Information Security: DDoS Threat Analysis and Mitigation
VerifiedAdded on 2023/06/08
|7
|1857
|53
Report
AI Summary
This report provides a comprehensive analysis of Distributed Denial of Service (DDoS) attacks, a significant threat to information security. It details the nature of DDoS attacks, which involve multiple connected online devices sending fake traffic to overload target websites, rendering them unavailable to legitimate users. The report identifies systems vulnerable to DDoS attacks, including those connected to botnets, such as IoT devices and cloud services. It explores how attacks are performed, including the use of compromised devices and spoofed identities, highlighting the difficulty in tracing attackers. Mitigation strategies discussed include staying aware of potential attacks, reconfiguring networks for resilience, adopting real-time behavior-based attack mitigation, and implementing hybrid and integrated approaches. The report also covers potential exploiters of DDoS attacks, ranging from individual hackers to state nations, emphasizing the wide scope of impact. The conclusion highlights the importance of layered protection and proactive mitigation strategies to combat DDoS threats.
INFORMATION SECURITY
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
1
Contents
INTRODUCTION.................................................................................................................................2
Q1..........................................................................................................................................................2
Name of the threat.............................................................................................................................2
System it attacks................................................................................................................................3
Performing attacks.............................................................................................................................3
Mitigation strategies..........................................................................................................................3
Potential exploiters............................................................................................................................4
Reflection..........................................................................................................................................5
CONCLUSION.....................................................................................................................................5
REFERENCES......................................................................................................................................6
Contents
INTRODUCTION.................................................................................................................................2
Q1..........................................................................................................................................................2
Name of the threat.............................................................................................................................2
System it attacks................................................................................................................................3
Performing attacks.............................................................................................................................3
Mitigation strategies..........................................................................................................................3
Potential exploiters............................................................................................................................4
Reflection..........................................................................................................................................5
CONCLUSION.....................................................................................................................................5
REFERENCES......................................................................................................................................6
2
INTRODUCTION
Cyber Security has become a very big challenge for the modern day IT users whether they are
individuals or the overall organisation. With the increase in the number of hacking activities,
organisations need to be ready with their mitigations strategies so as to confront these threats.
There are various types of threats emerging in cyber security (Von Solms and Van Niekerk,
2013). These threats can be extremely dangerous in the modern day competitive environment.
This report identifies the threats and provides mitigation strategies for it. It also evaluates the
type of systems that is attacked by this threat and also gives details about the ways in which
attacks are conducted.
Q1
Name of the threat
Distributed Denial of Service (DDoS) is an attack which is considered to be as the subclass of
Denial of Service (DoS) attack. It is an attack that includes multiple connected online devices
and is used for sending a target website with fake traffic. This is not conducted to breach the
security of the infrastructure rather they are done so that target website gets unavailable to
users that are legitimate (Yan, et. al. 2012). It is dangerous as it acts as a legitimate screen
behind which other attacks could be possible.
Ranking in terms
of impact
Name of the threat
1. Malware
2. Phishing
3. SQL Injection Attack
4. Cross-Site Scripting (XSS)
5. Denial-of-Service (DoS)
6. Session Hijacking and Man-in-
the-middle attacks
7. Credential Reuse
System it attacks
This is an attack done on the websites or the system that are connected on a network which is
collectively known as a botnet. These attacks are conducted on the systems that are connected
INTRODUCTION
Cyber Security has become a very big challenge for the modern day IT users whether they are
individuals or the overall organisation. With the increase in the number of hacking activities,
organisations need to be ready with their mitigations strategies so as to confront these threats.
There are various types of threats emerging in cyber security (Von Solms and Van Niekerk,
2013). These threats can be extremely dangerous in the modern day competitive environment.
This report identifies the threats and provides mitigation strategies for it. It also evaluates the
type of systems that is attacked by this threat and also gives details about the ways in which
attacks are conducted.
Q1
Name of the threat
Distributed Denial of Service (DDoS) is an attack which is considered to be as the subclass of
Denial of Service (DoS) attack. It is an attack that includes multiple connected online devices
and is used for sending a target website with fake traffic. This is not conducted to breach the
security of the infrastructure rather they are done so that target website gets unavailable to
users that are legitimate (Yan, et. al. 2012). It is dangerous as it acts as a legitimate screen
behind which other attacks could be possible.
Ranking in terms
of impact
Name of the threat
1. Malware
2. Phishing
3. SQL Injection Attack
4. Cross-Site Scripting (XSS)
5. Denial-of-Service (DoS)
6. Session Hijacking and Man-in-
the-middle attacks
7. Credential Reuse
System it attacks
This is an attack done on the websites or the system that are connected on a network which is
collectively known as a botnet. These attacks are conducted on the systems that are connected
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
3
in the networks such as Internet of Things and cloud services (Joshi, Vijayan and Joshi,
2012). This attack is done on huge numbers of systems through common website. Any
system having poor security easily gets attacked by the DDoS threat.
Performing attacks
This attack is performed by hackers with even one system in their hand. Cyber criminals are
always in search of all the vulnerabilities in the infrastructure and they find new techniques
for DDoS attacks. Anybody can acquire botnets for certain time interval as they are rented at
cheaper rates with the internet (Xiang, Li and Zhou, 2011). It can be conducted with the help
of any kind of device with a fake identity and IP address. As the identity is spoofed hence
they are difficult to trace. Even the launch points remain spoofed. Money can be transferred
by the help of renting cheap VPS free trials.
Thousands of compromised fake hosts attack against an individual target. These evil hosts are
unsuspectingly conscripted from thousands of computers that are unsafe and they access the
internet with the help of high bandwidth. A sleep codes are planted on these devices and at
that time hackers creates huge numbers of evils for launching a DDoS attacks. With huge
number of evil hosts taking part in the process, the overall quantity of an attack can be huge
and dangerous.
Mitigation strategies
Huge amount of mitigation strategies are used by the security professionals within an
organisation. These strategies are undertaken checking the nature of the attack and the risk
profile it might create to systems. The basic mitigation strategy that a company can adopt is
stay aware and prepared about the types of attacks that could be possible. In DDoS attacks
anticipation plays a very major role hence mitigation strategies needs to be applied before the
attacks are actually done. Company needs to recheck network configuration and design them
in an appropriate manner so that less damage can be done by any of this attacks (Yan, et. al.
2016). Organisations need to adopt real-time behaviour based attack mitigation mechanism.
These are able to safeguard the system against application downtime, spreading of malware,
application vulnerability exploitation, anomalies in network, data theft and various other
types of new attacks. Organisations need to have purpose built hardware that is focused
towards impacting legitimate traffic as well as it must facilitate centralised attack
management. The reporting and monitoring must comprise of complete set of security
in the networks such as Internet of Things and cloud services (Joshi, Vijayan and Joshi,
2012). This attack is done on huge numbers of systems through common website. Any
system having poor security easily gets attacked by the DDoS threat.
Performing attacks
This attack is performed by hackers with even one system in their hand. Cyber criminals are
always in search of all the vulnerabilities in the infrastructure and they find new techniques
for DDoS attacks. Anybody can acquire botnets for certain time interval as they are rented at
cheaper rates with the internet (Xiang, Li and Zhou, 2011). It can be conducted with the help
of any kind of device with a fake identity and IP address. As the identity is spoofed hence
they are difficult to trace. Even the launch points remain spoofed. Money can be transferred
by the help of renting cheap VPS free trials.
Thousands of compromised fake hosts attack against an individual target. These evil hosts are
unsuspectingly conscripted from thousands of computers that are unsafe and they access the
internet with the help of high bandwidth. A sleep codes are planted on these devices and at
that time hackers creates huge numbers of evils for launching a DDoS attacks. With huge
number of evil hosts taking part in the process, the overall quantity of an attack can be huge
and dangerous.
Mitigation strategies
Huge amount of mitigation strategies are used by the security professionals within an
organisation. These strategies are undertaken checking the nature of the attack and the risk
profile it might create to systems. The basic mitigation strategy that a company can adopt is
stay aware and prepared about the types of attacks that could be possible. In DDoS attacks
anticipation plays a very major role hence mitigation strategies needs to be applied before the
attacks are actually done. Company needs to recheck network configuration and design them
in an appropriate manner so that less damage can be done by any of this attacks (Yan, et. al.
2016). Organisations need to adopt real-time behaviour based attack mitigation mechanism.
These are able to safeguard the system against application downtime, spreading of malware,
application vulnerability exploitation, anomalies in network, data theft and various other
types of new attacks. Organisations need to have purpose built hardware that is focused
towards impacting legitimate traffic as well as it must facilitate centralised attack
management. The reporting and monitoring must comprise of complete set of security
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
4
modules as well as the inline accuracy (Yu, et. al. 2011). Along with this there must be
scalability of out of path.
First line of defence must be capable of mitigating all the possible malicious activities
automatically. This can be done through identifying real-time patterns and not only by
focusing on signatures having static nature or rate-limiting (Sanchez, 2010). Organisations
must protect against abusers of applications, systems that are infected by botnet.
Apart from this Hybrid & Integrated approach must be used. In this approach detection is
done at multiple points of the system infrastructure. Since all traffic migrates towards SSL
and hence safeguarding must be done against SSL based attacks. For the networks that are
delay sensitive or are of higher bandwidth, OOP protection can be used without
compromising the protection set. Traffic policing mechanism that is based on rate will not be
effective as it may obstruct legitimate traffic which will make revenue loss (Bhuyan,
Bhattacharyya and Kalita, 2015). One must also find out the cloud detection and mitigation
mechanism. Organisation must also consider:
Organisation needs to have Disaster Recovery or business continuity and incident
response plan address planning against DDoS.
Out-of-path or in-line DDoS mitigation solution
Safeguarding against application attacks
Mitigation against SSL attack
Scrubbing that is cloud based (Taneja, 2015).
Potential exploiters
DDoS attacks provides platform for various types of other attacks hence the number of
attacks have increased. Any vulnerability in the network can be exploited by all the people
having evil minds such as individual hackers, cyber-extortionists and other cyber-terrorists. It
is also used by state nations against other nations.
The scope of these attacks are wide range as one can use it to disrupts other’s business or can
be used for the purpose of diminishing other’s image in the market. Hackers use it for
targeting e-commerce and financial services company so as to cause them financial loses
(Lonea, Popescu and Tianfield, 2013). In the modern day competitive environment this can
be dangerous for the firm as the targeted website gets unavailable for the legitimate users.
This might also be practiced by the people for causing data losses.
modules as well as the inline accuracy (Yu, et. al. 2011). Along with this there must be
scalability of out of path.
First line of defence must be capable of mitigating all the possible malicious activities
automatically. This can be done through identifying real-time patterns and not only by
focusing on signatures having static nature or rate-limiting (Sanchez, 2010). Organisations
must protect against abusers of applications, systems that are infected by botnet.
Apart from this Hybrid & Integrated approach must be used. In this approach detection is
done at multiple points of the system infrastructure. Since all traffic migrates towards SSL
and hence safeguarding must be done against SSL based attacks. For the networks that are
delay sensitive or are of higher bandwidth, OOP protection can be used without
compromising the protection set. Traffic policing mechanism that is based on rate will not be
effective as it may obstruct legitimate traffic which will make revenue loss (Bhuyan,
Bhattacharyya and Kalita, 2015). One must also find out the cloud detection and mitigation
mechanism. Organisation must also consider:
Organisation needs to have Disaster Recovery or business continuity and incident
response plan address planning against DDoS.
Out-of-path or in-line DDoS mitigation solution
Safeguarding against application attacks
Mitigation against SSL attack
Scrubbing that is cloud based (Taneja, 2015).
Potential exploiters
DDoS attacks provides platform for various types of other attacks hence the number of
attacks have increased. Any vulnerability in the network can be exploited by all the people
having evil minds such as individual hackers, cyber-extortionists and other cyber-terrorists. It
is also used by state nations against other nations.
The scope of these attacks are wide range as one can use it to disrupts other’s business or can
be used for the purpose of diminishing other’s image in the market. Hackers use it for
targeting e-commerce and financial services company so as to cause them financial loses
(Lonea, Popescu and Tianfield, 2013). In the modern day competitive environment this can
be dangerous for the firm as the targeted website gets unavailable for the legitimate users.
This might also be practiced by the people for causing data losses.
5
Reflection
In the competition that exists in the market, DDoS is one of the most dangerous types of
attacks. This is due to the fact that it infects not only one or two systems but the whole
infrastructure. I believe that the company must be ready beforehand with their mitigation
strategy so as to tackle with these situations. I believe that there must be protection in
multiple layers in which the first layer must be capable enough to protect from most of the
attacks. Since the attacks are done with millions of evil hosts hence the check points of such
attacks should also be made at multiple points in the infrastructure.
CONCLUSION
From the above based report it can be concluded that there are various types of Cyber-
security threats emerging in the information technology. This has impacted millions of
individuals as well as the organisations. DDoS is an attack that is one of the most common
forms of attack that has impacted upon several systems in the world. Companies need to use
number of layers in their protection mechanism since the attacks are also done at multiple
points. Various mitigation strategies could be used by the organisations so as to safeguard
their systems from such attacks. This is dangerous as the state nations as well as individuals
anybody could use it for the purpose of creating losses for others.
Reflection
In the competition that exists in the market, DDoS is one of the most dangerous types of
attacks. This is due to the fact that it infects not only one or two systems but the whole
infrastructure. I believe that the company must be ready beforehand with their mitigation
strategy so as to tackle with these situations. I believe that there must be protection in
multiple layers in which the first layer must be capable enough to protect from most of the
attacks. Since the attacks are done with millions of evil hosts hence the check points of such
attacks should also be made at multiple points in the infrastructure.
CONCLUSION
From the above based report it can be concluded that there are various types of Cyber-
security threats emerging in the information technology. This has impacted millions of
individuals as well as the organisations. DDoS is an attack that is one of the most common
forms of attack that has impacted upon several systems in the world. Companies need to use
number of layers in their protection mechanism since the attacks are also done at multiple
points. Various mitigation strategies could be used by the organisations so as to safeguard
their systems from such attacks. This is dangerous as the state nations as well as individuals
anybody could use it for the purpose of creating losses for others.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
6
REFERENCES
Bhuyan, M.H., Bhattacharyya, D.K. and Kalita, J.K., (2015) An empirical evaluation of
information metrics for low-rate and high-rate DDoS attack detection. Pattern Recognition
Letters, 51, pp.1-7.
Joshi, B., Vijayan, A.S. and Joshi, B.K., (2012) Securing cloud computing environment
against DDoS attacks. In Computer Communication and Informatics (ICCCI), 2012
International Conference on (pp. 1-5). IEEE.
Lonea, A.M., Popescu, D.E. and Tianfield, H., (2013) Detecting DDoS attacks in cloud
computing environment. International Journal of Computers Communications &
Control, 8(1), pp.70-78.
Sanchez, M. (2010) The 10 most common security threats explained. [Online]. Available at:
https://blogs.cisco.com/smallbusiness/the-10-most-common-security-threats-explained.
[Accessed on 9th August 2018].
Taneja, N. (2015) DDoS Attacks: The Risks and Mitigation Strategies. [Online]. Available at:
http://www.cxotoday.com/story/ddos-attacks-the-risks-and-mitigation-strategies/. [Accessed
on 9th August 2018].
Von Solms, R. and Van Niekerk, J., (2013) From information security to cyber
security. computers & security, 38, pp.97-102.
Xiang, Y., Li, K. and Zhou, W., (2011) Low-rate DDoS attacks detection and traceback by
using new information metrics. IEEE transactions on information forensics and
security, 6(2), pp.426-437.
Yan, Q., Yu, F.R., Gong, Q. and Li, J., (2016) Software-defined networking (SDN) and
distributed denial of service (DDoS) attacks in cloud computing environments: A survey,
some research issues, and challenges. IEEE Communications Surveys & Tutorials, 18(1),
pp.602-622.
Yan, Y., Qian, Y., Sharif, H. and Tipper, D., (2012) A survey on cyber security for smart grid
communications. IEEE Communications Surveys and tutorials, 14(4), pp.998-1010.
Yu, S., Zhou, W., Doss, R. and Jia, W., (2011) Traceback of DDoS attacks using entropy
variations. IEEE Transactions on Parallel and Distributed Systems, 22(3), pp.412-425.
REFERENCES
Bhuyan, M.H., Bhattacharyya, D.K. and Kalita, J.K., (2015) An empirical evaluation of
information metrics for low-rate and high-rate DDoS attack detection. Pattern Recognition
Letters, 51, pp.1-7.
Joshi, B., Vijayan, A.S. and Joshi, B.K., (2012) Securing cloud computing environment
against DDoS attacks. In Computer Communication and Informatics (ICCCI), 2012
International Conference on (pp. 1-5). IEEE.
Lonea, A.M., Popescu, D.E. and Tianfield, H., (2013) Detecting DDoS attacks in cloud
computing environment. International Journal of Computers Communications &
Control, 8(1), pp.70-78.
Sanchez, M. (2010) The 10 most common security threats explained. [Online]. Available at:
https://blogs.cisco.com/smallbusiness/the-10-most-common-security-threats-explained.
[Accessed on 9th August 2018].
Taneja, N. (2015) DDoS Attacks: The Risks and Mitigation Strategies. [Online]. Available at:
http://www.cxotoday.com/story/ddos-attacks-the-risks-and-mitigation-strategies/. [Accessed
on 9th August 2018].
Von Solms, R. and Van Niekerk, J., (2013) From information security to cyber
security. computers & security, 38, pp.97-102.
Xiang, Y., Li, K. and Zhou, W., (2011) Low-rate DDoS attacks detection and traceback by
using new information metrics. IEEE transactions on information forensics and
security, 6(2), pp.426-437.
Yan, Q., Yu, F.R., Gong, Q. and Li, J., (2016) Software-defined networking (SDN) and
distributed denial of service (DDoS) attacks in cloud computing environments: A survey,
some research issues, and challenges. IEEE Communications Surveys & Tutorials, 18(1),
pp.602-622.
Yan, Y., Qian, Y., Sharif, H. and Tipper, D., (2012) A survey on cyber security for smart grid
communications. IEEE Communications Surveys and tutorials, 14(4), pp.998-1010.
Yu, S., Zhou, W., Doss, R. and Jia, W., (2011) Traceback of DDoS attacks using entropy
variations. IEEE Transactions on Parallel and Distributed Systems, 22(3), pp.412-425.
1 out of 7
