logo

Principles of Key/Value Databases and Memcrashed Exploit

Write a report on the memcrashed vulnerability from 2018, including a description of memcached, the memcrashed exploit, solutions to defend against memcrashed, and predictions on its likely impact.

14 Pages3197 Words498 Views
   

Added on  2023-04-06

About This Document

This assignment discusses the principles of key/value databases and the memcrashed exploit. It explains how memcrashed works and provides solutions to prevent and mitigate the exploit. Study computer security with expert material at Desklib.

Principles of Key/Value Databases and Memcrashed Exploit

Write a report on the memcrashed vulnerability from 2018, including a description of memcached, the memcrashed exploit, solutions to defend against memcrashed, and predictions on its likely impact.

   Added on 2023-04-06

ShareRelated Documents
Running head: COMPUTER SECURITY
COMPUTER SECURITY
Name of Student
Name of the University
Author’s Note
Principles of Key/Value Databases and Memcrashed Exploit_1
1COMPUTER SECURITY
Table of Contents
Introduction..........................................................................................................................2
Discussion............................................................................................................................2
Principles of key/value databases....................................................................................2
Description of memcrashed exploit.................................................................................3
How does memcrashed work?.........................................................................................4
Solution to the memcrashed exploit................................................................................5
Future importance and effectiveness of memcrashed......................................................8
Conclusion.........................................................................................................................10
References..........................................................................................................................11
Principles of Key/Value Databases and Memcrashed Exploit_2
2COMPUTER SECURITY
Introduction
Memcrashed is a process in which memcached is installed in a particular system or a
group of systems and which initiates security against the threat imposed by the memcrashed
attack. The memcached can be defined as a certain memory object system that is utilized in
caching; this process of caching is utilized for increasing the speed of numerous applications of
the dynamic web (Conklin, White & Cothren, 2015). Memcached is an open source; this has
been introduced in order to work with numerous open connections. The first vulnerability that
had been introduced was in the month of February, 2018. In the attack, the attackers had
launched and executed a very powerful amplification attack of DDoS (Egelman & Peer, 2015).
The vulnerability faced at this time had never been faced previously by any organization. This
particular assignment describes the principles followed by the key/value database, it further
discusses the memcrashed exploit and how it takes place. The report also presents some solutions
or countermeasures that can be implemented by the organizations facing memcrashed exploit.
The mentioned points have been presented in details in the discussion part of the assignment.
Discussion
Principles of key/value databases
A key-value database is also known as a key-value store, it is a data storage paradigm is
usually designed for the purpose of storing, managing and retrieving associative arrays. The key-
value store follows various principles; some principles include examining some options like
Bolt, RocksDB, GoLevelIDB and Badger (Hyder & Lung, 2018). Some more opetions hat are
examined include Go, B+ tree, Great read performance, C++, LSM (leveldb), a Better balance of
Principles of Key/Value Databases and Memcrashed Exploit_3
3COMPUTER SECURITY
write or read performance, cgo and Wisckey, these options are included under the previously
mentioned options (Egelman & Peer, 2015). Some other principals include maintaining
simplicity; it follows the rule of utilizing numerous simple algorithms along with some simple
data structures for utilizing a key-value database into operations (O’Hare, 2018). One more
principal includes explicating. It sets out in building a key value database for certain purposes
and not for the purpose of delivering a specific generalized solution.
Description of memcrashed exploit
A memcached attack is a concept under the Distributed Denial-of-service (DDoS) attack.
This can be described as a cyber attack where a specific attacker attempts in overloading a
targeted victim using a specific amount of internet traffic. (Peltier, 2016) After that the attacker
spoofs various requests to the UDP memcached server that is vulnerable. It then floods the
victim that has been targeted with a certain amount of internet traffic that potentially overwhelms
the resources of the victim (Peltier, 2016). When the infrastructure of the target is overwhelmed,
it cannot process new requests and the traffic that is regular in nature is not allowed to access the
resource present on the internet, this as a result causes denial-of-service. The involvement of the
memcached servers in the field of DDoS attacks has been simple as well as effective; in this
attack the attacker sends a specific request to the server that has been targeted by them on the
port 11211 which then spoofs the victim’s IP address (Slocombe, 2018). The request that has
been sent to the server is then composed into several bytes whereas the response received might
be tens or thousands times bigger in size. This results in an amplification attack that is estimated
to be around 51,200 times bigger than the size of the request that has been provided initially.
Principles of Key/Value Databases and Memcrashed Exploit_4

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
Memcached Attack: Exploit, Strategies, and Mitigation
|12
|2676
|376

Memcrashed Vulnerability from 2018
|13
|2063
|440

Computer Security: Memcrashed Exploit and Solutions
|14
|3281
|184

Understanding Memcrashed Vulnerability: Key/Value Databases
|12
|3440
|424

Memcrashed Vulnerabilities: Impact, Exploits and Mitigation
|12
|4100
|244

Computer Security Engineering
|15
|3256
|143