 4/1/20151.

Published byBritney Gregory Modified over 9 years ago

Similar presentations

Presentation on theme: "Inferring Denial of Service Attacks David Moore, Geoffrey Volker and Stefan Savage Presented by Rafail Tsirbas 4/1/20151."— Presentation transcript:

1 Inferring Denial of Service Attacks David Moore, Geoffrey Volker and Stefan Savage Presented by Rafail Tsirbas 4/1/20151

2 Outline Denial of Service Attacks Motivation & Limitations Backscatter Analysis Results Conclusion 4/1/2015Footer Text2

3 Denial of Service Attacks Logic Attacks o “Ping of Death” Flooding Attacks o Overflow victim’s computer 4/1/2015Footer Text3

4 Flooding Attacks The attacker tries to overflow victim’s pc o SYN Floods o TCP DATA o TCP NULL o ICMP Echo Requests o DNS Request o “Monlist” o … 4/1/2015Footer Text4 Victim Attacker

5 Flooding Attacks The attacker tries to overflow victim’s pc o SYN Floods o TCP DATA o TCP NULL o ICMP Echo Requests o DNS Request o Zero Day Attack o NTP “monlist” o … 4/1/2015Footer Text5 AttackerVictim

6 Flooding Attacks Distributed Denial of Service Attacks o A lot more power o Hide easier o More sophisticated attack IP spoofing o Change source IP address o Tools Shaft, TFT etc 4/1/2015Footer Text6 Attacker Botnets

7 4/1/2015Footer Text7 Outline Denial of Service Attacks Motivation & Limitations Backscatter Analysis Results Conclusion

8 Motivation & Limitations “How prevalent are Denial of Service Attacks in the Internet today?” Base line for long term analysis Limitation Factors 4/1/20158

9 9 Outline Denial of Service Attacks Motivation & Limitations Backscatter Analysis Results Conclusion

10 Backscatter analysis 4/1/2015Footer Text10

11 Backscatter effect 4/1/2015Footer Text11 Attacker Victim Host A Host B Host C

12 Backscatter analysis 4/1/2015Footer Text12 Attacker Victim Host A Host B Host C M packets N pc’s monitoring

13 Backscatter analysis 4/1/2015Footer Text13

14 Attack classification Flow-based o How many, how long, what kind Event-based o Fixed time windows 4/1/2015Footer Text14

15 Backscatter analysis They monitored /8 Network 3 weeks long 4/1/2015Footer Text15 /8 Network Monitor

16 4/1/2015Footer Text16 Outline Denial of Service Attacks Motivation & Limitations Backscatter Analysis Results Conclusion

17 Results 4/1/2015Footer Text17 Flow based Over 12,800 attacks 6,000 distinct IP addresses Almost 200 million backscatter packets Event-based 10,000 distinct IP addresses Almost 200 million backscatter packets

18 Results 4/1/2015Footer Text18

19 Responses Protocols 4/1/2015Footer Text19

20 Protocols 4/1/2015Footer Text20

21 Duration 4/1/2015Footer Text21

22 TLDs 4/1/2015Footer Text22

23 4/1/2015Footer Text23 Outline Denial of Service Attacks Motivation & Limitations Backscatter Analysis Results Conclusion

24 Conclusions New techinque “backscatter analysis” DoS attacks exist 4/1/2015Footer Text24

25 Questions? 4/1/2015Footer Text25

26 Thank You! 4/1/2015Footer Text26

Download ppt "Inferring Denial of Service Attacks David Moore, Geoffrey Volker and Stefan Savage Presented by Rafail Tsirbas 4/1/20151."

Similar presentations

Syn Flooding Sends TCP connections to a machine faster than it can process themSends TCP connections to a machine faster than it can process them Each.

Syn Flooding Sends TCP connections to a machine faster than it can process themSends TCP connections to a machine faster than it can process them Each.
Network support for DoS Protection Stefan Savage Dept of Computer Science and Engineering UC San Diego.

Network support for DoS Protection Stefan Savage Dept of Computer Science and Engineering UC San Diego.
Denial of Service By: Samarth Shah and Navin Soni.

Denial of Service By: Samarth Shah and Navin Soni.
Network and Application Attacks Contributed by- Chandra Prakash Suryawanshi CISSP, CEH, SANS-GSEC, CISA, ISO 27001LI, BS 25999LA, ERM (ISB) June 2006.

Network and Application Attacks Contributed by- Chandra Prakash Suryawanshi CISSP, CEH, SANS-GSEC, CISA, ISO 27001LI, BS 25999LA, ERM (ISB) June 2006.
Denial of Service & Session Hijacking.  Rendering a system unusable to those who deserve it  Consume bandwidth or disk space  Overwhelming amount of.

Denial of Service & Session Hijacking.  Rendering a system unusable to those who deserve it  Consume bandwidth or disk space  Overwhelming amount of.
Inferring Internet Denial-of- Service Activity David Moore, Colleen Shannon, Douglas J. Brown, Geoffrey M. Voelker, and Stefan Savage Presented by Qian.

Inferring Internet Denial-of- Service Activity David Moore, Colleen Shannon, Douglas J. Brown, Geoffrey M. Voelker, and Stefan Savage Presented by Qian.
MULTOPS A data-structure for bandwidth attack detection Thomer M. Gil Vrije Universiteit, Amsterdam, Netherlands MIT, Cambridge, MA, USA

MULTOPS A data-structure for bandwidth attack detection Thomer M. Gil Vrije Universiteit, Amsterdam, Netherlands MIT, Cambridge, MA, USA
Operating Systems Concepts 1/e Ruth Watson Chapter 11 Chapter 11 Network Maintenance Ruth Watson.

Operating Systems Concepts 1/e Ruth Watson Chapter 11 Chapter 11 Network Maintenance Ruth Watson.
Use of Measurements in Anomaly Detection CS 8803: Network Measurements Seminar Instructor: Constantinos Dovrolis Fall 2003 Presenter: Buğra Gedik.

Use of Measurements in Anomaly Detection CS 8803: Network Measurements Seminar Instructor: Constantinos Dovrolis Fall 2003 Presenter: Buğra Gedik.
Security (Continued) V.T. Raja, Ph.D., Oregon State University.

Security (Continued) V.T. Raja, Ph.D., Oregon State University.
Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.

Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.
Network Attacks Mark Shtern.

Network Attacks Mark Shtern.
Simulation and Analysis of DDos Attacks Poongothai, M Department of Information Technology,Institute of Road and Transport Technology, Erode Tamilnadu,

Simulation and Analysis of DDos Attacks Poongothai, M Department of Information Technology,Institute of Road and Transport Technology, Erode Tamilnadu,
Network-Based Denial of Service Attacks Trends, Descriptions, and How to Protect Your Network Craig A. Huegen Cisco Systems, Inc. NANOG 13 -- Dearborn,

Network-Based Denial of Service Attacks Trends, Descriptions, and How to Protect Your Network Craig A. Huegen Cisco Systems, Inc. NANOG Dearborn,
 Unlike other forms of computer attacks, goal isn’t access or theft of information or services  The goal is to stop the service from operating o.

 Unlike other forms of computer attacks, goal isn’t access or theft of information or services  The goal is to stop the service from operating o.
Inferring Internet Denial-of- Service Activity David Moore, Colleen Shannon, Douglas J. Brown, Geoffrey M. Voelker, Stefan Savage Presented by Thangam.

Inferring Internet Denial-of- Service Activity David Moore, Colleen Shannon, Douglas J. Brown, Geoffrey M. Voelker, Stefan Savage Presented by Thangam.
Student : Wilson Hidalgo Ramirez Supervisor: Udaya Tupakula Filtering Techniques for Counteracting DDoS Attacks.

Student : Wilson Hidalgo Ramirez Supervisor: Udaya Tupakula Filtering Techniques for Counteracting DDoS Attacks.
Lan Nguyen Mounika Namburu 1.  DDoS Defense Research  A2D2 Design ◦ Subnet Flooding Detection using Snort ◦ Class -Based Queuing ◦ Multi-level Rate.

Lan Nguyen Mounika Namburu 1.  DDoS Defense Research  A2D2 Design ◦ Subnet Flooding Detection using Snort ◦ Class -Based Queuing ◦ Multi-level Rate.
1 Network Security Derived from original slides by Henric Johnson Blekinge Institute of Technology, Sweden From the book by William Stallings.

1 Network Security Derived from original slides by Henric Johnson Blekinge Institute of Technology, Sweden From the book by William Stallings.
TCP/IP Network and Firewall. IP Packet Protocol  1 ICMP packet  6 TCP packet  17 UDP packet.

TCP/IP Network and Firewall. IP Packet Protocol  1 ICMP packet  6 TCP packet  17 UDP packet.

Similar presentations

Ads by Google