1 / 20

Simulation and Analysis of DDos Attacks

Simulation and Analysis of DDos Attacks. 2012 – International Conference on Emerging Trends in Science, Engineering and Technology. Poongothai , M Department of Information Technology ,Institute of Road and Transport Technology, Erode Tamilnadu , India. Sathyakala , M

abel-dunlap
Download Presentation

Simulation and Analysis of DDos Attacks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Simulation and Analysis of DDos Attacks 2012 – International Conference on Emerging Trends in Science, Engineering and Technology Poongothai, M Department of Information Technology ,Institute of Road and Transport Technology, ErodeTamilnadu, India Sathyakala, M Department of Information Technology ,Institute of Road and Transport Technology, ErodeTamilnadu, India Speaker:101061555鍾國君

  2. Outline • Introduction to DDos Attack • DDos Attack Architecture • Advantages of DDos Attack • Four Phase of bot installation • DDos Attack Methods • DDos Defenses • Simulation • Conclusion

  3. Intruduction to DDos Attack • Distributed Denial of Service(DDos) • Overloads the targeted server with useless traffic, crashes the server and leaves it unable to properly communicate with the legitimate users. • Consume mainly the victim’s bandwidth, processing capacity and storage capacity. • May need human intervention to resume.

  4. DDos Attack Architecture

  5. Advantages of DDos Attack • Simple • No sophisticated mechanisms. • A single hacker can do. • Difficult to trace • Multi-tiered structure. • IP source spoofing.

  6. Advantages of DDos Attack • Similar to legitimate traffic • Attack streams from numerous machines converge near the victim. • Robust • Attacks will continue even if one node is dead.

  7. Four Phase of Bot Installation • What is Bot? • A program that automatically operates as an user or another program. • Installed in the internal-node computers called “handlers” or “agents”. • Wait for the hacker to initiate the attack remotely.

  8. Four Phase of Bot Installation • 1.Scanning • Installed bots scan lots of computers for security flaws. • 2.Exploitation • Susceptible hosts are found and compromised hosts are listed.

  9. Four Phase of Bot Installation • 3.Deployment • The “handler software” is installed in the compromised hosts. • 4.Propagation • Handler then scans for vulnerable hosts and compromises them, called “agents/Daemon”.

  10. DDos Attack Methods • Methods • Smurf Floods • Floods the network with ICMP ECHO requests with the victim’s address, then the victim will filled with ping responses. • ICMP Floods • The Attacker generates lots of ICMP ECHO packets directed at the victim. Finally, the victim is busy replying all the ECHO requests.

  11. DDos Attack Methods • UDP/TCP Floods • Send a large number of UDP/TCP packets to the victim and tie up the available network bandwidth. • TCP SYN Floods • Not to give the final ACK packet and make the victim waste the allocated buffer.

  12. DDos Attack Methods

  13. DDos Attack Methods • Dynamics • Application attacks • Protocol attacks • Operating system attacks • Host attacks • Network attacks • Infrastructure attacks

  14. DDos Defense • Classification • Preventive • Eliminate the vulnerabilities in the system and prevent the attacker from gaining a group of zombie machines. • Survival • Increase the victim’s sources for surviving during the attack. • Responsive • Control the attack streams from influencing the victim.

  15. DDos Defense • Strategy • Agent identification • who is attacking? • Rate limiting • Impose a rate limit on the incoming streams. • Filtering • Filter out the attack streams. • Reconfiguration • Change the topology of the networks near the victim.

  16. DDos Defense • Countermeasures • Path isolation • Routers isolate traffic path, and this information can be used to deploy filters on the path. • Privileged customer • Customers used to communicate with the server will have the first priority.

  17. DDos Defense • Traffic baselining • Filter the traffic when some traffic parameter exceed their expected value. • Resource multiplication • More resources are deployed to sustain large attacks. • Legitimate traffic inflation • Multiply the legitimate traffic.

  18. Simulation • Three considerations • DDos attack traffic • Legitimate traffic • Network topology • Software used - NS2 • Can replicate threats of interests in a secure environment.

  19. Simulation

  20. Conclusion • Evolution in intruder tools will continue. • Even if the system/network is robust, others may be not. Thus, the security issue still exists.

More Related