Memcrashed Vulnerabilities: Impact, Exploits and Mitigation
Added on 2023-04-25
12 Pages4100 Words244 Views
Running head: CO4509 - COMPUTER SECURITY
CO4509 - Computer Security
Name of the Student
Name of the University
Author’s Note
CO4509 - Computer Security
Name of the Student
Name of the University
Author’s Note
1
CO4509 - COMPUTER SECURITY
Table of Contents
Introduction................................................................................................................................2
Principles of Key Value Database..............................................................................................2
Working of Memcached and its use...........................................................................................3
Description of Memcrashed...................................................................................................3
Performing Exploits and solution for Memcrashed...................................................................4
Prediction and Effectiveness on Memcrashed impacts..............................................................6
Memcrashed Vulnerability report..............................................................................................7
Conclusion..................................................................................................................................9
References................................................................................................................................10
CO4509 - COMPUTER SECURITY
Table of Contents
Introduction................................................................................................................................2
Principles of Key Value Database..............................................................................................2
Working of Memcached and its use...........................................................................................3
Description of Memcrashed...................................................................................................3
Performing Exploits and solution for Memcrashed...................................................................4
Prediction and Effectiveness on Memcrashed impacts..............................................................6
Memcrashed Vulnerability report..............................................................................................7
Conclusion..................................................................................................................................9
References................................................................................................................................10
2
CO4509 - COMPUTER SECURITY
Introduction
The report is prepared on memcrashed vulnerabilities for describing the functionality
of memcache and its workings on different types of attacks. The report describes impact of
memcacrashed and it is exploited for analysing its impact. Memcache is used for speeding up
the cache mechanism and it stores all the important thing that can be applied for speeding the
delivery of web assets. The latency can be minimized if the distance between the assets is
minimized. Memcached is an memory caching system that is open source and it helps in
speeding dynamic web application with the reduction of loads in the database (Marathe et
al.2017). The data objects are stored in the dynamic memory for reducing the loads and thus
it can be said that Memcached acts as a short term memory for the applications. Key values
are used for the objects and small arbitrary strings that may include API, database calls and
page rendering. The components of Memcached allows the server and client working
together for increasing the efficiency of cached data and increase its efficiency (Choi et al.
2018). The client software is used for giving a list of available Memcached server and a client
based hash algorithm is used for selection of server that are based on key. The server
software helps in storing the keys and their values for the hash table and LRU is used for
determining the old data and throwing out of the memory for reusing it.
Principles of Key Value Database
Memcached works with four components that allows the system to retrieve and store
data. The components have a expiration time, raw data and key and it works as the following
stage:
A piece of data is requested by the client and is checked by the Memcached for
checking that if it is needed to be stored in cache.
There may be different outcomes such as if the data is stored in cache, the data is
needed to be returned from Memcached and there is not need for checking the
database. In case if the data is not stored in the cache a query is made for retrieving
the data and store it in the Memcached.
If there is a change in information and the values are expired the information gets
updated in Memcached and it is to be ensured that the contents that are delivered to the client
are fresh.
CO4509 - COMPUTER SECURITY
Introduction
The report is prepared on memcrashed vulnerabilities for describing the functionality
of memcache and its workings on different types of attacks. The report describes impact of
memcacrashed and it is exploited for analysing its impact. Memcache is used for speeding up
the cache mechanism and it stores all the important thing that can be applied for speeding the
delivery of web assets. The latency can be minimized if the distance between the assets is
minimized. Memcached is an memory caching system that is open source and it helps in
speeding dynamic web application with the reduction of loads in the database (Marathe et
al.2017). The data objects are stored in the dynamic memory for reducing the loads and thus
it can be said that Memcached acts as a short term memory for the applications. Key values
are used for the objects and small arbitrary strings that may include API, database calls and
page rendering. The components of Memcached allows the server and client working
together for increasing the efficiency of cached data and increase its efficiency (Choi et al.
2018). The client software is used for giving a list of available Memcached server and a client
based hash algorithm is used for selection of server that are based on key. The server
software helps in storing the keys and their values for the hash table and LRU is used for
determining the old data and throwing out of the memory for reusing it.
Principles of Key Value Database
Memcached works with four components that allows the system to retrieve and store
data. The components have a expiration time, raw data and key and it works as the following
stage:
A piece of data is requested by the client and is checked by the Memcached for
checking that if it is needed to be stored in cache.
There may be different outcomes such as if the data is stored in cache, the data is
needed to be returned from Memcached and there is not need for checking the
database. In case if the data is not stored in the cache a query is made for retrieving
the data and store it in the Memcached.
If there is a change in information and the values are expired the information gets
updated in Memcached and it is to be ensured that the contents that are delivered to the client
are fresh.
3
CO4509 - COMPUTER SECURITY
There are different Memcached server and multiple clients in a typical setup and hash
algorithm are used by the client for determining the use of Memcached storage server and
distributing the loads (Bremler-Barr et al. 2017). A second hash is also computed for
determining what is needed to be stored in the hash tables. There are some points that are
included in the Memcached architecture such as data is send to a single server, servers does
not shares data and the values are kept in the RAM of the server.
Working of Memcached and its use
There are different ways that can be used for installing Memcached and it depends on
the type of the system and there is a variation in the methods. For the Linux operating system
a simple command apt-get install Memcached can be used and the command varies for the
different version of Linux (Carra and Michiardi 2016). There are different ways for installing
the Memcached and it is needed to be considered after analysing the requirement of the client
server environment.
The above figure shows the architecture of Memcached servers and here the cache is
separated from the application for giving better control to manage the cache from the
separated servers. The server capacity can be increased based on the size of the cache without
having any affect on the application.
Description of Memcrashed
There are many researchers who have reported against Memcached since it is used by
the attacker for powering the DDoS attack and are known as Memcached DDoS attack. Since
Memcached is an opensource it has designed distributing memory caching for speeding the
dynamic web application and alleviating the loads in database. The clients can communicate
with the servers with Memcached using the UDP or TCP port 1211. Thus there is a
possibility that the attacker can abuse the Memcached for the amplification for DDoS attacks
and it can spike up compromising the security of the client server architecture (Luo et al.
2016). The Memcached servers can be involved by the attacker for increasing the
effectiveness of the attack. It can be done simply by sending a request message to the targeted
server on port 1121 and implementing IP address spoofing with the IP address of the victim.
Few bytes are used for sending the request and its response is expected to be thousands times
bigger which results in amplifying the attack and 51000 times than the initial request. A
research is done in uptick in Memcached amplification attacks that ranges from 100mbps to
500gbps. The attacks amplifies is sourced from the port 11211 having packet size of 1428
CO4509 - COMPUTER SECURITY
There are different Memcached server and multiple clients in a typical setup and hash
algorithm are used by the client for determining the use of Memcached storage server and
distributing the loads (Bremler-Barr et al. 2017). A second hash is also computed for
determining what is needed to be stored in the hash tables. There are some points that are
included in the Memcached architecture such as data is send to a single server, servers does
not shares data and the values are kept in the RAM of the server.
Working of Memcached and its use
There are different ways that can be used for installing Memcached and it depends on
the type of the system and there is a variation in the methods. For the Linux operating system
a simple command apt-get install Memcached can be used and the command varies for the
different version of Linux (Carra and Michiardi 2016). There are different ways for installing
the Memcached and it is needed to be considered after analysing the requirement of the client
server environment.
The above figure shows the architecture of Memcached servers and here the cache is
separated from the application for giving better control to manage the cache from the
separated servers. The server capacity can be increased based on the size of the cache without
having any affect on the application.
Description of Memcrashed
There are many researchers who have reported against Memcached since it is used by
the attacker for powering the DDoS attack and are known as Memcached DDoS attack. Since
Memcached is an opensource it has designed distributing memory caching for speeding the
dynamic web application and alleviating the loads in database. The clients can communicate
with the servers with Memcached using the UDP or TCP port 1211. Thus there is a
possibility that the attacker can abuse the Memcached for the amplification for DDoS attacks
and it can spike up compromising the security of the client server architecture (Luo et al.
2016). The Memcached servers can be involved by the attacker for increasing the
effectiveness of the attack. It can be done simply by sending a request message to the targeted
server on port 1121 and implementing IP address spoofing with the IP address of the victim.
Few bytes are used for sending the request and its response is expected to be thousands times
bigger which results in amplifying the attack and 51000 times than the initial request. A
research is done in uptick in Memcached amplification attacks that ranges from 100mbps to
500gbps. The attacks amplifies is sourced from the port 11211 having packet size of 1428
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Memcrashed Vulnerability from 2018lg...
|13
|2063
|440
Vulnerabilities Related to Memcachedlg...
|17
|3883
|338
Principles of Key/Value Databases and Memcrashed Exploitlg...
|14
|3197
|498
Memcrashed Vulnerability: Exploits, Impact, and Mitigationlg...
|18
|3791
|408
Understanding Memcrashed Vulnerability: Key/Value Databaseslg...
|12
|3440
|424
Report on Memcrashed Vulnerabilitylg...
|15
|4454
|413