Abstract image of a woman sitting on books and studying on a laptop

Adarsh-PPT-FCF-12-thm.ppt

Download as PPT, PDF
F
Fridha2

This document discusses denial of service (DoS) attacks. It provides a brief history of DoS attacks, including the Morris Worm in 1988 and the SQL Slammer worm in 2003. These early attacks demonstrated how rapidly DoS malware could spread through networks and bring infrastructure to a halt. The document outlines different types of DoS attacks such as penetration tests, eavesdropping, man-in-the-middle attacks, and flooding. Common targets today and defenses against DoS attacks like firewalls and routers are also mentioned. The conclusion discusses how international boundaries complicate law enforcement against DoS attackers and how future attacks may aim to broadly destabilize networks rather than target specific sites.

Education
1 of 22
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
DOS ATTACKS BY – ADARSH SHUKLA
Adarsh-PPT-FCF-12-thm.ppt
OUTLINE • “DoS Attacks” – What Is • History • Types of Attacks • Main targets today • How to Defend • Conclusion
WHAT IS “DOS ATTACK” Denial-Of-Service Attack = DOS Attack is a malicious attempt by a single person or a group of people to cause the victim, site or node to deny service to it customers. • DoS = when a single host attacks • DDoS = when multiple hosts attack simultaneously
DENIAL OF SERVICE ATTACKS DENIAL-OF-SERVICE (DOS) ATTACK IS AN ATTEMPT BY ATTACKER TO PREVENT LEGITIMATE USERS FROM USING RESOURCES DENIAL-OF-SERVICE DENIES A VICTIM (HOST, ROUTER, OR ENTIRE NETWORK) FROM PROVIDING OR RECEIVING NORMAL SERVICES
ATTACK SIZE IN GBITS-PER- SECOND
IDEA OF “DOS ATTACKS” • Purpose is to shut down a site, not penetrate it. • Purpose may be vandalism, extortion or social action (including terrorism) (Sports betting sites often extorted) • Modification of internal data, change of programs (Includes defacement of web sites)
HISTORY Morris Worm (November 2, 1988) • First DDoS attack to cripple large amounts of network infrastructure • Self-replicating, self-propagating. • Exploited software commonality (monoculture) 1. Fingerd buffer overflow exploit 2. Sendmail root vulnerability 3. Weak passwords
HISTORY Morris Worm effect • Infected systems became “catatonic” • Took roughly three days to come under control • Ultimately infected 10% of Internet computers (6,000) and cost $ million to clean up. • Morris convicted under computer fraud and abuse act, three years probation, fine of $10,000
HISTORY SQL Slammer (January, 25 2003) • Exploited common software (Microsoft SQL Server) as well as hardware (Intel x86), spread rapidly in a distinct monoculture. • Non-destructive. Modified no data on infected system • Extremely simple in construction (376 bytes) • Devastating: 1. 120,000 computers infected at peak (1/26/2003) 2. Exhausted network bandwidth 3. Crashed network infrastructure (multicast state creation) 4. Shut down communication (fire-fighting) capability
HISTORY SQL Slammer effect • Extremely Virulent • Caused economic damage outside of IT infrastructure (multiple ATM outages) • Original perpetrators have never been identified or brought to justice
TYPES OF DOS ATTACKS
Adarsh-PPT-FCF-12-thm.ppt
TYPES OF DOS ATTACKS • Penetration • Eavesdropping • Man-In-The-Middle • Flooding
TYPES OF DOS ATTACKS Penetration • Attacker gets inside your machine • Can take over machine and do whatever he wants • Achieves entry via software flaw(s), stolen passwords or insider access
TYPES OF DOS ATTACKS Eavesdropping • Attacker gains access to same network • Listens to traffic going in and out of your machine
TYPES OF DOS ATTACKS Man-in-the-Middle • Attacker listens to output and controls output • Can substitute messages in both directions
TYPES OF DOS ATTACKS Flooding • Attacker sends an overwhelming number of messages at your machine; great congestion • The congestion may occur in the path before your machine • Messages from legitimate users are crowded out • Usually called a Denial of Service (DoS) attack, because that’s the effect. • Usually involves a large number of machines, hence Distributed Denial of Service (DDoS) attack
MAIN TARGETS
HOW TO DEFEND • Firewalls - can effectively prevent users from launching simple flooding type attacks from machines behind the firewall. • Switches - Some switches provide automatic and/or system- wide rate limiting, traffic shaping, delayed binding to detect and remediate denial of service attacks • Routers - If you add rules to take flow statistics out of the router during the DoS attacks, they further slow down and complicate the matter • DDS based defense • Clean pipes
CONCLUSION • Role of international boundaries - consoles located across international borders, law-enforcement problem • In the past, as the present, DDoS has been more a nuisance activity conducted by cyber vandals than an activity with specific socioeconomic aims • In the future, DDoS may be used as a disruptive force, with broad destabilization as its aim instead of the targeting of specific targets • Destabilization has a high (ROI) Return On Investment when compared to targeted attacks
QUESTIONS? People are talking about the Internet as though it is going to change the world. It's not going to change the world. It's not going to change the way we think, and it's not going to change the way we feel. Adarsh Shukla

More Related Content

PPT
Denail of Service
Ramasubbu .P
 
PPTX
Denial of service
garishma bhatia
 
PPT
Port scanning
Hemanth Pasumarthi
 
PPTX
Intrusion detection system
AAKASH S
 
PPTX
DDoS - Distributed Denial of Service
Er. Shiva K. Shrestha
 
PPTX
Destributed denial of service attack ppt
OECLIB Odisha Electronics Control Library
 
PDF
Analysing Ransomware
Napier University
 
PDF
Nmap
Fat-Thing Gabriel-Culley
 
Denail of Service
Ramasubbu .P
 
Denial of service
garishma bhatia
 
Port scanning
Hemanth Pasumarthi
 
Intrusion detection system
AAKASH S
 
DDoS - Distributed Denial of Service
Er. Shiva K. Shrestha
 
Destributed denial of service attack ppt
OECLIB Odisha Electronics Control Library
 
Analysing Ransomware
Napier University
 
Nmap
Fat-Thing Gabriel-Culley
 

What's hot (20)

PPTX
Threat hunting and achieving security maturity
DNIF
 
PPT
Intrusion Detection System
Mohit Belwal
 
PDF
Virtual honeypot
Elham Hormozi
 
PPT
Ransomware - The Growing Threat
Nick Miller
 
PDF
Tools kali
ketban0702
 
PPTX
Intrusion detection system
Roshan Ranabhat
 
PPTX
Honeypot
Shashwat Shriparv
 
PPT
Virus and Malicious Code Chapter 5
AfiqEfendy Zaen
 
PDF
Ossec - Host Based Saldırı Tespit Sistemi
BilgiO A.S / Linux Akademi
 
PPTX
Apparmor
n|u - The Open Security Community
 
PPTX
HONEYPOTS: Definition, working, advantages, disadvantages
amit kumar
 
PDF
Introduction IDS
Hitesh Mohapatra
 
PDF
VULNERABILITY ( CYBER SECURITY )
Kashyap Mandaliya
 
PDF
Nessus Software
Megha Sahu
 
PPTX
Windows firewall
VC Infotech
 
PPTX
Introduction to IDS & IPS - Part 1
whitehat 'People'
 
PPTX
Web application attacks
hruth
 
PPTX
Network scanning
oceanofwebs
 
PPTX
Computer Security risks Shelly
Adeel Khurram
 
PPTX
Malware Analysis 101 - N00b to Ninja in 60 Minutes at BSidesLV on August 5, ...
grecsl
 
Threat hunting and achieving security maturity
DNIF
 
Intrusion Detection System
Mohit Belwal
 
Virtual honeypot
Elham Hormozi
 
Ransomware - The Growing Threat
Nick Miller
 
Tools kali
ketban0702
 
Intrusion detection system
Roshan Ranabhat
 
Honeypot
Shashwat Shriparv
 
Virus and Malicious Code Chapter 5
AfiqEfendy Zaen
 
Ossec - Host Based Saldırı Tespit Sistemi
BilgiO A.S / Linux Akademi
 
Apparmor
n|u - The Open Security Community
 
HONEYPOTS: Definition, working, advantages, disadvantages
amit kumar
 
Introduction IDS
Hitesh Mohapatra
 
VULNERABILITY ( CYBER SECURITY )
Kashyap Mandaliya
 
Nessus Software
Megha Sahu
 
Windows firewall
VC Infotech
 
Introduction to IDS & IPS - Part 1
whitehat 'People'
 
Web application attacks
hruth
 
Network scanning
oceanofwebs
 
Computer Security risks Shelly
Adeel Khurram
 
Malware Analysis 101 - N00b to Ninja in 60 Minutes at BSidesLV on August 5, ...
grecsl
 
Ad

Similar to Adarsh-PPT-FCF-12-thm.ppt (20)

PDF
types and DOS attack & basics of denial of service.pdf
jayaprasanna10
 
PPTX
Basics of Denial of Service Attacks
Hansa Nidushan
 
PPTX
basicsofdenialofservice-160223110554.pptx
Samir476183
 
PPT
DDOS Attack
Ahmed Salama
 
PPT
Aleksei zaitchenkov slides about DOS Attacks
Dipesh Karade
 
PPTX
Denial of service attack
Ahmed Ghazey
 
PPT
D dos attack
HarshitParkar6677
 
PPTX
Security risks
missstevenson01
 
PPTX
Distributed denial-of-service (DDoS) attack || Seminar Report @ gestyy.com/...
Suhail Khan
 
PDF
Computer Security Cyber Security DOS_DDOS Attacks By: Professor Lili Saghafi
Professor Lili Saghafi
 
PDF
denialofservice.pdfdos attacck basic details with interactive design
perfetbyedshareen
 
PPTX
Dos attack
Suraj Swarnakar
 
PPTX
DDOS ATTACK Presentation .PPT file.pptx
arjunprajapati06546
 
PPTX
DDoS.pptx
PraveenKumarPatel9
 
PPTX
Cyber security & ethical hacking 10
Shekh Md Mehedi Hasan
 
DOCX
DoS (Denial of Service) Attack Tutorial Ping of Death, DDOS Wha.docx
madlynplamondon
 
PDF
DoS Attack vs DDoS Attack_ The Silent Wars of the Internet.pdf
CyberPro Magazine
 
PPTX
Denial of service attack
Kaustubh Padwad
 
PDF
CYBER SECURITY PRESENTATION BY G VAISHNAVI.pdf
vaishnavig1212006
 
PDF
cloud computing final year project
Ameya Vashishth
 
types and DOS attack & basics of denial of service.pdf
jayaprasanna10
 
Basics of Denial of Service Attacks
Hansa Nidushan
 
basicsofdenialofservice-160223110554.pptx
Samir476183
 
DDOS Attack
Ahmed Salama
 
Aleksei zaitchenkov slides about DOS Attacks
Dipesh Karade
 
Denial of service attack
Ahmed Ghazey
 
D dos attack
HarshitParkar6677
 
Security risks
missstevenson01
 
Distributed denial-of-service (DDoS) attack || Seminar Report @ gestyy.com/...
Suhail Khan
 
Computer Security Cyber Security DOS_DDOS Attacks By: Professor Lili Saghafi
Professor Lili Saghafi
 
denialofservice.pdfdos attacck basic details with interactive design
perfetbyedshareen
 
Dos attack
Suraj Swarnakar
 
DDOS ATTACK Presentation .PPT file.pptx
arjunprajapati06546
 
DDoS.pptx
PraveenKumarPatel9
 
Cyber security & ethical hacking 10
Shekh Md Mehedi Hasan
 
DoS (Denial of Service) Attack Tutorial Ping of Death, DDOS Wha.docx
madlynplamondon
 
DoS Attack vs DDoS Attack_ The Silent Wars of the Internet.pdf
CyberPro Magazine
 
Denial of service attack
Kaustubh Padwad
 
CYBER SECURITY PRESENTATION BY G VAISHNAVI.pdf
vaishnavig1212006
 
cloud computing final year project
Ameya Vashishth
 
Ad

Recently uploaded (20)

PPTX
Unit 4 Computer Architecture Multicore Processor.pptx
Gunasundari Selvaraj
 
PDF
Paper A Mock Exam 9_ Attempt review.pdf.
SameeraNaveed2
 
PPTX
History, Philosophy and sociology of education (1).pptx
tmdth1
 
PPTX
Introduction to pro and eukaryotes and differences.pptx
AvaniKarumathil
 
PPTX
Computer Architecture Input Output Memory.pptx
Gunasundari Selvaraj
 
PPTX
CHAPTER IV. MAN AND BIOSPHERE AND ITS TOTALITY.pptx
greciamaycalambro
 
PDF
medical_surgical_nursing_10th_edition_ignatavicius_TEST_BANK_pdf.pdf
victor kamau
 
PDF
Environmental Education MCQ BD2EE - Share Source.pdf
Dr Raja Mohammed T
 
PDF
Complications of Minimal Access-Surgery.pdf
Laparoscopy Hospital
 
PDF
Vision Prelims GS PYQ Analysis 2011-2022 www.upscpdf.com.pdf
navneetgupta711851
 
PDF
Uderstanding digital marketing and marketing stratergie for engaging the digi...
afreenpeshmam
 
PPTX
Share_Module_2_Power_conflict_and_negotiation.pptx
Lavanyaj33
 
PPTX
Chinmaya Tiranga Azadi Quiz (Class 7-8 )
Nitin Suresh
 
PPTX
Virtual and Augmented Reality in Current Scenario
Shruti Dalela
 
PDF
My India Quiz Book_20210205121199924.pdf
AtandraDey2
 
DOCX
Cambridge-Practice-Tests-for-IELTS-12.docx
ssuser0d93ff
 
PDF
CISA (Certified Information Systems Auditor) Domain-Wise Summary.pdf
infosecTrain
 
DOC
Soft-furnishing-By-Architect-A.F.M.Mohiuddin-Akhand.doc
ArchitectAFMMohiuddi
 
PPTX
ELIAS-SEZIURE AND EPilepsy semmioan session.pptx
eyoba2172
 
PPTX
202450812 BayCHI UCSC-SV 20250812 v17.pptx
home
 
Unit 4 Computer Architecture Multicore Processor.pptx
Gunasundari Selvaraj
 
Paper A Mock Exam 9_ Attempt review.pdf.
SameeraNaveed2
 
History, Philosophy and sociology of education (1).pptx
tmdth1
 
Introduction to pro and eukaryotes and differences.pptx
AvaniKarumathil
 
Computer Architecture Input Output Memory.pptx
Gunasundari Selvaraj
 
CHAPTER IV. MAN AND BIOSPHERE AND ITS TOTALITY.pptx
greciamaycalambro
 
medical_surgical_nursing_10th_edition_ignatavicius_TEST_BANK_pdf.pdf
victor kamau
 
Environmental Education MCQ BD2EE - Share Source.pdf
Dr Raja Mohammed T
 
Complications of Minimal Access-Surgery.pdf
Laparoscopy Hospital
 
Vision Prelims GS PYQ Analysis 2011-2022 www.upscpdf.com.pdf
navneetgupta711851
 
Uderstanding digital marketing and marketing stratergie for engaging the digi...
afreenpeshmam
 
Share_Module_2_Power_conflict_and_negotiation.pptx
Lavanyaj33
 
Chinmaya Tiranga Azadi Quiz (Class 7-8 )
Nitin Suresh
 
Virtual and Augmented Reality in Current Scenario
Shruti Dalela
 
My India Quiz Book_20210205121199924.pdf
AtandraDey2
 
Cambridge-Practice-Tests-for-IELTS-12.docx
ssuser0d93ff
 
CISA (Certified Information Systems Auditor) Domain-Wise Summary.pdf
infosecTrain
 
Soft-furnishing-By-Architect-A.F.M.Mohiuddin-Akhand.doc
ArchitectAFMMohiuddi
 
ELIAS-SEZIURE AND EPilepsy semmioan session.pptx
eyoba2172
 
202450812 BayCHI UCSC-SV 20250812 v17.pptx
home
 

Adarsh-PPT-FCF-12-thm.ppt

  • 3. OUTLINE • “DoS Attacks” – What Is • History • Types of Attacks • Main targets today • How to Defend • Conclusion
  • 4. WHAT IS “DOS ATTACK” Denial-Of-Service Attack = DOS Attack is a malicious attempt by a single person or a group of people to cause the victim, site or node to deny service to it customers. • DoS = when a single host attacks • DDoS = when multiple hosts attack simultaneously
  • 5. DENIAL OF SERVICE ATTACKS DENIAL-OF-SERVICE (DOS) ATTACK IS AN ATTEMPT BY ATTACKER TO PREVENT LEGITIMATE USERS FROM USING RESOURCES DENIAL-OF-SERVICE DENIES A VICTIM (HOST, ROUTER, OR ENTIRE NETWORK) FROM PROVIDING OR RECEIVING NORMAL SERVICES
  • 6. ATTACK SIZE IN GBITS-PER- SECOND
  • 7. IDEA OF “DOS ATTACKS” • Purpose is to shut down a site, not penetrate it. • Purpose may be vandalism, extortion or social action (including terrorism) (Sports betting sites often extorted) • Modification of internal data, change of programs (Includes defacement of web sites)
  • 8. HISTORY Morris Worm (November 2, 1988) • First DDoS attack to cripple large amounts of network infrastructure • Self-replicating, self-propagating. • Exploited software commonality (monoculture) 1. Fingerd buffer overflow exploit 2. Sendmail root vulnerability 3. Weak passwords
  • 9. HISTORY Morris Worm effect • Infected systems became “catatonic” • Took roughly three days to come under control • Ultimately infected 10% of Internet computers (6,000) and cost $ million to clean up. • Morris convicted under computer fraud and abuse act, three years probation, fine of $10,000
  • 10. HISTORY SQL Slammer (January, 25 2003) • Exploited common software (Microsoft SQL Server) as well as hardware (Intel x86), spread rapidly in a distinct monoculture. • Non-destructive. Modified no data on infected system • Extremely simple in construction (376 bytes) • Devastating: 1. 120,000 computers infected at peak (1/26/2003) 2. Exhausted network bandwidth 3. Crashed network infrastructure (multicast state creation) 4. Shut down communication (fire-fighting) capability
  • 11. HISTORY SQL Slammer effect • Extremely Virulent • Caused economic damage outside of IT infrastructure (multiple ATM outages) • Original perpetrators have never been identified or brought to justice
  • 12. TYPES OF DOS ATTACKS
  • 14. TYPES OF DOS ATTACKS • Penetration • Eavesdropping • Man-In-The-Middle • Flooding
  • 15. TYPES OF DOS ATTACKS Penetration • Attacker gets inside your machine • Can take over machine and do whatever he wants • Achieves entry via software flaw(s), stolen passwords or insider access
  • 16. TYPES OF DOS ATTACKS Eavesdropping • Attacker gains access to same network • Listens to traffic going in and out of your machine
  • 17. TYPES OF DOS ATTACKS Man-in-the-Middle • Attacker listens to output and controls output • Can substitute messages in both directions
  • 18. TYPES OF DOS ATTACKS Flooding • Attacker sends an overwhelming number of messages at your machine; great congestion • The congestion may occur in the path before your machine • Messages from legitimate users are crowded out • Usually called a Denial of Service (DoS) attack, because that’s the effect. • Usually involves a large number of machines, hence Distributed Denial of Service (DDoS) attack
  • 20. HOW TO DEFEND • Firewalls - can effectively prevent users from launching simple flooding type attacks from machines behind the firewall. • Switches - Some switches provide automatic and/or system- wide rate limiting, traffic shaping, delayed binding to detect and remediate denial of service attacks • Routers - If you add rules to take flow statistics out of the router during the DoS attacks, they further slow down and complicate the matter • DDS based defense • Clean pipes
  • 21. CONCLUSION • Role of international boundaries - consoles located across international borders, law-enforcement problem • In the past, as the present, DDoS has been more a nuisance activity conducted by cyber vandals than an activity with specific socioeconomic aims • In the future, DDoS may be used as a disruptive force, with broad destabilization as its aim instead of the targeting of specific targets • Destabilization has a high (ROI) Return On Investment when compared to targeted attacks
  • 22. QUESTIONS? People are talking about the Internet as though it is going to change the world. It's not going to change the world. It's not going to change the way we think, and it's not going to change the way we feel. Adarsh Shukla