.

Friday, March 1, 2019

Individual Assignment Essay

Having a strong web presence is non scarce important in todays world, it is vital for survival in todays super connected world. Companies, banks, agencies and private industries must be able to manufacture an environment to interact with customers, government officials and other companies in order to thrive. opening move yourself up to any(prenominal)(prenominal)one through the Internet often means opening your corpse up to the world. Today we be much connected than ever, and profit is be with a multitude of individuals, many with the intent to compromise network confidentiality, faithfulness and availability.Anyone with a computer and Internet access potentiometer become a victim or criminal over the web. As a result, networks and servers be under constant combat these days. Attackers be changing their techniques daily and be on a never ended endeavor to disrupt companies for their narcissistic reasons. Two such homunculuss of disruption are defence force of Service (DoS) and Distributed Denial of Service (DDoS) attacks. These forms of disruption bring in cost companies millions of dollars and are showing no signs of stymyping.That is wherefore it is up to security professionals to create the best safeguards and impose economical and proper techniques to prevent, mitigate and discover these attacks before they inflict terrible harm. In the following assignment, these important topics of prevention, mitigation and discovery willing be discussed as they match to DoS and DDoS attacks on todays tran manusions. Specifically, deuce-ace schoolman journals have been selected that relate to this topic. This essay will first briefly retell apiece clause that was selected and state the systems of prevention, mitigation or discovery as they relate to denial of service attacks.The second part of this essay will explore in detail the particularised modes discussed in the summaries as they relate to a proposed technique and practical app roach, which brush aside be employ, into a platform. The strengths and weaknesses of each manner that is selected will as well be discussed within the summary. 2 skeleton Overview In order to better understand the reasons for discovering, mitigating and preventing these attacks, it is necessary to first freshen up what exactly Denial of Service and Distributed Denial of Service attacks are and why these specific journal terms were selected for this assignment.DoS and DDoS attacks are extremely popular cyber attacks launched by attackers because of their effectiveness and ease. The goal of a DoS attack is for the attacker to become received specific options of the victims computer or server unusable or make them unavailable. The attacker does this by sending large amounts of profession that calculate to be legitimate petition to the victim. As a result, the victims computer or server is tangled up and that particular resource cannot be used. These attacks expose a signi ficant loophole not just in certain occupations, but loopholes in the transmission control protocol/IP suite (Joshi & Misra, 2010).A DoS attack only pass offs when a resource on a computer or network is slowed down or stopped totally by an individual malevolently. A DDoS attack is very similar to a DoS attack. However, this form of attack is launched on ninefold computers or devices in an organized manner. The goal, in one case again, is to attack a specific target or multiple computers and servers and make them unavailable for use. The first ever reported DDoS attack occurred at a University in 1999. From thusly on, these attacks have become more and more more complex and sophisticated.Their widespread effect has ranged from simply slower speeds on websites, to financial institutions losing millions for not macrocosm accessible to customers. The journal article DDoS prevention Techniques was chosen because it does a fantastic job of explaining the differences between the two attacks, multiple DDoS peckerwoods that attackers use, and lastly ways to prevent and defend against the attacks. The second article selected is coroneted Prevention of Attacks under DDoS Using Target Customer Behavior. I selected this article because it not only gives an overview of this form of attack but also a specific method of protecting a potential server by auction lay offing DoS attacks with behavior ground actions. The last article I chose A Novel Technique for undercover work and Prevention of DDoS also gives a brief overview of the attack as well as a specific method to supporter filter DDoS attacks on online banking websites. 3 Article matchless The article DDoS Prevention Techniques mainly centered around DDoS attack and the methods of preventing them as well as the tools that criminals use to execute these attacks.One example of a tool that these individuals use is Trinoo, which can be used to, launch a coordinated UDP ingurgitateing attack against target system (Joshi & Misra, 2010). Another tool that Joshi & Misra discussed was Trinity. This DDoS attack tool is IRC based and uses flooding methods of the TCP SYN, TCP RST, TCP ACK bay. This tool not only can flood the TCP/IP but also flood the UDP and IP Fragment. This article offers various forms of preemptive methods against DDoS attacks. They separated them into two groups General Techniques and Filtering Techniques.Since the article gave a plethora of examples of common techniques I will discuss two of them as well as the improvements and disadvantages to these practical approaches. One method of preventing against DDoS attacks is disabling unused services. Attackers cant take advantage of something if it is not available to them. So, the fewer applications and open ports that are on a given host, the less likely an attacker can manipulate any vulnerability on that host. Therefore, if a network application is unnecessary it should be disabled or closed immediately (Joshi & Misra, 2010).The advantage of this approach is that it minimizes the attack surface, thus protecting the host from receiving certain pick up from ports that can be used to flood the system. The disadvantage to this approach is that you situate the amount of applications you may need to help run your organization more efficiently. Another method of preventing these attacks is by using a firewall. A firewall can help mitigate against simple DDoS attacks by using simple rules such as implicit deny, or deny any for certain ports and IP addresses.However, the disadvantage of using a firewall to mitigate attacks occurs when sophisticated attacks are launched on ports such as Port 80 used for web traffic. A firewall, cannot tell the difference between legitimate traffic and malicious traffic that comes through the port (Joshi & Misra, 2010). This can lead to an attack still being carried step to the fore if the firewall cannot decide what is good and bad traffic. One filtering techniqu e that was discussed in the journal article was the technique of History Based IP Filtering. During convention function, traffic seems to stay balanced and stable.Yet, during most DoS attacks they are carried out with IP addresses that have never been seen before on the network to flood the system. This form of filtration relies on an IP Address Database (IAD) to store the IP addresses that are used frequently. If an attack is launched and the source address does not match any in the IAD the pick up is dropped. The advantage to this form of protection against DDoS attacks is that it will admit unknown IP address from ever reaching the host. However, the draw sanction is that it will not keep out legitimate or material IP address that are already in the database.Also, Cost of memory and information sharing is very high (Joshi & Misra, 2010). So if cost is an discommode for an organization, this method may not be best. These methods can be implemented fairly easy for any organi zation. Most security professionals should already have these measures in place such as firewalls and minimizing the attack surface with an dialect on disabling unnecessary services. History based IP filtering is a costly alternative to those methods but can be an additional form of security. 4 Article Two The second article that will be discussed is titled, Prevention of Attacks under DDoS Using Target Customer Behavior. This article discusses a method using an algorithm to look if request to a specific server should be jam or allowed in real succession to mitigate the attack. The algorithm is used to maintain a list of users and to stop attacks from unknown users. The purpose of this tool is to prevent only authorized leaf nodes onto the server. This method accomplishes this by first determining which category the requesting client should be registered or non-registered. The tool uses an anomaly-based system during peak quantifys to help determine if certain requests are deem ed malicious or not.A client will deemed malicious if the client sends repeated request during peak hours and deemed an anomaly client, or thinkable attacking client (Kuppusarny & Malathi, 2012). This tool can track which request make on the server are authorized or wildcat. Once the request is deemed unauthorized, the client is then placed in a group of non-registered users and blocked temporarily until the peak time is finished. This proposed method also makes a weigh system for the amount of request a client may attempt, which are Access Count and Warning Counts. The article explains this in depth by stating, The access count is the count that can be incremented every time the client sends the request. The Warning Count is the count that can be incremented once the unregistered client sends anomalous request (Kuppusarny & Malathi, 2012). This count system helps to determine if the request are legitimate and if so are only temporally blocked during peak times in order to keep systems cut and not flooded with request. This feature also presents a permanent block alternative as well. This occurs once the warning count reaches its doorstep (Kuppusarny & Malathi, 2012).This can be extremely useful when defending against DDoS attacks because it works in real time. The chart below illustrates how this method is carried out for all users difficult to request information from the server. This tool could easily be implemented for any organization looking to defend their systems as well as monitor customer and client user data. The only disadvantage that may occur while implementing this will be the temporarily lockout mechanism that legitimate users may encounter if they enter too many in reject requests. Inconvenience for some users is the only drawback.However, this approach is extremely promising because it does not completely block IP addresses like some filtration systems. They are placed in a certain unauthorized category away from authorized clients an d systems. And once they impinge on certain requirements their request may be authorized if they do not go over the warning count. Also as an added security feature if the client goes over the warning number of request and is also unauthorized they are blocked completely. 5 Article Three The final article that will be discussed is titled A Novel Technique for Detection and Prevention of DDoS. This article was dedicated around a specific method for detecting and preventing DDoS attacks. This method focused on using the Hidden Markov Model. precise similar to the previous method in being an anomaly based system that uses request behavior to block or authorize users. This method also uses an algorithm to track user behavior and determine whether the requests are legitimate or an attack. However uses a different form of authorizing request before allowing access into the system. During the Anomaly Detection Module of the system whenresources are scarce and the server is under heavy tr affic the filter is applied. The system uses a history to maintain each of the clients IP addresses. If unusual behavior is detected through the algorithm the server then goes into a special detection mode. It, replys with the captcha to that client. And if a correct CAPTCHA response is not received within three responses, it then checks the request history sequence. If the difference between the request for the CAPTCHA is less than the threshold allowed, the client is blocked. (Patil, Salunke & Zade, 2011).This model is a great tool in defending against DDoS and also monitoring traffic on a server as a whole. When traffic begins to reach its peak this system can help remedy between legitimate and flooding traffic. This model was put to the test in this article with a fake bank system. The testers used a script in java that repeatedly requested the log in scalawag for a fake account. The server responded with CAPTCHA pages to verify if the requester was legitimate. After three fa iled attempts the IP address was blocked. This type of method should be implemented across systems everywhere.The only foreseeable disadvantage would be from those users who enter the wrong CAPTCHAs more than three times and are blocked out of the system. Other than that this method would be a great tool in the self-denial against DDoS attacks. 6 ratiocination Denials of Service and Distributed Denial of Service Attacks have proven to be a huge hassle for security professionals. Criminals are becoming more sophisticated in their attack schemes and are leaving security teams in a never ending game of catch up. It only takes one loophole in a defense strategy for an individual to wreck havoc on a system.None of these methods will stop DoS and DDoS attacks entirely. However, in the future we must look for tools that include multiple defense strategies to stop these forms of attack. Layering a computer network offers many benefits especially if one level of defense falls, it will not compromise the entire system. The fight to defend cyberspace against these malicious attackers is forever ongoing, but with the right tools and defense strategies we can help maintain a safer and productive Internet experience for all users. 7 Work Cited

No comments:

Post a Comment