Professional Documents
Culture Documents
ne t
Figure: 1 At this point, the attacker issues commands to the handler that in turn controls the agents and the agents then act as the solider that attacks the target. Of ten the agents are unsuspecting computers that may be inf ected with malware. Of course, denial of service attacks also are executed by a single entity by taking advantage of vulnerabilities within program f laws, specif ically in the areas of resource starvation and buf f er overf lows (Northcutt, 2007). At the end of the day, the threat of a DoS or DDoS is real and to reduce these threats the next steps are detecting and mitigating the threat. Keeping in mind these steps, I selected three research papers f ocus on detection and prevention in order to reduce the risk surrounding denial of service attacks. T he key f actor is to remember that risks cannot entirely be removed, but these same risks can be mitigated to an acceptable level with everyone involved.
Attacks in History
To put into perspective all one has to do is turn attention back in time to 2007 when Estonia f eel victim to a DoS attack. What propagated the attack was the action that the Estonian citizens relocated a Soviet war memorial f rom the city of Tallinn. At the time, Estonians believed that the Russian government was behind the attack however, the Russian government denied all involvement. T he other widely adopted believe was that hackers who sympathized with the Russians where behind the attack and this included China. T his DoS attack was viewed as a cyberwar between Russia and Estonia and because of this; both organizations and countries alike took notice of the importance of cybersecurity.
Figure: 2 When it comes to password attacks, the hacker community has a vast arsenal at their disposal whereas security measures typically are limited or as they evolve, they of ten f all victim to an attack. T he reality is DoS attacks will likely always be reactive but this does not mean that proactive measures should not be implemented. A password by def inition means a word or phrase that is unknown to others than the intended party. However, the reality is passwords are weak and easily guessed or even cracked as f igure 2 represents they typical length of a password. Because of this f act, Goyal et al. (2006) propose a measure that will prevent dictionary attacks by shrinking the attack window, which in turn will require the hacker to rethink the attack. T he core of this idea is the protocol initiates a f our-pass transmission where the f inal two passes involve a computation that is negotiated between the server and the client. To put passwords into perspective when it comes to DoS attacks it is important to understand that while typically attacks are carries out on tiers three and f our, it is entirely f easible to also attack tier two via the password vulnerability. Case in point, Cisco (2005) released an advisory that outlined their Application and Content Networking System (ACNS) sof tware could f all victim to a DoS attack by exploiting the def ault password used f or administrative accounts.
area of web services. In reality there has been a great deal of both solutions provided in the def ense of DoS attacks which include anomaly detection, IP tracing, and f iltering packets and the area of DoS is constantly evolving (Yu, Fang, Lu, and Li, 2010). When it all comes down to reducing the threat the obvious answer resides in the area of trust management, in other words know your user base and establish strong boundaries of network usage. Yu et al. (2010) also present the use of a license management server, which would serve out a license to authorized users, and without the license at the client, all network communications sent to the receiver would be ignored. T he idea here of mitigating the DoS attacks is both lightweight and f easible to the degree that interested parties could quickly and easily adopt a def ensive posture against DoS attacks.
Conclusion
At this point, it should be clear that DoS attacks are not overly complicated to both def end and attack. Ref erencing f igure 3 it is clear that DoS can af f ect each tier of the OSI model.
Figure: 3 What makes DoS dif f icult to def end are the f acts that it is of ten dif f icult to distinguish between legitimate traf f ic and the f act that all sof tware contains def ects that can be exploited. While DoS is dif f icult to def end, it is not impossible. Actions such as reviewing network inf rastructure against the National Institute of Standards and Technology (NIST ) standards and load testing the network will both assist in f inding vulnerabilities and understanding at what stress point the network will break under a given load. Monitoring is also extremely important theref or an Intrusion Detection System (IDS) or Intrusion Prevention System (IPS) will assist immensely in protecting the network. Of course, the single most important aspect is to have an
established policy and procedure that outlines the course of action taken bef ore, during, and af ter the attack. If the network is a victim of an attack, as soon as possible the Internet Service Provider (ISP), Inf ormation Security (IS) personnel, and the appropriate law enf orcement agency must all be alerted.
References
Goyal, V., Kumar, V., Singh, M., Abraham, A., & Sanyal, S. (2006). A new protocol to counter online dictionary attacks. Computers & Security, 25(2), 114-120. doi:10.1016/j.cose.2005.09.003 Cisco. (2005). ACNS Denial of Service and Def ault Admin Password Vulnerabilities. Cisco Security Advisory. Retrieved f rom http://tools.cisco.com Northcutt, S. (2007). Security Laboratory: Methods of Attack Series. SANS Technology Institute. Retrieved f rom http://www.sans.edu Shah, D., Mangal, A., Agarwal, M., Mehra, M., & Patel, D. (2010). Mitigating DoS using handlers f or Global SOA. Journal of Algorithms & Computational Technology, 4(4), 381-394. Retrieved f rom http://www.multi-science.co.uk/ Ying, X., Incheol, S., T hai, M. T., & Taieb, Z . (2010). Detecting application denial-of -service attacks: A group-testing-based approach. IEEE Transactions On Parallel & Distributed Systems, 21(8), 12031216. doi:10.1109/T PDS.2009.147 Yu, J. J., Fang, C. C., Lu, L. L., & Li, Z . Z . (2010). Mitigating application layer distributed denial of service attacks via ef f ective trust management. IET Communications, 4(16), 1952-1962. doi:10.1049/iet-com.2009.0809 Highly motivated inf ormation technology prof essional with 16+ years of experience. Working as a sof tware engineer Steven develops and maintains web based sof tware solutions. As a skilled prof essional he is f ocused on the design and creation of sof tware. Because communication skills are extremely important Steven continues to expand his knowledge in order to communicate clearly with all f acets of business. Recently Steven has been leading ef f orts to standardize sof tware development tools and technology, plans and coordinates web accessibility as applied to IT Solutions, and he is tackling application security in terms of best practices and implementation of the Security Development Lif e-cycle.