introduction to computer security
play

Introduction to Computer Security Session 2.2 Denial of Service - PowerPoint PPT Presentation

Nov 23, 2022 •684 likes •920 views

CSCI-UA.9480 Introduction to Computer Security Session 2.2 Denial of Service Prof. Nadim Kobeissi 2.2a Defining Denial of Service 2 CSCI-UA.9480: Introduction to Computer Security Nadim Kobeissi What is a Denial of Service attack? An

  1. CSCI-UA.9480 Introduction to Computer Security Session 2.2 Denial of Service Prof. Nadim Kobeissi

  2. 2.2a Defining Denial of Service 2 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

  3. What is a Denial of Service attack? An attack “where the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet.” 3 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

  4. What is a Denial of Service attack? Some resource is being starved by an adversary: Network overload? ⚫ CPU overload? ⚫ Memory overload? ⚫ 4 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

  5. What is a Denial of Service attack? Some resource is being starved by an adversary: Network overload: send too many packets. ⚫ CPU/memory overload: force the server to ⚫ carry out too many password stretching instances. Application overload: send too many ⚫ database/API requests. 5 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

  6. Examples of Denial of Service vectors. UDP flood : unlike TCP, UDP has no flow control built in. Fork bombs : :(){ :|: & };: ⚫ SYN flood: Initiate several TCP connections but ⚫ never complete (ACK) them. LAND attack: Craft a TCP packet where the ⚫ source and destination IP addresses are both equal to the victim’s IP. Malformed packets: exploit parsing errors. ⚫ 6 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

  7. Test your knowledge! Can you figure out why the following Bash command would be a “fork bomb”? :(){ :|: & };: 7 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

  8. Test your knowledge! Can you figure out why the following Bash command would be a “fork bomb”? :(){ :|: & };: Define a function called “:” Run “:”, pipe output to “:” executed in Run “;” for the first time. the background. 8 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

  9. DDoS: Distributed Denial of Service. Example: Mirai botnet (600,000+ victims): Caused serious damage to many leading ⚫ hosting providers (e.g. OVH, Dyn...) Among the highest ever recorded throughput ⚫ for DoS attacks. 9 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

  10. DDoS: Distributed Denial of Service. Example: Mirai botnet (600,000+ victims): Caused serious damage to many leading ⚫ hosting providers (e.g. OVH, Dyn...) Among the highest ever recorded throughput ⚫ for DoS attacks. 10 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

  11. DDoS: Distributed Denial of Service. Example: Mirai botnet (600,000+ victims): Caused serious damage to many leading ⚫ hosting providers (e.g. OVH, Dyn...) Among the highest ever recorded throughput ⚫ for DoS attacks. 11 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

  12. DDoS: Distributed Denial of Service. Example: Mirai botnet (600,000+ victims): Caused serious damage to many leading ⚫ hosting providers (e.g. OVH, Dyn...) Among the highest ever recorded throughput ⚫ for DoS attacks. 12 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

  13. DDoS: Mirai botnet device composition. 13 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

  14. DDoS: Mirai botnet device composition. 14 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

  15. DDoS: Mirai botnet victims. 15 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

  16. Examples of other botnets. Srizbi botnet : responsible for most of the ⚫ spam in the world at some point. Carna botnet : used for estimating the size of ⚫ the Internet. 16 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

  17. Another example: “Project Chanology” Instead of a slide, at this point in the class we will watch this short documentary on Project Chanology: https://www.youtube.com/watch?v=vRb6L7SCSro 17 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

  18. 2.2b Mitigating Denial of Service Attacks 18 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

  19. Basic defenses against Denial of Service. Firewalls, switches, and routers at ingress points of a network that use packet filtering. Build models of normal and abnormal behavior ⚫ and flag abnormal behavior. Intrusion detection systems that look for attack ⚫ signatures or abnormally high rates of traffic or both. CAPTCHAs to ensure that a human and not a ⚫ bot is carrying out the request. 19 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

  20. Basic defenses against Denial of Service. CAPTCHAs to ensure that a human and not a bot is carrying out the request. Proof of work: request hashes, etc. ⚫ 20 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

  21. Content Delivery Networks: CloudFlare. 21 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

  22. Content Delivery Networks (CDNs). Akamai, CloudFlare, Amazon CloudFront, Microsoft Azure… Concerns regarding centralizing of Internet ⚫ traffic (i.e. man-in-the-middle capabilities). Questions w.r.t. freedom of expression ⚫ online: 22 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

  23. Next time: 2.3 Designing Secure Network Systems 23 CSCI-UA.9480: Introduction to Computer Security – Nadim Kobeissi

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Introduction to Computer Security Rev. Sept 2015 What is Computer Security? 2 Computer

Introduction to Computer Security Rev. Sept 2015 What is Computer Security? 2 Computer

Introduction to Computer Security Rev. Sept 2015 What is Computer Security? 2 Computer Security is the protection of computing systems and the data that they store or access 3 Why is Computer Security Important? Computer Security allows

690 views • 19 slides
Introduction to Computer Security Why do we need computer security? What are our goals and

Introduction to Computer Security Why do we need computer security? What are our goals and

Introduction to Computer Security Why do we need computer security? What are our goals and what threatens them? Lecture 1 Page 1 CS 236 Online Why Is Security Necessary? Because people arent always nice Because a lot of

415 views • 25 slides
Introduction Attacks Security Goals Fall 2010 CS 334 Computer Security 1 What is Computer

Introduction Attacks Security Goals Fall 2010 CS 334 Computer Security 1 What is Computer

Introduction Attacks Security Goals Fall 2010 CS 334 Computer Security 1 What is Computer Security? Generally concerned with protection of computer related assets Risk analysis and management! Manage could mean prevention of

537 views • 26 slides
Outline The web from a security perspective CSci 5271 Introduction to Computer Security SQL

Outline The web from a security perspective CSci 5271 Introduction to Computer Security SQL

Outline The web from a security perspective CSci 5271 Introduction to Computer Security SQL injection Web security, part 1 Announcements intermission Stephen McCamant University of Minnesota, Computer Science & Engineering Web

522 views • 5 slides
Outline Usability and security CSci 5271 Introduction to Computer Security Announcements

Outline Usability and security CSci 5271 Introduction to Computer Security Announcements

Outline Usability and security CSci 5271 Introduction to Computer Security Announcements intermission Day 24: Usability and security Stephen McCamant Usable security example areas University of Minnesota, Computer Science & Engineering

219 views • 5 slides
Outline Usability and security CSci 5271 Introduction to Computer Security Announcements

Outline Usability and security CSci 5271 Introduction to Computer Security Announcements

Outline Usability and security CSci 5271 Introduction to Computer Security Announcements intermission Day 25: Usability and security Stephen McCamant Usable security example areas University of Minnesota, Computer Science & Engineering

419 views • 4 slides
Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn

Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn

Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn Black J CSCI 6268/TLEN 5831, Fall 2004 Introduction UC Davis PhD in 2000 Cryptography Interested in broader security as well

492 views • 12 slides
CSCI 8260 Spring 2016 Computer and Networks Security INTRODUCTION 1 Research in Computer

CSCI 8260 Spring 2016 Computer and Networks Security INTRODUCTION 1 Research in Computer

CSCI 8260 Spring 2016 Computer and Networks Security INTRODUCTION 1 Research in Computer Security Studies in what ways security mechanisms may fail Can we gain access to a computer system without authorizaDon? Can we compromise

986 views • 84 slides
Outline CSci 5271 Big-Picture Introduction Introduction to Computer Security Day 1:

Outline CSci 5271 Big-Picture Introduction Introduction to Computer Security Day 1:

Outline CSci 5271 Big-Picture Introduction Introduction to Computer Security Day 1: Introduction and Logistics Course Logistics Stephen McCamant University of Minnesota, Computer Science & Engineering What is computer security? Two

362 views • 7 slides
Outline Brief introduction to networking CSci 5271 Introduction to Computer Security

Outline Brief introduction to networking CSci 5271 Introduction to Computer Security

Outline Brief introduction to networking CSci 5271 Introduction to Computer Security Announcements intermission Day 13: Network, etc., security overview Some classic network attacks Stephen McCamant University of Minnesota, Computer Science

504 views • 5 slides
Introduction to Computer Security Formal Security Models Pavel Laskov Wilhelm Schickard

Introduction to Computer Security Formal Security Models Pavel Laskov Wilhelm Schickard

Introduction to Computer Security Formal Security Models Pavel Laskov Wilhelm Schickard Institute for Computer Science Security instruments learned so far Symmetric and asymmetric cryptography confidentiality, integrity, non-repudiation

319 views • 29 slides
Outline Security risk and management Some terminology CSci 5271 Introduction to Computer

Outline Security risk and management Some terminology CSci 5271 Introduction to Computer

Outline Security risk and management Some terminology CSci 5271 Introduction to Computer Security Logistics intermission Day 2: Intro to Software and OS Security Example security failures Stephen McCamant University of Minnesota, Computer

608 views • 8 slides
Outline Security risk and management Some terminology CSci 5271 Introduction to Computer

Outline Security risk and management Some terminology CSci 5271 Introduction to Computer

Outline Security risk and management Some terminology CSci 5271 Introduction to Computer Security Logistics intermission Day 2: Intro to Software and OS Security Example security failures Stephen McCamant University of Minnesota, Computer

395 views • 7 slides
INTRODUCTION COMPUTER & NETWORK SECURITY CMSC 414 JAN 25 2018 TODAY What is

INTRODUCTION COMPUTER & NETWORK SECURITY CMSC 414 JAN 25 2018 TODAY What is

INTRODUCTION COMPUTER & NETWORK SECURITY CMSC 414 JAN 25 2018 TODAY What is security? Why is it so hard to achieve? Administrative The security mindset Analyzing a systems security 1. Summarize the system 2.

801 views • 43 slides
INTRODUCTION cf. Schneider, Chapter 1 INTRODUCTION THEY ARE OUT TO GET YOU INTRODUCTION WHAT

INTRODUCTION cf. Schneider, Chapter 1 INTRODUCTION THEY ARE OUT TO GET YOU INTRODUCTION WHAT

ADVANCED COMPUTER SECURITY INTRODUCTION cf. Schneider, Chapter 1 INTRODUCTION THEY ARE OUT TO GET YOU INTRODUCTION WHAT IS SECURITY? A systems security policies describe What the system is supposed to do Store and provide access

479 views • 16 slides
Introduction to Computing Principles

Introduction to Computing Principles

Introduction to Computing Principles Computer Safe Computer Security Attacks Practices What is Computer Security? Computer Security, also known as cybersecurity or IT

974 views • 63 slides
Denial of Service attacks Markus Peuhkuri 2005-04-12 Lecture topics Types of denial of service

Denial of Service attacks Markus Peuhkuri 2005-04-12 Lecture topics Types of denial of service

Denial of Service attacks Markus Peuhkuri 2005-04-12 Lecture topics Types of denial of service How to mitigate attacks How to find out senders What is Denial of Service

542 views • 8 slides
DDoS Last Class Fault tolerance Concurrency Naming This Class Networking How

DDoS Last Class Fault tolerance Concurrency Naming This Class Networking How

DDoS Last Class Fault tolerance Concurrency Naming This Class Networking How DDoS works UDP Data Client Server Response TCP DDoS Distributed denial-of-service attack Attacker targets a victim from a number of

356 views • 22 slides
Denial of Service Denial of Service An attack designed to disrupt or completely deny

Denial of Service Denial of Service An attack designed to disrupt or completely deny

1 Denial of Service Denial of Service An attack designed to disrupt or completely deny legitimate users access to network, servers, services, or other resources Two basic favors: Target resource starvation Network

430 views • 19 slides
Mitigating IoT Device Based DDoS Attacks Using Blockchain Uzair Javaid, Ang Kiang Siang, Muhammad

Mitigating IoT Device Based DDoS Attacks Using Blockchain Uzair Javaid, Ang Kiang Siang, Muhammad

Mitigating IoT Device Based DDoS Attacks Using Blockchain Uzair Javaid, Ang Kiang Siang, Muhammad Naveed Aman, Biplab Sikdar by Uzair Javaid National University of Singapore, Singapore Cryblock , MobiSys 18, Munich, Germany Dated: June 15,

404 views • 15 slides
Class Freeware, Open Source, and Free Software There is a difference, who knew? Not otes

Class Freeware, Open Source, and Free Software There is a difference, who knew? Not otes

Class Freeware, Open Source, and Free Software There is a difference, who knew? Not otes Homework graded Im SORRY Homework 4&5: no homework this week Midterms How was it? Honestly Random, mostly unrelated

438 views • 24 slides
Citizenship in EU Closer connection to classical origins; not so (obviously) dependent on

Citizenship in EU Closer connection to classical origins; not so (obviously) dependent on

Citizenship in EU Closer connection to classical origins; not so (obviously) dependent on modern state More self-confident discourse from European institutions (especially since Maastricht -1992 and formal introduction of legal

562 views • 12 slides
T E X Live Utility Presented by : Adam R. Maxwell TUG 2014 Annual Meeting Portland, OR

T E X Live Utility Presented by : Adam R. Maxwell TUG 2014 Annual Meeting Portland, OR

T E X Live Utility Presented by : Adam R. Maxwell TUG 2014 Annual Meeting Portland, OR Outline History Goals of the software Features and description Problems Future development Architecture History

460 views • 24 slides
emigration Hilary Term 2015 Week 1 - An introduction Evelyn Ersanilli Sarah Garding 03

emigration Hilary Term 2015 Week 1 - An introduction Evelyn Ersanilli Sarah Garding 03

Citizenship in the context of immigration and emigration Hilary Term 2015 Week 1 - An introduction Evelyn Ersanilli Sarah Garding 03 January 2016 Speaker name 1 Defining citizenship .. a comprehensive account must distinguish between at

918 views • 9 slides

More recommend