DoS PREVENTION

Denial of Service Attacks and Their Prevention



Abstract

Denial of Service (DoS) attack is made on networks, organizations, and systems on the internet. DoS attacks are a serious threat to internet security as they use the valuable information from the client's IP, which has been used in attacking packets. This research focuses on prevention methods of DoS attacks. DoS attacks are made on an everyday basis on large networks and popular websites and threaten the internet infrastructure. Since the attackers forges an IP address, the source is hard to detect and renders source based packet filtering ineffective. Thus, there are strict steps that must be taken in order to prevent DoS attacks.

Table of Contents

Abstractii

Introduction1

Denial of Service Attacks1

Discussion1

Types of DoS1

Attacking Methods1

i.Flooding1

ii.Logical1

Weaknesses Exploited1

i.TCP SYN Flooding1

ii.TCP Reset2

iii.UDP Flooding2

iv.ICMP Attack2

v.DNS Request Attack2

vi.Ping of Death2

vii.CGI Request3

viii.Mail Bomb3

ix.Land Attacks3

x.Teardrop Attack3

xi.Hybrid Attack3

Connection Establishment3

i.Direct3

ii.Reflector3

Attack Rate3

i.High Rate Disruptive3

ii.Diluted Low Rate Degrading4

iii.Varied Rate4

Attack Traffic Distribution4

Attack Packets Used4

Protocol Used4

Prevention of DoS4

Universal Techniques4

i.Disabling Unused Services4

ii.Installing Latest Security Updates4

iii.Disabling IP Broadcast4

iv.Firewalls5

v.Global Defense Infrastructure5

vi.IP Hopping5

Filtering Techniques5

i.Ingress/Egress Filtering5

ii.Router Based Packet Filtering5

iii.History Based IP Filtering5

iv.Capability Based Method5

v.Secure Overlay Service (SOS)6

vi.SAVE: Source Address Validity Enforcement6

Conclusion6

References7

Denial of Service Attacks and Their Prevention

Introduction

Denial of Service Attacks

A DOS attack provisionally handicaps a server and makes it unavailable. As a consequence, the sever fails to respond to any requests from its legitimate users and thus, is known as a Denial of Service attack. Basically, a DoS attack is an overt effort to thwart the access of genuine users to authorized resources. DoS attacks exploit the vulnerability of internet protocols, services and applications. Although there are several ways to defend against DoS attacks, nevertheless they still happen for the lack of a complete solution. There is a wide assortment of DoS attacks and security methods for combating them (Duan, et al., 2008).

Discussion

Most of the DoS attacks that take place nowadays are actually Distributed Denial of Service (DDoS) attacks ones, which are a greater than ever threat to users, organizations, networks, and internet infrastructure. In DDoS attacks, key resources are chosen and then tied up by sending a high amount of apparently genuine traffic that requests services. A DoS attack is deprives legitimate users from services like web access, e-mail, or network connectivity when access to a resource is deliberately blocked or corrupted because of a malicious action. A torrent of harmful packets is sent to a victim server rendering it incapable of providing services to legitimate users. Since, these attacks have been automated now even inexperienced crackers with capabilities can bring down a server with DoS attacks (Ahlawat & Sharma, 2011).

Types of DoS

Attacking Methods

Flooding

According to Gupta, et al. (2009), most of the DoS or DDoS attacks are carried out through using TCP. The majority of these attacks are targeted to flooding attacks. In a flooding attack, apparently legitimate are sent to a victim server. As these packets are corrupted, they block the communication resources of the victim making it incapable of serving legitimates users. Here, the resources under attack are computational power, network bandwidth and connections, hard disk space, CPU time, and data ...