Presentation is loading. Please wait.

Presentation is loading. Please wait.

DDoS Attacks on Financial Institutions Presentation

Published byCamilla Newman Modified over 6 years ago

Similar presentations

Presentation on theme: "DDoS Attacks on Financial Institutions Presentation"— Presentation transcript:

1 DDoS Attacks on Financial Institutions Presentation
By: Chandler Strouse

2 What is DDoS? DDoS stands for Distributed Denial of Service
Attempts to make an online service unavailable by overwhelming it with traffic Different types of attacks: Volumetric Protocol (State-Exhaustion) Application-Layer

3 Volumetric Attack Most common form of DDoS
Floods network layer with traffic that appears legitimate Examples of Volumetric attacks: UDP Flood ICMP (Ping) Flood

4 Volumetric Attack: UDP Flood
Floods random ports on a remote host with a huge number of UDP packets Causes host to constantly check for application listening at the port No application is found, replies with “Destination Unreachable” packet

5 Volumetric Attack: ICMP (Ping) Flood
Similar to UDP Flood Sends vast numbers of ping packets without waiting for reply Host attempts to respond to all pings, consuming both incoming and outgoing bandwidth

6 Protocol Attack Also called state exhaustion, targets connection state tables in firewalls, app servers, etc. Consumes server resources and works to exhaust the limited number of concurrent connections device can support Examples of Protocol Attacks: Ping of Death SYN Flood

7 Protocol Attack: Ping of Death
Defragments large ping packet and sends to server as fast as possible Target reassembles packet, causing a buffer overload Target tries to respond to ping packet and crashes

8 Protocol Attack: SYN Flood
Exploits weakness in TCP Connection TCP uses three-way handshake: Request Host ACK Requester ACK SYN Flood sends multiple requests but doesn’t respond to ACKs Host system waits for ACK, binding resources and blocking traffic

9 Application-Layer Attack
Attack targets weaknesses in an application or server Attempts to monopolize its processes and transactions Hardest to detect Mimics human behavior Can originate from single machine, generating less traffic Examples of Application-layer attacks: HTTP Flood Slowloris

10 Application-Layer Attack: HTTP Flood
Sends seemingly harmless HTTP GET or HTTP POST requests to app Huge volumes of requests are sent and as app responds to each, resources are consumed Ideally, application will be manipulated into using the maximum possible resources to respond to each request

11 Application-Layer Attack: Slowloris
Attacker sends partial request to target, however request is never completed and false connection is kept open Eventually, max concurrent connection limit is reached Effective because partial packets are used, rather than malformed packets, making it harder to detect Can prevent creation of log files

12 Botnets DDoS attacks are more effective with more computers
Botnets are an interconnected network of infected computers Can be used to send spam s, transmit viruses, or join in DDoS attacks Can in size range from a couple of computers to hundreds of thousands

13 Why Do People Use DDoS Attacks?
Most common reason is money Extortion Heist Bank of the West Sabotage Rival Competitors Also used as a form of protest Anonymous CIA, Vatican, ISIS

14 Why are Financial Institutions Targeted?
They control large amounts of money Large user base Support entire economy, other companies rely on them

15 Why are DDoS attacks so common?
Number and Severity of DDoS attacks been constantly rising over past couple years Availability of powerful, free tools requiring minimal computer knowledge HOIC Relative cheapness of botnets

16 DDoS Defense? Impossible to prevent DDoS attacks Mitigate effects
Increase capabilities of system, Ex: more server processing power ISPs can provide “burst” bandwidth Configure router or switch to filter nonessential protocols and stop invalid IPs

17 DDoS Response Plan Preparation During attack Post-Attack Create a team
Role’s for each team member during an attack Asses Risks and vulnerabilities that could be exploited During attack Analyze network to differentiate DDoS traffic from real users Respond to attack by configuring filters to discard incoming packets or avoid sending unnecessary response packets Post-Attack Analyze damages Adapt plan to better deal with next attack

18 Conclusion DDoS attacks are becoming more common and more severe
Must prepare for attacks Response plan Many reasons for attacks, but money is the most common reason Because of this, Financial Institutions must take extra precaution to prepare for inevitable attacks

Download ppt "DDoS Attacks on Financial Institutions Presentation"

Similar presentations

Network and Application Attacks Contributed by- Chandra Prakash Suryawanshi CISSP, CEH, SANS-GSEC, CISA, ISO 27001LI, BS 25999LA, ERM (ISB) June 2006.

Network and Application Attacks Contributed by- Chandra Prakash Suryawanshi CISSP, CEH, SANS-GSEC, CISA, ISO 27001LI, BS 25999LA, ERM (ISB) June 2006.
Umut Girit 200535027.  One of the core members of the Internet Protocol Suite, the set of network protocols used for the Internet. With UDP, computer.

Umut Girit  One of the core members of the Internet Protocol Suite, the set of network protocols used for the Internet. With UDP, computer.
1 Topic 2 – Lesson 4 Packet Filtering Part I. 2 Basic Questions What is packet filtering? What is packet filtering? What elements are inside an IP header?

1 Topic 2 – Lesson 4 Packet Filtering Part I. 2 Basic Questions What is packet filtering? What is packet filtering? What elements are inside an IP header?
Review For Exam 2 March 9, 2010 MIS 4600 – MBA 5880 - © Abdou Illia.

Review For Exam 2 March 9, 2010 MIS 4600 – MBA © Abdou Illia.
CISCO NETWORKING ACADEMY PROGRAM (CNAP)

CISCO NETWORKING ACADEMY PROGRAM (CNAP)
Denial of Service & Session Hijacking.  Rendering a system unusable to those who deserve it  Consume bandwidth or disk space  Overwhelming amount of.

Denial of Service & Session Hijacking.  Rendering a system unusable to those who deserve it  Consume bandwidth or disk space  Overwhelming amount of.
Lecture 9 Page 1 CS 236 Online Denial of Service Attacks that prevent legitimate users from doing their work By flooding the network Or corrupting routing.

Lecture 9 Page 1 CS 236 Online Denial of Service Attacks that prevent legitimate users from doing their work By flooding the network Or corrupting routing.
Hands-On Ethical Hacking and Network Defense Second Edition Chapter 5 Port Scanning.

Hands-On Ethical Hacking and Network Defense Second Edition Chapter 5 Port Scanning.
Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning.

Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning.
Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 7 “Denial-of-Service-Attacks”.

Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 7 “Denial-of-Service-Attacks”.
Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.

Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.
Simulation and Analysis of DDos Attacks Poongothai, M Department of Information Technology,Institute of Road and Transport Technology, Erode Tamilnadu,

Simulation and Analysis of DDos Attacks Poongothai, M Department of Information Technology,Institute of Road and Transport Technology, Erode Tamilnadu,
Computer Security and Penetration Testing

Computer Security and Penetration Testing
Distributed Denial of Service Attacks CMPT 471 1 Distributed Denial of Service Attacks Darius Law.

Distributed Denial of Service Attacks CMPT Distributed Denial of Service Attacks Darius Law.
Scanning February 23, 2010 MIS 4600 – MBA 5880 - © Abdou Illia.

Scanning February 23, 2010 MIS 4600 – MBA © Abdou Illia.
Beyond the perimeter: the need for early detection of Denial of Service Attacks John Haggerty,Qi Shi,Madjid Merabti Presented by Abhijit Pandey.

Beyond the perimeter: the need for early detection of Denial of Service Attacks John Haggerty,Qi Shi,Madjid Merabti Presented by Abhijit Pandey.
Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.

Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.
Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 7: Denial-of-Service Attacks.

Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 7: Denial-of-Service Attacks.
Defending Against Flooding Based DoS Attacks : A tutorial - Rocky K.C. Chang, The Hong Kong Polytechnic University Presented by – Ashish Samant.

Defending Against Flooding Based DoS Attacks : A tutorial - Rocky K.C. Chang, The Hong Kong Polytechnic University Presented by – Ashish Samant.
Attack Profiles CS-480b Dick Steflik Attack Categories Denial-of-Service Exploitation Attacks Information Gathering Attacks Disinformation Attacks.

Attack Profiles CS-480b Dick Steflik Attack Categories Denial-of-Service Exploitation Attacks Information Gathering Attacks Disinformation Attacks.

Similar presentations

Ads by Google