Presentation is loading. Please wait.

Presentation is loading. Please wait.

Application Layer Attack. DDoS DDoS – Distributed Denial of Service Why would any one want to do this? In some cases, for bringing down service of competitors,

Published byDarrell Hill Modified over 8 years ago

Similar presentations

Presentation on theme: "Application Layer Attack. DDoS DDoS – Distributed Denial of Service Why would any one want to do this? In some cases, for bringing down service of competitors,"— Presentation transcript:

1 Application Layer Attack

2 DDoS DDoS – Distributed Denial of Service Why would any one want to do this? In some cases, for bringing down service of competitors, or for extortion money.

3 Application Layer Attack There is a particular type of attack – simply ask bots to send requests to the victim for large files. Now, the victim, the server, has to send large files therefore the bandwidth is saturated and no more requests can be satisfied.

4 CAPTCHA One way is to see if we can distinguish human from bots. CAPTCHA -- Completely Automated Public Turing test to tell Computers and Humans Apart Below is a picture from wiki

5 CAPTCHA Was proposed by Luis von Ahn, Manuel Blum, Nicholas J. Hopper, and John Langford. http://www.captcha.net/captcha_crypt.pdf

6 Other things you can do With the CAPTCHA idea, they actually did something else: scan an old book, and show a word in the book along with one from CAPTCHA. You don’t know which one is from where. So while you login, you help the library to recognize words.

7 Problem with CAPTCHA The problem is that you do not want to answer a CAPTCHA problem every 30 mins if you are watching a movie.

8 The other solution Ask the client to solve a puzzle, basically asking the client to spend some resource before getting service. Can you design some puzzles?

9 Puzzles Some puzzles include: – Finding a string such that the first k bits of its SHA- 1 hash are 0. – By controlling k, you control the difficulty of the puzzle. – A problem is that this puzzle is biased toward clients with fast machines.

10 Memory-bound puzzles are better Memory speed varies less significantly than CPU speed. Forcing the client to do a lot of read from main memory. How?

11 One memory bound puzzle There is a one-to-one function F() that cannot be reversed. Server started from x_0. x_i = F(x_i-1). Server sends x_k to the client. Ask him to return x_0.

12 Other solutions Speak-up: When system is in trouble, instead waiting to drown, you should speak up! Meaning that you should also send a lot of requests. The server serves the one with loudest voice. From their 2006 sigcomm paper:

13 Speak-up Actually, every client has to pay the server some currency in the form of bandwidth. The hope is that the clients have spare bandwidths but the attackers already have used up their bandwidths. These dummy byes are a waste of resource.

14 What we are working on Introducing p2p to DDoS defense.

15 A useful link http://staff.washington.edu/dittrich/misc/ddo s/ http://staff.washington.edu/dittrich/misc/ddo s/

Download ppt "Application Layer Attack. DDoS DDoS – Distributed Denial of Service Why would any one want to do this? In some cases, for bringing down service of competitors,"

Similar presentations

COMPUTER MALWARE FINAL PROJECT PROPOSAL THE WAR AGAINST CAPTCHA WITH IMPLEMENTATION OF THE WORLDS MOST ACCURATE CAPTCHA BREAKER By Huy Truong & Kathleen.

COMPUTER MALWARE FINAL PROJECT PROPOSAL THE WAR AGAINST CAPTCHA WITH IMPLEMENTATION OF THE WORLDS MOST ACCURATE CAPTCHA BREAKER By Huy Truong & Kathleen.
Categories of I/O Devices

Categories of I/O Devices
CAPTCHA: Using Hard AI Problems for Security 12 Jun 2007 Ohad Barak (a.k.a. jo) Luis Von Ahn, EuroCrypt 2003.

CAPTCHA: Using Hard AI Problems for Security 12 Jun 2007 Ohad Barak (a.k.a. jo) Luis Von Ahn, EuroCrypt 2003.
Cloud Computing COMP 1631, Winter 2011 Yanggang Chen.

Cloud Computing COMP 1631, Winter 2011 Yanggang Chen.
Lecture 9 Page 1 CS 236 Online Denial of Service Attacks that prevent legitimate users from doing their work By flooding the network Or corrupting routing.

Lecture 9 Page 1 CS 236 Online Denial of Service Attacks that prevent legitimate users from doing their work By flooding the network Or corrupting routing.
Bitcoin. What is Bitcoin? A P2P network for electronic payments Benefits: – Low fees – No middlemen – No central authority – Can be anonymous – Each payment.

Bitcoin. What is Bitcoin? A P2P network for electronic payments Benefits: – Low fees – No middlemen – No central authority – Can be anonymous – Each payment.
DDOS Defense by Offense OFFENSE Presented by: Anup Goyal Aojan Su.

DDOS Defense by Offense OFFENSE Presented by: Anup Goyal Aojan Su.
5/18/2015 Samarpita Hurkute DDoS Defense By Offense 1 DDoS Defense by Offense Michael Walfish,Mythili Vutukuru,Hari Balakrishnan,David Karger,Scott Shenker.

5/18/2015 Samarpita Hurkute DDoS Defense By Offense 1 DDoS Defense by Offense Michael Walfish,Mythili Vutukuru,Hari Balakrishnan,David Karger,Scott Shenker.
DDoS: Defense by Offense 1 DDoS Defense by Offense Michael Walfish, Mythili Vutukuru, Hari Balakrishnan, David Karger, and Scott Shenker, SIGCOMM ‘06 Presented.

DDoS: Defense by Offense 1 DDoS Defense by Offense Michael Walfish, Mythili Vutukuru, Hari Balakrishnan, David Karger, and Scott Shenker, SIGCOMM ‘06 Presented.
1 DDoS Defense by Offense Michael Walfish, Mythili Vutukuru, Hari Balakrishnan, David Karger, Scott Shenker, SIGCOMM ‘06 Presented by Lianmu Chen DDoS:

1 DDoS Defense by Offense Michael Walfish, Mythili Vutukuru, Hari Balakrishnan, David Karger, Scott Shenker, SIGCOMM ‘06 Presented by Lianmu Chen DDoS:
563.10.3 CAPTCHA Presented by: Sari Louis SPAM Group: Marc Gagnon, Sari Louis, Steve White University of Illinois Spring 2006.

CAPTCHA Presented by: Sari Louis SPAM Group: Marc Gagnon, Sari Louis, Steve White University of Illinois Spring 2006.
Michael Walfish, Mythili Vutukuru, Hari Balakrishanan, David Karger, Scott Shankar DDos Defense by Offense.

Michael Walfish, Mythili Vutukuru, Hari Balakrishanan, David Karger, Scott Shankar DDos Defense by Offense.
CAPTCHA Presented By Sayani Chandra (Roll - 09127106017)

CAPTCHA Presented By Sayani Chandra (Roll )
COVERT TWO-PARTY COMPUTATION LUIS VON AHN CARNEGIE MELLON UNIVERSITY JOINT WORK WITH NICK HOPPER JOHN LANGFORD.

COVERT TWO-PARTY COMPUTATION LUIS VON AHN CARNEGIE MELLON UNIVERSITY JOINT WORK WITH NICK HOPPER JOHN LANGFORD.
DDoS Defense by Offense Presented by: Matthew C.H. Ma Damon Chan.

DDoS Defense by Offense Presented by: Matthew C.H. Ma Damon Chan.
Mitigating Bandwidth- Exhaustion Attacks using Congestion Puzzles XiaoFeng Wang Michael K. Reiter.

Mitigating Bandwidth- Exhaustion Attacks using Congestion Puzzles XiaoFeng Wang Michael K. Reiter.
DDoS: Defense by Offense 1 DDoS Defense by Offense Michael Walfish, Mythili Vutukuru, Hari Balakrishnan, David Karger, and Scott Shenker, SIGCOMM ‘06 Presented.

DDoS: Defense by Offense 1 DDoS Defense by Offense Michael Walfish, Mythili Vutukuru, Hari Balakrishnan, David Karger, and Scott Shenker, SIGCOMM ‘06 Presented.
CAPTCHA Prabhakar Verma “08MC30”.

CAPTCHA Prabhakar Verma “08MC30”.
CAPTCHA & THE ESP GAME SHAH JAYESH CS575SPRING 2008.

CAPTCHA & THE ESP GAME SHAH JAYESH CS575SPRING 2008.
Human Computation CSC4170 Web Intelligence and Social Computing Tutorial 7 Tutor: Tom Chao Zhou

Human Computation CSC4170 Web Intelligence and Social Computing Tutorial 7 Tutor: Tom Chao Zhou

Similar presentations

Ads by Google