Presentation is loading. Please wait.

Presentation is loading. Please wait.

DDoS Attack and Its Defense

Published bySybil Hutchinson Modified over 5 years ago

Similar presentations

Presentation on theme: "DDoS Attack and Its Defense"— Presentation transcript:

1 DDoS Attack and Its Defense
CSE551: Introduction to Information Security CSE551 Handout on DDoS

2 Outline What is a DDOS attack? How to defend a DDoS attack?
CSE551 Handout on DDoS and Worm

3 What is DDoS attack? Internet DDoS attack is real threat
- on websites · Yahoo, CNN, Amazon, eBay, etc (Feb. 2000)  services were unavailable for several hours - on Internet infrastructure · 13 root DNS servers (Oct, 2002)  7 of them were shut down, 2 others partially unavailable Lack of defense mechanism on current Internet CSE551 Handout on DDoS and Worm

4 What is a DDos Attack? DoS attacks: Examples of DoS include:
Attempt to prevent legitimate users of a service from using it Examples of DoS include: Flooding a network Disrupting connections between machines Disrupting a service Distributed Denial-of-Service Attacks Many machines are involved in the attack against one or more victim(s) CSE551 Handout on DDoS and Worm

5 CSE551 Handout on DDoS and Worm

6 CSE551 Handout on DDoS and Worm

7 CSE551 Handout on DDoS and Worm

8 What Makes DDoS Attacks Possible?
Internet was designed with functionality & not security in mind Internet security is highly interdependent Internet resources are limited Power of many is greater than power of a few CSE551 Handout on DDoS and Worm

9 To Address DDoS attack Ingress Filtering
- P. Ferguson and D. Senie, RFC 2267, Jan 1998 - Block packets that has illegitimate source addresses - Disadvantage : Overhead makes routing slow Identification of the origins (Traceback problem) - IP spoofing enables attackers to hide their identity - Many IP traceback techniques are suggested Mitigating the effect during the attack - Pushback CSE551 Handout on DDoS and Worm

10 IP Traceback - Allows victim to identify the origin of attackers
- Several approaches ICMP trace messages, Probabilistic Packet Marking, Hash-based IP Traceback, etc. CSE551 Handout on DDoS and Worm

11 PPM Probabilistic Packet Marking scheme
- Probabilistically inscribe local path info - Use constant space in the packet header - Reconstruct the attack path with high probability Making at router R For each packet w Generate a random number x from [0,1) If x < p then Write IP address of R into w.head Write 0 into w.distance else if w.distance == 0 then wirte IP address of R into w.tail Increase w.distance endif CSE551 Handout on DDoS and Worm

12 PPM (Cont.) legitimate user attacker Victim
CSE551 Handout on DDoS and Worm

13 PPM (Cont.) legitimate user attacker Victim
CSE551 Handout on DDoS and Worm

14 PPM (Cont.) legitimate user attacker Victim
CSE551 Handout on DDoS and Worm

15 PPM (Cont.) R V legitimate user attacker Victim
CSE551 Handout on DDoS and Worm

16 What is Pushback? A mechanism that allows a router to request adjacent upstream routers to limit the rate of traffic CSE551 Handout on DDoS and Worm

17 How Does it Work? A congested router request other adjacent routers to limit the rate of traffic for that particular aggregate. Router sends pushback message Received routers propagates pushback CSE551 Handout on DDoS and Worm

18 Conclusion What is a DDoS attack? Defending a DDoS attack
Ingress filtering Trace-back Push-back CSE551 Handout on DDoS and Worm

Download ppt "DDoS Attack and Its Defense"

Similar presentations

COMP 7320 Internet Security: Prevention of DDoS Attacks By Dack Phillips.

COMP 7320 Internet Security: Prevention of DDoS Attacks By Dack Phillips.
Denial of Service Attack History What is a Denial of Service Attack? Modes of Attack Performing a Denial of Service Attack Distributed Denial of Service.

Denial of Service Attack History What is a Denial of Service Attack? Modes of Attack Performing a Denial of Service Attack Distributed Denial of Service.
Defending Against Denial of Service Attacks Presented By: Jordan Deveroux 1.

Defending Against Denial of Service Attacks Presented By: Jordan Deveroux 1.
Random Flow Network Modeling and Simulations for DDoS Attack Mitigation Jiejun Kong, Mansoor Mirza, James Shu, Christian Yoedhana, Mario Gerla, Songwu.

Random Flow Network Modeling and Simulations for DDoS Attack Mitigation Jiejun Kong, Mansoor Mirza, James Shu, Christian Yoedhana, Mario Gerla, Songwu.
Are you secured in the network ?: a quick look at the TCP/IP protocols Based on: A look back at “Security Problems in the TCP/IP Protocol Suite” by Steven.

Are you secured in the network ?: a quick look at the TCP/IP protocols Based on: A look back at “Security Problems in the TCP/IP Protocol Suite” by Steven.
Stefan Savage, David Wetherall, Anna Karlin and Tom Anderson University of Washington- Seattle, WA Presented by Mohammad Hajjat- Purdue University Slides.

Stefan Savage, David Wetherall, Anna Karlin and Tom Anderson University of Washington- Seattle, WA Presented by Mohammad Hajjat- Purdue University Slides.
Lecture 9 Page 1 CS 236 Online Denial of Service Attacks that prevent legitimate users from doing their work By flooding the network Or corrupting routing.

Lecture 9 Page 1 CS 236 Online Denial of Service Attacks that prevent legitimate users from doing their work By flooding the network Or corrupting routing.
Defending against Large-Scale Distributed Denial-of-Service Attacks Department of Electrical and Computer Engineering Advanced Research in Information.

Defending against Large-Scale Distributed Denial-of-Service Attacks Department of Electrical and Computer Engineering Advanced Research in Information.
IP Spoofing Defense On the State of IP Spoofing Defense TOBY EHRENKRANZ and JUN LI University of Oregon 1 IP Spoofing Defense.

IP Spoofing Defense On the State of IP Spoofing Defense TOBY EHRENKRANZ and JUN LI University of Oregon 1 IP Spoofing Defense.
Overview of Distributed Denial of Service (DDoS) Wei Zhou.

Overview of Distributed Denial of Service (DDoS) Wei Zhou.
Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.

Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.
Simulation and Analysis of DDos Attacks Poongothai, M Department of Information Technology,Institute of Road and Transport Technology, Erode Tamilnadu,

Simulation and Analysis of DDos Attacks Poongothai, M Department of Information Technology,Institute of Road and Transport Technology, Erode Tamilnadu,
Hash-Based IP Traceback Best Student Paper ACM SIGCOMM’01.

Hash-Based IP Traceback Best Student Paper ACM SIGCOMM’01.
Network Layer Security Distributed Denial of Service (DDoS) attacks and the proposed solutions November 12, 2007.

Network Layer Security Distributed Denial of Service (DDoS) attacks and the proposed solutions November 12, 2007.
Detecting SYN-Flooding Attacks Aaron Beach CS 395 Network Secu rity Spring 2004.

Detecting SYN-Flooding Attacks Aaron Beach CS 395 Network Secu rity Spring 2004.
IP Traceback With Deterministic Packet Marking Andrey Belenky and Nirwan Ansari IEEE communication letters, VOL. 7, NO. 4 April 2003 林怡彣.

IP Traceback With Deterministic Packet Marking Andrey Belenky and Nirwan Ansari IEEE communication letters, VOL. 7, NO. 4 April 2003 林怡彣.
Introduction. Overview of Pushback. Architecture of router. Pushback mechanism. Conclusion. Pushback: Remedy for DDoS attack.

Introduction. Overview of Pushback. Architecture of router. Pushback mechanism. Conclusion. Pushback: Remedy for DDoS attack.
Beyond the perimeter: the need for early detection of Denial of Service Attacks John Haggerty,Qi Shi,Madjid Merabti Presented by Abhijit Pandey.

Beyond the perimeter: the need for early detection of Denial of Service Attacks John Haggerty,Qi Shi,Madjid Merabti Presented by Abhijit Pandey.
On the Effectiveness of Route- Based Packet Filtering for Distributed DoS Attack Prevention in Power-Law Internets Kihong Park and Heejo Lee Network Systems.

On the Effectiveness of Route- Based Packet Filtering for Distributed DoS Attack Prevention in Power-Law Internets Kihong Park and Heejo Lee Network Systems.
John Kristoff DePaul Security Forum 2003 1 Network Defenses to Denial of Service Attacks John Kristoff +01 312 362-5878.

John Kristoff DePaul Security Forum Network Defenses to Denial of Service Attacks John Kristoff

Similar presentations

Ads by Google