Presentation is loading. Please wait.

Presentation is loading. Please wait.

Internet Worms, SYN DOS attack

Published byἈρταξέρξης Αλεξάνδρου Modified over 5 years ago

Similar presentations

Presentation on theme: "Internet Worms, SYN DOS attack"— Presentation transcript:

1 Internet Worms, SYN DOS attack
Eugene H. Spafford; "The Internet Worm Program: An Analysis"; ACM COMPUTER COMMUNICATION REVIEW; ACM Press, New York,NY; 19(1), pp , Jan 1989 Christoph L. Schuba, Ivan V. Krsul, Markus G. Kuhn, Eugene H. Spafford, Aurobindo Sundaram, Diego Zamboni, "Analysis of a Denial of Service Attack on TCP". Proceedings of the IEEE, 1997 RFC Known TCP Implementation Problems 28-Nov-18 4/598N: Computer Networks

2 November 2, 1988: Robert T. Morris Jr. Internet worm
Graduate student at Cornell University. Son of the chief scientist at the National Computer Security Center -- part of the National Security Agency Convicted in 1990: $10,000 fine, 3 yr. Suspended jail sentence, 400 hours of community service Today he’s a professor at MIT 28-Nov-18 4/598N: Computer Networks

3 System Threats (from Silberschatz)
Worms – use spawn mechanism; standalone program Internet worm Exploited UNIX networking features (remote access) and bugs in finger and sendmail programs Grappling hook program uploaded main worm program Viruses – fragment of code embedded in a legitimate program Downloading viral programs from public bulletin boards or exchanging floppy disks containing an infection Safe computing Denial of Service Overload the targeted computer preventing it from doing any useful work 28-Nov-18 4/598N: Computer Networks

4 The Morris Internet Worm
28-Nov-18 4/598N: Computer Networks

5 A firewall is placed between trusted and untrusted hosts
The firewall limits network access between these two security domains Prevent internal clients from accessing “forbidden” external nodes (e.g. adult sites) Prevent external nodes from sending malicious objects into protected network SYN flood attacks etc. 28-Nov-18 4/598N: Computer Networks

6 Network Security Through Domain Separation Via Firewall
Demilitarized Zone (DMZ) 28-Nov-18 4/598N: Computer Networks

7 Detect attempts to intrude into computer systems. Detection methods:
Intrusion Detection Detect attempts to intrude into computer systems. Detection methods: Auditing and logging. Tripwire (UNIX software that checks if certain files and directories have been altered – I.e. password files) System call monitoring 28-Nov-18 4/598N: Computer Networks

8 SYN flooding 28-Nov-18 4/598N: Computer Networks

9 Network Attacks: Distributed DoS (courtesy Georgios Koutepas)
"zombies" Pirated machines Domain A Domain B 2. Commanding the attack 1. Taking Control Target domain Attacker X Admin Problem 1: Active "zombies" Admin Problem 2: The network allows outgoing packets with wrong source addresses 28-Nov-18 4/598N: Computer Networks

10 X Multi-tier attack Attack Master Admin Problem: No detection of
malicious activities Target domain "zombies" Attack Agents X Attacker Attack Master 28-Nov-18 4/598N: Computer Networks

11 Discussion Protocols and components should be designed and evaluated not only on their performance gains, but also on their robustness against implementation flaws 28-Nov-18 4/598N: Computer Networks

Download ppt "Internet Worms, SYN DOS attack"

Similar presentations

IS 376 NOVEMBER 5, 2013 2013 DATA BREACH INVESTIGATIONS REPORT By The Verizon RISK Team Research Investigations Solutions Knowledge.

IS 376 NOVEMBER 5, DATA BREACH INVESTIGATIONS REPORT By The Verizon RISK Team Research Investigations Solutions Knowledge.
Dr. Kalpakis CMSC 421, Operating Systems. Fall 2008 URL: Security.

Dr. Kalpakis CMSC 421, Operating Systems. Fall 2008 URL: Security.
Communications of the ACM (CACM), Vol. 32, No. 6, June 1989

Communications of the ACM (CACM), Vol. 32, No. 6, June 1989
Lecture: Malicious Code CIS 3360 Ratan K. Guha. Malicious Code2 Overview and Reading Assignments Defining malicious logic Types Action by Viruses Reading.

Lecture: Malicious Code CIS 3360 Ratan K. Guha. Malicious Code2 Overview and Reading Assignments Defining malicious logic Types Action by Viruses Reading.
CSE331: Introduction to Networks and Security Lecture 32 Fall 2002.

CSE331: Introduction to Networks and Security Lecture 32 Fall 2002.
Computer Viruses and Worms* *Referred to slides by Dragan Lojpur, Zhu Fang at Florida State University.

Computer Viruses and Worms* *Referred to slides by Dragan Lojpur, Zhu Fang at Florida State University.
Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.

Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.
Security (Continued) V.T. Raja, Ph.D., Oregon State University.

Security (Continued) V.T. Raja, Ph.D., Oregon State University.
Chapter 10: Data Centre and Network Security Proxies and Gateways * Firewalls * Virtual Private Network (VPN) * Security issues * * * * Objectives:

Chapter 10: Data Centre and Network Security Proxies and Gateways * Firewalls * Virtual Private Network (VPN) * Security issues * * * * Objectives:
Security  The Security Problem  Authentication  Program Threats  System Threats  Securing Systems  Intrusion (unwanted involvement) Detection  Encryption.

Security  The Security Problem  Authentication  Program Threats  System Threats  Securing Systems  Intrusion (unwanted involvement) Detection  Encryption.
Silberschatz, Galvin and Gagne  2002 19.1 Operating System Concepts The Security Problem A system is secure iff its resources are used and accessed as.

Silberschatz, Galvin and Gagne  Operating System Concepts The Security Problem A system is secure iff its resources are used and accessed as.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.

19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
Software Security Threats Threats have been an issue since computers began to be used widely by the general public.

Software Security Threats Threats have been an issue since computers began to be used widely by the general public.
Security A system is secure if its resources are used and accessed as intended under all circumstances. It is not generally possible to achieve total security.

Security A system is secure if its resources are used and accessed as intended under all circumstances. It is not generally possible to achieve total security.
U NIVERSITY OF M ASSACHUSETTS, A MHERST Department of Computer Science Emery Berger University of Massachusetts, Amherst Operating Systems CMPSCI 377 Lecture.

U NIVERSITY OF M ASSACHUSETTS, A MHERST Department of Computer Science Emery Berger University of Massachusetts, Amherst Operating Systems CMPSCI 377 Lecture.
Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.

Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.
Silberschatz, Galvin and Gagne  2002 19.1 Operating System Concepts Module 19: Security The Security Problem Authentication Program Threats System Threats.

Silberschatz, Galvin and Gagne  Operating System Concepts Module 19: Security The Security Problem Authentication Program Threats System Threats.
CSE331: Introduction to Networks and Security Lecture 33 Fall 2002.

CSE331: Introduction to Networks and Security Lecture 33 Fall 2002.
Protection and Security CSCI 444/544 Operating Systems Fall 2008.

Protection and Security CSCI 444/544 Operating Systems Fall 2008.

Similar presentations

Ads by Google