Presentation is loading. Please wait.

Presentation is loading. Please wait.

CS4622 Team 4 Worms, DoS, and Smurf Attacks

Published byCory Owen Modified over 5 years ago

Similar presentations

Presentation on theme: "CS4622 Team 4 Worms, DoS, and Smurf Attacks"— Presentation transcript:

1 CS4622 Team 4 Worms, DoS, and Smurf Attacks
DeShawn Dortch, Hunter Layton, Alaina Hammonds, Michael Hewitt, Oliver Harper, Ben Nunnelley

2 What Is a Worm? Worm vs Virus Self Propagating Host What Does it Do?
Spread Delivery of Payload

3 How Does it Spread? System vulnerabilities Taking over specific ports
Backdoors Social Engineering IRC Human Ignorance

4 Examples SQL Slammer Vigilante Worm ILOVEYOU Worm WannaCry

5 Damages caused by worms
No direct damage caused by worms Network and Bandwidth Hampering Malicious payloads

6 Recovering from and Preventing Worm Attacks
Containment Inoculation Quarantining Treating Preventing Antivirus Software Patches General best practices

7 DoS Attacks What is a DoS attack? How do DoS attacks affect you?
How is a DoS attack executed? Examples of DoS attacks: Flood attacks Application Layer attacks APDoS attacks “Ping of Death” “UDP Storm” What are the effects of a DoS attack? How can a DoS attack be prevented?

8 What is a DoS Attack? Denial of Service Attack
Usually targeted at larger servers or businesses Can involve other innocent users via “Distributed” DoS

9 How do DoS Attacks Affect You?
Prevents users from accessing services hosted by the victim Consumes large amounts of the victim’s bandwidth Consumes victim’s processing power; slows computer Decreases strength of victim’s security, making them vulnerable to other attacks

10 How is a DDoS Attack Executed?
Zombie Spreading control LOIC & HOIC Botnet

11 Examples of DoS Attacks
Flood attacks - Flood victim with too much traffic for the victim to buffer Application Layer attacks - HTTP GET and HTTP POST APDoS attacks - Advanced Persistent Denial of Service “Ping of Death” - Oversized packets using “ping” command “UDP Storm” - Random ports on the targeted host with IP packets containing UDP datagrams

12 How Can a DoS Attack Be Prevented?
Preventative vs Reactive Patching security software Regular monitoring of systems Increase effective resources Detect known signatures Compare traffic on network

13 Smurf Attack What is a Smurf Attack? How a Smurf Attack works
Effects of Smurf Attack How can Smurf Attacks be prevented?

14 What is a Smurf Attack? A variation of DDoS
Utilizes ICMP Echo request packets to flood a network with requests and responses IP broadcasting allows for this type of attack to be amplified

15 How a Smurf attack works:
An ICMP Ping request is created with a spoofed IP address of the target computer This request is distributed across the host network The replies are sent back to the target and this creates a flood of pings that disrupts the network

16 Effects of Smurf Attack
Victim network gets flooded with replies Smurf attack can cripple a company’s servers for extended periods of time, sometimes used as a cover for other attacks on the network Smurf program downloaded as a trojan Sits dormant til activated by remote user Usually combined with other ways to access systems such as rootkits

17 Prevention of Smurf Attacks
Put filters on routers and firewalls to prevent address spoofing Turn off IP broadcasting on network routers Filter out directed broadcast traffic that is coming into the network

18 Sources “Computer Worms Explained.” Norton Security Online, “Computer Worm.” Veracode, 15 Aug. 2017, “CCNA Security: Worm, Virus and Trojan Horse Attacks.” CertificationKits.com, certification/ccna-security-certification-topics/ccna-security-describe- security-threats/ccna-security-worm-virus-and-trojan-horse-attacks/.

19 Sources cont. Cisco. “What Is the Difference: Viruses, Worms, Trojans, and Bots?” Cisco, Cisco, 20 Nov. 2017, center/virus-differences.html. Gibson, Steve, and Leo Laporte. “Breaches & Vigilante Worms.” Security Now! Transcript of Episode #528, 6 Oct. 2015, htm. “Distributed Denial of Service Attacks - The Internet Protocol Journal - Volume 7, Number 4.” Cisco, 15 Sept. 2015, issues/table-contents-30/dos-attacks.html.

20 Sources cont. “Understanding Denial of Service (DoS) Attacks.” NCSC Site, 31 Jan , attacks. Incapsula.com, ddos.html. “ICMP Attacks.” InfoSec Resources, 2 Sept. 2015, resources.infosecinstitute.com/icmp-attacks/#gref. “What Is a Smurf Attack?” Usa.kaspersky.com, usa.kaspersky.com/resource-center/definitions/smurf-attack.

21 Sources cont. “ Smurf DDoS Attack Type.” Corero, attack-types/smurf-ddos-attack.html. “What Is a Computer Worm and How Does It Spread?” Emsisoft Security Blog, 28 Feb. 2018, blog.emsisoft.com/en/28154/computer-worms/.

Download ppt "CS4622 Team 4 Worms, DoS, and Smurf Attacks"

Similar presentations

Network and Application Attacks Contributed by- Chandra Prakash Suryawanshi CISSP, CEH, SANS-GSEC, CISA, ISO 27001LI, BS 25999LA, ERM (ISB) June 2006.

Network and Application Attacks Contributed by- Chandra Prakash Suryawanshi CISSP, CEH, SANS-GSEC, CISA, ISO 27001LI, BS 25999LA, ERM (ISB) June 2006.
Net security - budi rahardjo Overview of Network Security Budi Rahardjo CISCO seminar 13 March 2002.

Net security - budi rahardjo Overview of Network Security Budi Rahardjo CISCO seminar 13 March 2002.
Denial of Service & Session Hijacking.  Rendering a system unusable to those who deserve it  Consume bandwidth or disk space  Overwhelming amount of.

Denial of Service & Session Hijacking.  Rendering a system unusable to those who deserve it  Consume bandwidth or disk space  Overwhelming amount of.
Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.

Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.
Simulation and Analysis of DDos Attacks Poongothai, M Department of Information Technology,Institute of Road and Transport Technology, Erode Tamilnadu,

Simulation and Analysis of DDos Attacks Poongothai, M Department of Information Technology,Institute of Road and Transport Technology, Erode Tamilnadu,
Network-Based Denial of Service Attacks Trends, Descriptions, and How to Protect Your Network Craig A. Huegen Cisco Systems, Inc. NANOG 13 -- Dearborn,

Network-Based Denial of Service Attacks Trends, Descriptions, and How to Protect Your Network Craig A. Huegen Cisco Systems, Inc. NANOG Dearborn,
 Population: N=100,000  Scan rate  = 4000/sec, Initially infected: I 0 =10  Monitored IP space 2 20, Monitoring interval:  = 1 second Infected hosts.

 Population: N=100,000  Scan rate  = 4000/sec, Initially infected: I 0 =10  Monitored IP space 2 20, Monitoring interval:  = 1 second Infected hosts.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
Network Attack and Defense

Network Attack and Defense
Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.

Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.
Analysis of Attack By Matt Kennedy. Different Type of Attacks o Access Attacks o Modification and Repudiation Attacks o DoS Attacks o DDoS Attacks o Attacks.

Analysis of Attack By Matt Kennedy. Different Type of Attacks o Access Attacks o Modification and Repudiation Attacks o DoS Attacks o DDoS Attacks o Attacks.
Web server security Dr Jim Briggs WEBP security1.

Web server security Dr Jim Briggs WEBP security1.
DENIAL OF SERVICE ATTACK

DENIAL OF SERVICE ATTACK
Internet Relay Chat Security Issues By Kelvin Lau and Ming Li.

Internet Relay Chat Security Issues By Kelvin Lau and Ming Li.
Denial of Service Attacks: Methods, Tools, and Defenses Authors: Milutinovic, Veljko, Savic, Milan, Milic, Bratislav,

Denial of Service Attacks: Methods, Tools, and Defenses Authors: Milutinovic, Veljko, Savic, Milan, Milic, Bratislav,
Common forms and remedies Neeta Bhadane Raunaq Nilekani Sahasranshu.

Common forms and remedies Neeta Bhadane Raunaq Nilekani Sahasranshu.
BOTNETS & TARGETED MALWARE Fernando Uribe. INTRODUCTION  Fernando Uribe   IT trainer and Consultant for over 15 years specializing.

BOTNETS & TARGETED MALWARE Fernando Uribe. INTRODUCTION  Fernando Uribe   IT trainer and Consultant for over 15 years specializing.
1Federal Network Systems, LLC CIS Network Security Instructor Professor Mort Anvair Notice: Use and Disclosure of Data. Limited Data Rights. This proposal.

1Federal Network Systems, LLC CIS Network Security Instructor Professor Mort Anvair Notice: Use and Disclosure of Data. Limited Data Rights. This proposal.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 8 – Denial of Service.

Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 8 – Denial of Service.

Similar presentations

Ads by Google