Difference between revisions of "Denial of Service Attacks"
| Line 12: | Line 12: | ||
Denial of Service or Dos attacks aim to prevent that legitimate users access the comprised component. Due to Cisco, is the Dos Attack one of the seven most common types of cyber-attacks [1]. The reasons of the attacker can have many backgrounds. The Attack can am to cause facial loss to the attacked company by bringing the company website down. For example, in 2015 the by the time biggest DDos attack with 1,35 Tbps rained down on Github and put it off the line for 15 minutes [2]. There can also be a political reason, like in July 2008 where Georgian President Mikheil Saakashvili’s webpage was targeted by a DDos attack. The web page was inaccessible for two days. A trace back attempts showed that Commanding Server is located in Russia [3]. Since Internet of Things (IoT) and Smart Home Devices get more popular, the number of IoT bots used for DDos Attacks rise day by day. This is caused due to poor security of IoT devices and the lack of security firmware updates. | Denial of Service or Dos attacks aim to prevent that legitimate users access the comprised component. Due to Cisco, is the Dos Attack one of the seven most common types of cyber-attacks [1]. The reasons of the attacker can have many backgrounds. The Attack can am to cause facial loss to the attacked company by bringing the company website down. For example, in 2015 the by the time biggest DDos attack with 1,35 Tbps rained down on Github and put it off the line for 15 minutes [2]. There can also be a political reason, like in July 2008 where Georgian President Mikheil Saakashvili’s webpage was targeted by a DDos attack. The web page was inaccessible for two days. A trace back attempts showed that Commanding Server is located in Russia [3]. Since Internet of Things (IoT) and Smart Home Devices get more popular, the number of IoT bots used for DDos Attacks rise day by day. This is caused due to poor security of IoT devices and the lack of security firmware updates. | ||
== Difference Between Denial of Service (DoS) and Distributed Denial of Service (DDoS) Attacks == | |||
The typical DoS attack is performed from one attacker by flooding the victim server with data. Back than it was possible to take down a small web page with the usage of only one state of the art personal computer. But nowadays it is almost impossible because the internet is dominated by the big domains like google or Amazon. Small websites have the possibility to launch their web page on a server of a big domain which makes a typical DoS attack almost impossible. But Distributed DoS attacks are still able to make a huge impact because the attack gets performed by multiple devices at the same time. This net of attacking devices is called botnet. Botnets get constructed by infecting usual devices threw malware. This botnet devices are also used to flood the internet flood the internet with spam mails [4]. | The typical DoS attack is performed from one attacker by flooding the victim server with data. Back than it was possible to take down a small web page with the usage of only one state of the art personal computer. But nowadays it is almost impossible because the internet is dominated by the big domains like google or Amazon. Small websites have the possibility to launch their web page on a server of a big domain which makes a typical DoS attack almost impossible. But Distributed DoS attacks are still able to make a huge impact because the attack gets performed by multiple devices at the same time. This net of attacking devices is called botnet. Botnets get constructed by infecting usual devices threw malware. This botnet devices are also used to flood the internet flood the internet with spam mails [4]. | ||
== Target points of Denial of Service Attacks == | |||
=== Resource Depletion === | |||
This type attack aims to exhaust resources like power, sockets, memory and computing power to deny any legit resource usage. A well-known example of memory depletion DoS Attack is Frokbomb. This Program replicates itself until all memory is used up and the system does not allow any new memory allocation. In IoT Networks battery exhaustion attacks are quite common as an attack entry point to take down sensor nodes and make them inaccessible. | |||
=== Bandwidth Depletion === | |||
Bandwidth Depletion is the most common DoS type for attacking Webservers and Services. The attack can either aim at a whole network or a webserver. The types of a bandwidth depletion attack differ into a standard attack distributed denial of service, amplified dos attacks and Protocol attacks. | |||
=== Zero Day Attack === | |||
Zero-day attacks use vulnerabilities that are undiscovered by the manufacturers as the main entry point of the attack. The manufacturer is often powerless against zero-day attack, because he must research the vulnerability before they can take efficient counter measures. | |||
== References == | == References == | ||
Revision as of 09:20, 18 May 2020
Disclaimer
!!! This Entry is still work in Progress !!!
The up-to-date Entry and Drafts can be found here: [[1]]
Summary
This Documentation is about the Basics of Denial of Service and Distributed Denial of Service Attacks.
Introduction
Denial of Service or Dos attacks aim to prevent that legitimate users access the comprised component. Due to Cisco, is the Dos Attack one of the seven most common types of cyber-attacks [1]. The reasons of the attacker can have many backgrounds. The Attack can am to cause facial loss to the attacked company by bringing the company website down. For example, in 2015 the by the time biggest DDos attack with 1,35 Tbps rained down on Github and put it off the line for 15 minutes [2]. There can also be a political reason, like in July 2008 where Georgian President Mikheil Saakashvili’s webpage was targeted by a DDos attack. The web page was inaccessible for two days. A trace back attempts showed that Commanding Server is located in Russia [3]. Since Internet of Things (IoT) and Smart Home Devices get more popular, the number of IoT bots used for DDos Attacks rise day by day. This is caused due to poor security of IoT devices and the lack of security firmware updates.
Difference Between Denial of Service (DoS) and Distributed Denial of Service (DDoS) Attacks
The typical DoS attack is performed from one attacker by flooding the victim server with data. Back than it was possible to take down a small web page with the usage of only one state of the art personal computer. But nowadays it is almost impossible because the internet is dominated by the big domains like google or Amazon. Small websites have the possibility to launch their web page on a server of a big domain which makes a typical DoS attack almost impossible. But Distributed DoS attacks are still able to make a huge impact because the attack gets performed by multiple devices at the same time. This net of attacking devices is called botnet. Botnets get constructed by infecting usual devices threw malware. This botnet devices are also used to flood the internet flood the internet with spam mails [4].
Target points of Denial of Service Attacks
Resource Depletion
This type attack aims to exhaust resources like power, sockets, memory and computing power to deny any legit resource usage. A well-known example of memory depletion DoS Attack is Frokbomb. This Program replicates itself until all memory is used up and the system does not allow any new memory allocation. In IoT Networks battery exhaustion attacks are quite common as an attack entry point to take down sensor nodes and make them inaccessible.
Bandwidth Depletion
Bandwidth Depletion is the most common DoS type for attacking Webservers and Services. The attack can either aim at a whole network or a webserver. The types of a bandwidth depletion attack differ into a standard attack distributed denial of service, amplified dos attacks and Protocol attacks.
Zero Day Attack
Zero-day attacks use vulnerabilities that are undiscovered by the manufacturers as the main entry point of the attack. The manufacturer is often powerless against zero-day attack, because he must research the vulnerability before they can take efficient counter measures.
References
- [1] https://www.cisco.com/c/en/us/products/security/common-cyberattacks.html
- [2] https://www.wired.com/story/github-ddos-memcached/
- [3] https://ccdcoe.org/uploads/2018/10/12_NAZARIO-Politically-Motivated-DDoS.pdf
- [4] IEEE 2015: Botnet in DDoS Attacks: Trends and Challenge
Category:Basic [[]]