Вы находитесь на странице: 1из 12

By Clinton Dudley

Denial of Service Attacks

DoS & DDoS Attacks

In general, a denial of service attack is an effort to render a


machine or network resource unavailable to its users.
3 Methods:
1. Jamming the target system's signal
2. Exhausting the power source
3. Flooding the victim with meaningless data

Distributed Denial of Service use multiple machines in order


to carry out a DoS attack

CIA Triad

A widely used benchmark for evaluating the effectiveness of


information systems security, (Fenrich 2008).
1. Confidentiality inability of unauthorized users to access info or
systems
2. Integrity preventing data modification
3. Availability assurance that the data and resources are accessible
to those who need them, when they need them (Fenrich 2008)

DoS and DDoS attacks compromise the availability of a system

ATTACK!
Christmas Day 2014

DDoS attack against Microsoft


XBOX Live and Sony PSN networks.

Both networks down for the


majority of the day.

Hacker group Lizard Squad


launched attack for the lulz

(Turton 2014).

Many brand new consoles which


required downloaded updates or
game content, rendered virtually
unusable.

Lizard Squad's Christmas Day 2014 Attacks


Hacker group, Lizard Squad,
launched DDoS attack against
both online gaming networks for
their own entertainment, just
because they could.

Weve got some devices that


are connected to the undersea
cables that facilitate the
Internet connects between the
United States and Europe. We
Lizard Squad claims their
have access to some of the
attacks maxed out at 1.2 terabits devices that are in the middle
of the ocean that have
per second (Turton 2014).
something like 100-gigabit-perClaims remain unverified,
however if true, would be largest second Internet connections
(Turton 2014).
DDoS attack in history.

Methods

Set out to model traditional DoS & DDoS flooding attacks.

Low Orbit Ion Cannon (LOIC)


Initially developed as a stress testing program for web services and works by
sending continuous TCP, UDP, or HTTP requests to a target.

Netwox SYN Flooding


Sending many SYN requests to the victim's TCP port without finishing the 3way handshake

Oracle Virtual Machine Virtualbox

SEED Ubuntu Image

Virtual Machine & Network Setup


Used SEEDUbuntu virtual machine
image from the SEED Project

Created a clone of the original image named


Victim

Set up 2 Network Adapters for each VM


in order to communicate between the
two VM's, the host PC, and the internet.

Adapter1: NAT each VM on its own private


network

Adapter2: Host-Only the two VM's and the


host are all on a common network to allow
communication between each.

Each machine has 2 IP addresses, 1 associated


with each network.

Low Orbit Ion Cannon

Select Target: IP Address of Victim VM in Host-Only Network


Attack Options: HTTP Protocol on Port 80

Discussion & Results of Attack 1

Using LOIC to launch an attack


from the Host PC against the
target Victim VM

The Victim machine slowed


processing a bit, but was mainly
operational.

Able to respond to pings and load


web pages

In some circumstances, this could be


considered a successful attack, for
some just slowing the web service is
enough to cause significant damage

In order to stress the machine


further, incorporated Netwox
SYN Flooding feature in
conjunction with LOIC to
simulate DDoS attack

LOIC attack launched via Host PC

SYN Flood launched via SEEDUbuntu


VM image

SYN Flooding attack opens many


half-opened TCP connections

LOIC attack against HTTP Port 80

DDoS Simulation Results

Combining the LOIC and Netwox attacks produced a much more effective result. The Victim
machine slowed down rapidly, to the point of being completely unresponsive.

At first, just unable to access the internet

Progressed to no processes working mouse movements, opening/closing programs, swapping windows etc.

Upon stopping the attack, processing resumed.

Limitations

Launching DoS attack with LOIC alone,

Experienced some latencies in Victim machine, but nothing


unbearable.
Likely due to the fact that all three machines have the same bandwidth.
Since bandwidth of attacker & victim are the same, attacker is unable
to overwhelm victim with traffic
An actual attacker would have purchased equipment to increase
bandwidth to be greater than the victim

DDoS Simulation

Two different protocols utilized


In a real world DDoS attack, more likely assailant would use a botnet to
attack victim via same protocol for all bots.

References
Ashford, W. (2016). DDoS is the most common method of cyber attack on financial institutions.Computer Weekly, 4-6.

Botta, A., de Donato, W., Persico, V., & Pescap, A. (2016). Integration of cloud computing and internet of things: a survey.Future Generation
Computer Systems,56, 684-700.

Computer Security. (2016).Funk & Wagnalls New World Encyclopedia, 1p. 1.

Crelin, J. (2013). Denial-of-service attack.Salem Press Encyclopedia,

Fenrich, K. (2008). Securing your control system: the 'CIA triad' is a widely used benchmark for evaluating information system security
effectiveness.Power Engineering, (2). 44.

Limarunothai, R., & Munlin, M. (2015). Trends and Challenges of Botnet Architectures and Detection Techniques.Journal Of Information
Science & Technology,5(1), 51-57.

Love, D. (2014). Why Microsoft and Sony Couldn't Stop Lizard Squad Attack Despite Warnings. International Business Times

Myers, R. (2012). Attacks on TCP/IP Protocols. CPSC4620: Computer Network Security.

Nazario, J. (2008). DDoS attack evolution.Network Security,2008(7), 7-10.

Patil, A., & Gaikwad, R. (2015). Comparative Analysis of the Prevention Techniques of Denial of Service Attacks in Wireless Sensor
Network.Procedia Computer Science,48(International Conference on Computer, Communication and Convergence (ICCC 2015), 387-393.
doi:10.1016/j.procs.2015.04.198

Yick, J., Mukherjee, B., & Ghosal, D. (2008). Wireless sensor network survey.Computer networks,52(12), 2292-2330.

Images:

www.androidslots.co.uk/images/online-gaming.png

http://rack.1.mshcdn.com/media/ZgkyMDEyLzEyLzA0LzA2L29ubGluZWdhbWluLmJlZS5qcGcKcAl0aHVtYgk5NTB4NTM0IwplCWpwZw/518b994a/6dd/online-gaming-faceoffxbox-live-vs-playstation-network--5ae9d37533.jpg