a taxonomy of ddos attacks and ddos defense mechanisms
play

A Taxonomy of DDoS Attacks and DDoS Defense Mechanisms Jelena - PowerPoint PPT Presentation

Sep 25, 2022 •196 likes •380 views

A Taxonomy of DDoS Attacks and DDoS Defense Mechanisms Jelena Mirkovic, Janice Martin & Peter Reiher Manu Shantharam & David Hadka What is DoS? DoS A type of attack wherein access to computer resource / service is denied or

  1. A Taxonomy of DDoS Attacks and DDoS Defense Mechanisms Jelena Mirkovic, Janice Martin & Peter Reiher Manu Shantharam & David Hadka

  2. What is DoS? • DoS – A type of attack wherein access to computer resource / service is denied or restricted. An example �������� ������ ������ ���� � ������

  3. What is DDoS? • DDoS – Concurrent, Coordinated DoS. An example �������� �������� ������ �������� � ������ ������ ����

  4. What facilitates DDoS? • Internet security is highly interdependent – Each host depends on the state of security in the entities it is communicating with. • Internet resources are limited – Resources are enough for only certain number of users. • Power of many is greater than power of few – Resources of attackers are more than that of the victims • No accountability – Source address spoofing

  5. DDoS Attack Strategy Recruiting, exploiting, infecting, attacking

  6. Contribution • First of its kind • Taxonomy of DDoS attacks Based on means , characteristics and effects – • Taxonomy of DDoS defense mechanisms Based on activity level , cooperation degree and location –

  7. Related Work

  8. Taxonomy of DDoS Attacks

  9. ● ● ● Taxonomy of DDoS Attacks TCP SYN CGI Request Authentication Server

  10. Taxonomy of DDoS Attacks Pulsing attack : periodic disruptions or coordinated for continual degradation

  11. Taxonomy of DDoS Defenses Preventive : eliminate or reduce impact of DDoS attacks on legitimate clients Firewalls, virus scanners, access lists, capabilities, intrusion detection, etc. Server farms

  12. Taxonomy of DDoS Defenses Reactive: detect and respond to an attack. Pattern : broken by slight variations in attack signature Anomaly : how to define thresholds? change over time?

  13. Taxonomy of DDoS Defenses Reduce the impact of the attack while minimizing impact to legitimate clients

  14. Taxonomy of DDoS Defenses e.g., firewalls Cooperate with other entities to identify and respond to attacks

  15. Taxonomy of DDoS Defenses e.g., resource accounting, protocol security mechanisms

  16. Results • Provides classification for simple DDoS attack and defense mechanisms • Better coordination among researchers • Clarify how different mechanisms work in concert

  17. Take Away • This taxonomy only identifies simple methods. More complex techniques exist. • Can the defense mechanism itself cause DoS (e.g., anomaly attack detection)? • What about unintentional DoS? Digg effect?

  18. References • Wikipedia • A Taxonomy of DDoS Attacks and DDoS Defense Mechanisms - Jelena Mirkovic, Janice Martin & Peter Reiher • An Integrated Approach for Defending Against Distributed Denial-of-Service (DDoS) Attacks - Krishan Kumar, R.C. Joshi, and Kuldip Singh

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

DDOS: DDos and DDonts DrupalCon 2016 Agenda What is DDoS Detecting DDoS Attacks

DDOS: DDos and DDonts DrupalCon 2016 Agenda What is DDoS Detecting DDoS Attacks

DDOS: DDos and DDonts DrupalCon 2016 Agenda What is DDoS Detecting DDoS Attacks DDoS Prevention Improving Performance Questions Glossary DDoS - Attempt to make a server or network resource unavailable to Internet

549 views • 30 slides
DDoS Defense Mechanisms for IXP Infrastructures Tim Dijkhuizen Lennart van Gijtenbeek

DDoS Defense Mechanisms for IXP Infrastructures Tim Dijkhuizen Lennart van Gijtenbeek

DDoS Defense Mechanisms for IXP Infrastructures Tim Dijkhuizen Lennart van Gijtenbeek Supervisor: Stavros Konstantaras (AMS-IX) SNE: Research Project II 03-07-2018 Introduction D istributed D enial o f S ervice DDoS attacks on banks in

720 views • 33 slides
Catch me if you can A cloud based DdoS defense Mikal Fourrier DDoS attacks Goal: prevent

Catch me if you can A cloud based DdoS defense Mikal Fourrier DDoS attacks Goal: prevent

Catch me if you can A cloud based DdoS defense Mikal Fourrier DDoS attacks Goal: prevent the access to a computer system to it's legitimate users. DDoS: DoS attack on the network using a lot of different source IP Why:

327 views • 16 slides
CS 110 Summer 2018 Ryan Eberhardt DDoS Attacks

CS 110 Summer 2018 Ryan Eberhardt DDoS Attacks

CS 110 Summer 2018 Ryan Eberhardt DDoS Attacks https://www.reveelium.com/en/ddos-attacks-the-cyber-boogeyman-part-i/ DDoS Attacks 1,700 Gbps!! 2015 :-/

748 views • 20 slides
.tr DDoS Attack December 2015 Attila zgit .tr ccTLD Manager Dec, 2015 .tr DDoS Attack A

.tr DDoS Attack December 2015 Attila zgit .tr ccTLD Manager Dec, 2015 .tr DDoS Attack A

.tr DDoS Attack December 2015 Attila zgit .tr ccTLD Manager Dec, 2015 .tr DDoS Attack A Summary of a 3 weeks long experience 2016-03-07 Dec 2015 DDoS Attack on .TR 2 Before DDoS q Infrequent Small scale DoS and DDos Attacks Few

606 views • 14 slides
A Guide About DDoS Attacks Understanding and anticipating DDoS Guillaume Valadon

A Guide About DDoS Attacks Understanding and anticipating DDoS Guillaume Valadon

A Guide About DDoS Attacks Understanding and anticipating DDoS Guillaume Valadon guillaume.valadon@ssi.gouv.fr RIPE 70 - May, 11 2015 ANSSI - http://www.ssi.gouv.fr/guide-ddos & https://goo.gl/UL8M1 1/12 ANSSI Created on July 7th 2009,

142 views • 12 slides
SENSS Against Volumetric DDoS Attacks Sivaram Ramanathan 1 , Jelena Mirkovic 1 , Minlan Yu 2 and

SENSS Against Volumetric DDoS Attacks Sivaram Ramanathan 1 , Jelena Mirkovic 1 , Minlan Yu 2 and

SENSS Against Volumetric DDoS Attacks Sivaram Ramanathan 1 , Jelena Mirkovic 1 , Minlan Yu 2 and Ying Zhang 3 1 University of Southern California/Information Sciences Institute 2 Harvard University 3 Facebook 1 DDoS attacks Volumetric DDoS

604 views • 56 slides
Filtering Based Techniques DDOS Attacks: Target CPU / Bandwidth for DDOS Mitigation

Filtering Based Techniques DDOS Attacks: Target CPU / Bandwidth for DDOS Mitigation

Introduction: Filtering Based Techniques DDOS Attacks: Target CPU / Bandwidth for DDOS Mitigation Attacker signals slaves to launch an attack on a specific target address (victim). Slaves then respond by Comp290: Network

275 views • 9 slides
Universal DDoS Mitigation Bypass DDoS Mitigation Lab About Us Industry body formed to foster

Universal DDoS Mitigation Bypass DDoS Mitigation Lab About Us Industry body formed to foster

Universal DDoS Mitigation Bypass DDoS Mitigation Lab About Us Industry body formed to foster synergy among stakeholders to promote advancement in DDoS defense knowledge. Independent academic R&D division of Nexusguard building next

764 views • 44 slides
Practical Verifiable In-network Filtering for DDoS Defense Deli Gong, Muoi Tran , Shweta Shinde,

Practical Verifiable In-network Filtering for DDoS Defense Deli Gong, Muoi Tran , Shweta Shinde,

Practical Verifiable In-network Filtering for DDoS Defense Deli Gong, Muoi Tran , Shweta Shinde, Hao Jin, Vyas Sekar, Prateek Saxena, Min Suk Kang July 8, 2019 | Dallas, TX Large-scale volumetric DDoS attacks are common (distributed denial of

569 views • 29 slides
Discriminating reflective DDoS attack tools at the reflector Fons Mijnen Max Grim

Discriminating reflective DDoS attack tools at the reflector Fons Mijnen Max Grim

Discriminating reflective DDoS attack tools at the reflector Fons Mijnen Max Grim fons.mijnen@os3.nl max.grim@os3.nl 2 DDoS attacks DDoS attacks are a problem internet users have faced for many years, and is still relevant today. 3 DDoS

531 views • 52 slides
COLOSSAL DDoS ATTACKS ARE THE NEW REALITY Defeating DDoS Needs a Precision Strategy Your Secure

COLOSSAL DDoS ATTACKS ARE THE NEW REALITY Defeating DDoS Needs a Precision Strategy Your Secure

COLOSSAL DDoS ATTACKS ARE THE NEW REALITY Defeating DDoS Needs a Precision Strategy Your Secure Application Services CONFIDENTIAL | DO NOT DISTRIBUTE Company 1. CONFIDENTIAL | DO NOT DISTRIBUTE Attack Tools over Time - Evolved Binary

385 views • 12 slides
Network Security CIA +Availability By Jinjian Ma Topics DOS/DDoS Detection & Defense

Network Security CIA +Availability By Jinjian Ma Topics DOS/DDoS Detection & Defense

Network Security CIA +Availability By Jinjian Ma Topics DOS/DDoS Detection & Defense Prevention DOS/DDoS Types Vulnerability attack Flooding attack DoS vs DDoS DoS: Attack is launched from single host Less

614 views • 26 slides
Modelling and simulation of a defense strategy to face indirect DDoS flooding attacks A. Furfaro,

Modelling and simulation of a defense strategy to face indirect DDoS flooding attacks A. Furfaro,

Modelling and simulation of a defense strategy to face indirect DDoS flooding attacks A. Furfaro, P. Pace, A. Parise, L. Molina Valdiviezo Universit` a della Calabria D.I.M.E.S 87036 Rende(CS) - Italy Email: a.furfaro@unical.it A. Furfaro

510 views • 18 slides
Optical-Aware DDoS Defense Matt Hall, Ramakrishnan Durairajan, Guyue (Grace) Liu, Vyas Sekar

Optical-Aware DDoS Defense Matt Hall, Ramakrishnan Durairajan, Guyue (Grace) Liu, Vyas Sekar

Optical-Aware DDoS Defense Matt Hall, Ramakrishnan Durairajan, Guyue (Grace) Liu, Vyas Sekar DDoS Attacks A persistent threat on the global Internet Working from home new online tools for collaboration New tools new attack

405 views • 9 slides
Against DDoS Attacks Wilson Rogrio Lopes LACNIC 28 / LACNOG 2017 09/2017 CDNs for DDoS

Against DDoS Attacks Wilson Rogrio Lopes LACNIC 28 / LACNOG 2017 09/2017 CDNs for DDoS

Best Practices for Using CDNs Against DDoS Attacks Wilson Rogrio Lopes LACNIC 28 / LACNOG 2017 09/2017 CDNs for DDoS Protection As your principle, CDNs distribute traffic around the world to the closest pop for client, using anycast

915 views • 11 slides
I S Is a Student Loan Crisis on the Horizon? d L C i i h H i ? Understanding Changes in

I S Is a Student Loan Crisis on the Horizon? d L C i i h H i ? Understanding Changes in

I S Is a Student Loan Crisis on the Horizon? d L C i i h H i ? Understanding Changes in the Distribution of Student Loan Debt over Time f St d t L D bt Ti Beth Akers, Matthew Chingos, and Alice Henriques Brown Center on Education

336 views • 31 slides
Annual Results Presentation For the year ended 30 June 2015 Highlights +22% +14% +15% Revenue

Annual Results Presentation For the year ended 30 June 2015 Highlights +22% +14% +15% Revenue

Annual Results Presentation For the year ended 30 June 2015 Highlights +22% +14% +15% Revenue Operating profit Normalised headline EPS FY 2015 8.4 FY 2015 1 219 FY 2015 36.1 FY 2014 29.5 FY 2014 7.4 FY 2014 1 064 R'billion

904 views • 68 slides
Credit Constraints in the Market for Consumer Durables: Evidence from Micro Data on Car Loans

Credit Constraints in the Market for Consumer Durables: Evidence from Micro Data on Car Loans

Credit Constraints in the Market for Consumer Durables: Evidence from Micro Data on Car Loans Orazio P. Attanasio, Pinelopi K. Goldberg, Ekaterini Kyriazidou (March 2007) Presented by Eirini Magames November 16, 2016 Credit Constraints in the

526 views • 29 slides
Medical Expense Trend Targets: Methodology Options Rhode Island Health Insurance Advisory Council

Medical Expense Trend Targets: Methodology Options Rhode Island Health Insurance Advisory Council

Medical Expense Trend Targets: Methodology Options Rhode Island Health Insurance Advisory Council January 17, 2012 Presentation Outline 1. Confirmation of our task 2. Refresher regarding medical expense trend and prior HIAC discussion on the

526 views • 41 slides
Computer Security Summer Scholars 2018 Matt Vander Werf HPC System Administrator Security in

Computer Security Summer Scholars 2018 Matt Vander Werf HPC System Administrator Security in

Computer Security Summer Scholars 2018 Matt Vander Werf HPC System Administrator Security in HPC HPC is especially a target for hackers and malicious acts Why? Security in HPC Prestige Computing resources Financial Gain

446 views • 30 slides
Toward threat estimation of system memory Hardware Trojans John Shield, Brad Hopkins, Chris North

Toward threat estimation of system memory Hardware Trojans John Shield, Brad Hopkins, Chris North

UNCLASSIFIED Toward threat estimation of system memory Hardware Trojans John Shield, Brad Hopkins, Chris North Redefining R&D Needs for Australian Cyber Security UNSW ACCS at ADFA, November 16 th 2015 1 UNCLASSIFIED The Australian

411 views • 9 slides
Msg*Log: Reliable Messaging for Cougaar Object Services and Consulting, Inc. Steve Ford, Craig

Msg*Log: Reliable Messaging for Cougaar Object Services and Consulting, Inc. Steve Ford, Craig

Msg*Log: Reliable Messaging for Cougaar Object Services and Consulting, Inc. Steve Ford, Craig Thompson, David Wells, Tom Bannon {ford, thompson, wells, bannon}@objs.com http://www.objs.com/ultralog Steve Ford, Craig Thompson, David Wells, Tom

387 views • 14 slides
Decentralized Cloud Storage Putting Data in the Cloud without Losing Control Introduction +

Decentralized Cloud Storage Putting Data in the Cloud without Losing Control Introduction +

Decentralized Cloud Storage Putting Data in the Cloud without Losing Control Introduction + David Vorick, CEO + Blockchain Expert + Bitcoin enthusiast since 2011 + Full time Blockchain Engineer since 2014 + Co-founded Sia in 2014 + Sia

453 views • 28 slides

More recommend