Vulnerability of mem-crashed
VerifiedAdded on 2023/04/06
|20
|3898
|455
AI Summary
This report focuses on the vulnerabilities faced due to mem crashed exploitation and provides solutions to prevent it. It discusses the principles of key databases, the description of the mem-crashed exploit, how mem-crash works, the effect of the mem-crashed DDoS attack, and solutions to prevent the exploit. The report also highlights the future experience and effectiveness of mem-crashed.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head: VULNERABILITY OF MEM-CRASHED
Vulnerability of mem-crashed
Name of the student:
Name of the university:
Author note:
Vulnerability of mem-crashed
Name of the student:
Name of the university:
Author note:
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1VULNERABILITY OF MEM-CRASHED
Executive Summary
The following report is prepared to focus on the vulnerabilities faced due to mem crashed
exploitation. Detailed study of mem cached server is done on this report and based on it the
probable attacks that are possible with the mem crashed tool is reflected and the process of
the exploitation is described. In the last part of the report a detailed study of the solutions that
can help in prevention of the mem crashed effect is focused. The future aspects and the
efficient mem crashed vulnerability are thus reflected in the last part of the report.
Executive Summary
The following report is prepared to focus on the vulnerabilities faced due to mem crashed
exploitation. Detailed study of mem cached server is done on this report and based on it the
probable attacks that are possible with the mem crashed tool is reflected and the process of
the exploitation is described. In the last part of the report a detailed study of the solutions that
can help in prevention of the mem crashed effect is focused. The future aspects and the
efficient mem crashed vulnerability are thus reflected in the last part of the report.
2VULNERABILITY OF MEM-CRASHED
Table of Contents
Introduction:...............................................................................................................................3
Discussion:.................................................................................................................................3
Principles of key databases:...................................................................................................3
Example of the use of database:.............................................................................................5
Description of the mem-crashed exploit:...............................................................................6
How does the mem-crash works?..........................................................................................6
Effect of the mem-crashed DDoS attack................................................................................7
Solution of the mem-crashed exploit:....................................................................................8
Future experience and effectiveness of mem-crashed:........................................................11
Conclusion:..............................................................................................................................11
References:...............................................................................................................................13
Table of Contents
Introduction:...............................................................................................................................3
Discussion:.................................................................................................................................3
Principles of key databases:...................................................................................................3
Example of the use of database:.............................................................................................5
Description of the mem-crashed exploit:...............................................................................6
How does the mem-crash works?..........................................................................................6
Effect of the mem-crashed DDoS attack................................................................................7
Solution of the mem-crashed exploit:....................................................................................8
Future experience and effectiveness of mem-crashed:........................................................11
Conclusion:..............................................................................................................................11
References:...............................................................................................................................13
3VULNERABILITY OF MEM-CRASHED
Introduction:
According to Liu et al. (2015), Mem-cached is defined as a high quality performance
object caching system. It is generic in nature but is intended to speed up dynamic web
applications. This makes it usable with any languages like PHP, Perl, Python, Ruby and many
more. Mem-cash stores key value pairs in memory. It is not classified as the database or does
not persist data to disk by default. One of the most typical use of mem-cash is in PHP or My
Sql where data are required to be fetched from databases (Lavasani, Angepat and Chiou
2014). The fetched values are stored in the mem-cache to access them in a faster way. Mem-
cached is a general purpose distributed memory caching system which speeds up the dynamic
database driven websites. The process gets faster by caching data and objects in the RAM to
reduce the number of times the external data sources such as a database API can be read.
Mem-cashed is an open source software licensed. According to Shodan site, there are over
80,000 mem-cached servers present over worldwide which are using a default insecure
configurations in them (Zhang et al. 2014). They do not have any appropriate network access
policies implemented in them. Mem-cached servers are being abused to launch Distributed
Denial of Service attack. More specifically mem-cached servers can be used for reflection
and amplification of Distributed denial of service attack. As things are getting very real and
generally fast the threat of DDoS aatack is gradually increasing for future markets. Still there
are some vulnerabilities that exist with the memcashed attack which needs to be checked for.
Recently there are about more than thousands of memcashed servers that can cause
vulnerability to the mem cached attack. Shadow server foundation founded about 50000
running mem cache servers running on the public internet today. That means there are 50000
reflectors out there that can be pulled together and spoofed into sending traffic against a
single target. The scary part of this type of attack is that due to the raw capability of the
attacking vector, there is actual potential for even larger attacks to come in future. This report
Introduction:
According to Liu et al. (2015), Mem-cached is defined as a high quality performance
object caching system. It is generic in nature but is intended to speed up dynamic web
applications. This makes it usable with any languages like PHP, Perl, Python, Ruby and many
more. Mem-cash stores key value pairs in memory. It is not classified as the database or does
not persist data to disk by default. One of the most typical use of mem-cash is in PHP or My
Sql where data are required to be fetched from databases (Lavasani, Angepat and Chiou
2014). The fetched values are stored in the mem-cache to access them in a faster way. Mem-
cached is a general purpose distributed memory caching system which speeds up the dynamic
database driven websites. The process gets faster by caching data and objects in the RAM to
reduce the number of times the external data sources such as a database API can be read.
Mem-cashed is an open source software licensed. According to Shodan site, there are over
80,000 mem-cached servers present over worldwide which are using a default insecure
configurations in them (Zhang et al. 2014). They do not have any appropriate network access
policies implemented in them. Mem-cached servers are being abused to launch Distributed
Denial of Service attack. More specifically mem-cached servers can be used for reflection
and amplification of Distributed denial of service attack. As things are getting very real and
generally fast the threat of DDoS aatack is gradually increasing for future markets. Still there
are some vulnerabilities that exist with the memcashed attack which needs to be checked for.
Recently there are about more than thousands of memcashed servers that can cause
vulnerability to the mem cached attack. Shadow server foundation founded about 50000
running mem cache servers running on the public internet today. That means there are 50000
reflectors out there that can be pulled together and spoofed into sending traffic against a
single target. The scary part of this type of attack is that due to the raw capability of the
attacking vector, there is actual potential for even larger attacks to come in future. This report
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
4VULNERABILITY OF MEM-CRASHED
focusses on the critically vulnerability that is faced in Mem-cached that is the mem-crashed
and based on it necessary solutions are recommended in the report.
Discussion:
Principles of key databases:
However, a database system is an assortment of data sets to store them for a long period of
time. A database system provides an interface between the stored information and retrieved
data.
A good and efficient database includes the following characteristics:
1. Concurrency: Concurrency of a database is measured when multiple users are able to use
the database safely and able to read and edit the contents of the entries at the same time.
2. Scalability: A database is said to be scalable when large tables can be read without facing
any issues.
3. Reliability: The reliability feature exists with the relational databases where it enforces the
concept of tidy data.
The term database is often related to the relational database systems where data are allowed
to manipulate with the help of structured query language (Bugiotti et al. 2014). Database
management provides users to comprehensively use the data present in the database system.
A key value database is defined as a database that stores data associated with array or hash
tables. A key value database works relatively better that the relational database system. It
consists of identifiers that are stored as key values (Lu, Shankar and Panda 2017). The values
focusses on the critically vulnerability that is faced in Mem-cached that is the mem-crashed
and based on it necessary solutions are recommended in the report.
Discussion:
Principles of key databases:
However, a database system is an assortment of data sets to store them for a long period of
time. A database system provides an interface between the stored information and retrieved
data.
A good and efficient database includes the following characteristics:
1. Concurrency: Concurrency of a database is measured when multiple users are able to use
the database safely and able to read and edit the contents of the entries at the same time.
2. Scalability: A database is said to be scalable when large tables can be read without facing
any issues.
3. Reliability: The reliability feature exists with the relational databases where it enforces the
concept of tidy data.
The term database is often related to the relational database systems where data are allowed
to manipulate with the help of structured query language (Bugiotti et al. 2014). Database
management provides users to comprehensively use the data present in the database system.
A key value database is defined as a database that stores data associated with array or hash
tables. A key value database works relatively better that the relational database system. It
consists of identifiers that are stored as key values (Lu, Shankar and Panda 2017). The values
5VULNERABILITY OF MEM-CRASHED
related to arrays, strings or any data structure, can be sorted out with the help of this
identifiers. As for example, Windows Explorer as well as Apple Finder are key value
database systems. A good key value data must include scalable data, cache management,
Block chain implementation and multimedia storage.
The principles of key-valued data base system include-
1. Simplicity: Key-value database system is quite simple to use as it contains the basic data
structure in it. It can store value including arrays, strings, integers followed by a key that
helps in referencing the value.
2. Flexibility: This principle of Document database system remains similar to that of the
Key-Data base system where it contains a set of key-value pairs inside a document.
3. Comparison features: Key-value database system stores the set of key-value pairs
together within a single name space in a relational schema. Key-value pairs having similar
IDs consists of dissimilar type of values in them.
Example of the use of database:
Key-value database can be applied to many cases such as:
It can be used it general computers where it can be used to store information like-
Session information: session information includes interchange of information between
communicating devices such as HTTP sessions or login sessions.
Profile details of users: This data sets includes information related to passwords and number
of access to the profile of a particular user.
related to arrays, strings or any data structure, can be sorted out with the help of this
identifiers. As for example, Windows Explorer as well as Apple Finder are key value
database systems. A good key value data must include scalable data, cache management,
Block chain implementation and multimedia storage.
The principles of key-valued data base system include-
1. Simplicity: Key-value database system is quite simple to use as it contains the basic data
structure in it. It can store value including arrays, strings, integers followed by a key that
helps in referencing the value.
2. Flexibility: This principle of Document database system remains similar to that of the
Key-Data base system where it contains a set of key-value pairs inside a document.
3. Comparison features: Key-value database system stores the set of key-value pairs
together within a single name space in a relational schema. Key-value pairs having similar
IDs consists of dissimilar type of values in them.
Example of the use of database:
Key-value database can be applied to many cases such as:
It can be used it general computers where it can be used to store information like-
Session information: session information includes interchange of information between
communicating devices such as HTTP sessions or login sessions.
Profile details of users: This data sets includes information related to passwords and number
of access to the profile of a particular user.
6VULNERABILITY OF MEM-CRASHED
Comments related to blog or any article that is published: Storing information related to
comments dine in different blog articles.
Message status: Database are designed to store messages and their status related to chat
query.
Emails: It also allows storing of emails in the database system.
Another example to where key-value database systems can be used is in the maintenance of
data in the networking areas. The database systems store values related to-
1. Telecom directories
2. Forwarding tables of Internet Protocols
3. DE duplicated data
Description of the mem-crashed exploit:
Mem-crashed is a tool that is used to exploit the Distributed Denial of Service of the
Mem-cache. The entire tool is written in Python which allows to transfer the UDP packets to
a list of servers of the Mem-cached obtained from the Shodan site.
Comments related to blog or any article that is published: Storing information related to
comments dine in different blog articles.
Message status: Database are designed to store messages and their status related to chat
query.
Emails: It also allows storing of emails in the database system.
Another example to where key-value database systems can be used is in the maintenance of
data in the networking areas. The database systems store values related to-
1. Telecom directories
2. Forwarding tables of Internet Protocols
3. DE duplicated data
Description of the mem-crashed exploit:
Mem-crashed is a tool that is used to exploit the Distributed Denial of Service of the
Mem-cache. The entire tool is written in Python which allows to transfer the UDP packets to
a list of servers of the Mem-cached obtained from the Shodan site.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
7VULNERABILITY OF MEM-CRASHED
How does the mem-crash works?
According to Wang and Chen (2017) mem-crash tool works by exploiting the
program of the mem-cache. The mem-cache is generally used by social network sites in the
storage system of the key-values as small chunks of arbitrary data sets. The mem-cache is
used to handle huge data to cache the server session of the websites. This helps in speeding
up the website performance and this is where the tool starts its exploitation.
How does the mem-crash works?
According to Wang and Chen (2017) mem-crash tool works by exploiting the
program of the mem-cache. The mem-cache is generally used by social network sites in the
storage system of the key-values as small chunks of arbitrary data sets. The mem-cache is
used to handle huge data to cache the server session of the websites. This helps in speeding
up the website performance and this is where the tool starts its exploitation.
8VULNERABILITY OF MEM-CRASHED
The exploit of mem-crashed was first discovered in the year 2018. The exploit
executes powerful Distributed Denial of Service attack in amplification. According to report,
the exploitation is reported to be noticeable in IoT devices with low bandwidth (Duro et al.
2016). The mem-cached servers remain connected to higher bandwidth networks and as a
result of increased amplification factor, the delivered data slides to crippling effect. As per
Ghiëtte and Doerr (2018), exploited mem-crashed servers are vulnerable to the bluffed UDP
packets that are sent to the port 11211. The misconfigured servers cause the denial of service
attack by the method of reflection and amplification. Whenever a get requests of the mem-
cached is received by the server, the requested values get collected in the form of a response
from the memory. The value then gets transferred over the internet in the form of stream of
uninterrupted multiple UDP packets. Each of the UDP packets that is sent, measures with a
length of up to 1400 bytes. The tool does not stop its exploitation over here only. There is
more to go. The attacker using the mem-crashed tool injects records in the open servers of the
mem-cached. As a result, the mem-cached uses a stored value up to the limit of 1 MB per
storage. As there is no authentication factor present with the mem-cached servers hence
attackers can demand a multiple number of duplicate keys with a single request. As result of
this, attackers can load huge valued data into the data base store and use these data in their
further attacks. According to report, the web performance of the Cloud Fare company found
to trigger 15 bytes of request responding to about 134 KB. This is known as the amplification
The exploit of mem-crashed was first discovered in the year 2018. The exploit
executes powerful Distributed Denial of Service attack in amplification. According to report,
the exploitation is reported to be noticeable in IoT devices with low bandwidth (Duro et al.
2016). The mem-cached servers remain connected to higher bandwidth networks and as a
result of increased amplification factor, the delivered data slides to crippling effect. As per
Ghiëtte and Doerr (2018), exploited mem-crashed servers are vulnerable to the bluffed UDP
packets that are sent to the port 11211. The misconfigured servers cause the denial of service
attack by the method of reflection and amplification. Whenever a get requests of the mem-
cached is received by the server, the requested values get collected in the form of a response
from the memory. The value then gets transferred over the internet in the form of stream of
uninterrupted multiple UDP packets. Each of the UDP packets that is sent, measures with a
length of up to 1400 bytes. The tool does not stop its exploitation over here only. There is
more to go. The attacker using the mem-crashed tool injects records in the open servers of the
mem-cached. As a result, the mem-cached uses a stored value up to the limit of 1 MB per
storage. As there is no authentication factor present with the mem-cached servers hence
attackers can demand a multiple number of duplicate keys with a single request. As result of
this, attackers can load huge valued data into the data base store and use these data in their
further attacks. According to report, the web performance of the Cloud Fare company found
to trigger 15 bytes of request responding to about 134 KB. This is known as the amplification
9VULNERABILITY OF MEM-CRASHED
factor. The UDP reflection initiates the amplification attack by taking advantage of UDP
traffic as both the senders and the recipients do not need to commit to the network bi-
directionally. This allows weaponing about thousands of services in the internet by allowing
request along with a spoofed address source. This spoofed address is the intended target for
those attacks which the services flood with bunch of responses to those requests that were
never made.
A few number of Proof of Concept codes have been reported that were exploited. One
of the code makes use of the Shodan search engine API in order to obtain a list of fresh
vulnerable mem-cached servers every time. As reported, two proof of concept has been found
which exploited the codes on the mem-cached causing amplification attack initiating the
Distributed Denial of Service Attack. One of the proof of concept that was found was written
in the Python script which relies on the Shodan search engine to search for the mem-cached
servers that can be caused vulnerability. The second Proof of Concept that was on the
rampage on Pastebin. The Proof of Concept was written in C language with an overall
compiled list of about more than 17000 vulnerable servers of the mem-cached. The scripts
launch the Distributed denial of service attack using this list and aims towards specified
targets.
factor. The UDP reflection initiates the amplification attack by taking advantage of UDP
traffic as both the senders and the recipients do not need to commit to the network bi-
directionally. This allows weaponing about thousands of services in the internet by allowing
request along with a spoofed address source. This spoofed address is the intended target for
those attacks which the services flood with bunch of responses to those requests that were
never made.
A few number of Proof of Concept codes have been reported that were exploited. One
of the code makes use of the Shodan search engine API in order to obtain a list of fresh
vulnerable mem-cached servers every time. As reported, two proof of concept has been found
which exploited the codes on the mem-cached causing amplification attack initiating the
Distributed Denial of Service Attack. One of the proof of concept that was found was written
in the Python script which relies on the Shodan search engine to search for the mem-cached
servers that can be caused vulnerability. The second Proof of Concept that was on the
rampage on Pastebin. The Proof of Concept was written in C language with an overall
compiled list of about more than 17000 vulnerable servers of the mem-cached. The scripts
launch the Distributed denial of service attack using this list and aims towards specified
targets.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
10VULNERABILITY OF MEM-CRASHED
Effect of the mem-crashed DDoS attack
By the year 2018, the Device denial of service attack has doubled effectively after the
attackers discovered a new method of attack by means of amplification with the intention to
multiply the attacked resources. The attacking vector is known as the mem-cached UDP
reflection which makes use of resources that are available on the internet where no botnet is
required. On February 28, 2018 the largest Distributed Denial of Service attack was reported
which targeted the customers of Akamai with a mem-cached reflection traffic ranging up to
1.3 terabits per second (Blott et al. 2015). In 2018, in the first week of February itself, over
19 cases of mem-cached reflection attacking the Distributed denial of service was noted
affecting over many customers across many industries. One of the most critical victim of
memcrashed attack is the GitHub. On an unprotected server over the internet, mem-cached is
delivered with the data in it with the association of the enabled UDP communication protocol
including a spoofed IP address. Researchers estimated that more than 50000 of mem-crashed
exploits on mem-cached servers are recently vulnerable to being under the mem-cached
reflection exploitation (Bhat et al. 2015).
Effect of the mem-crashed DDoS attack
By the year 2018, the Device denial of service attack has doubled effectively after the
attackers discovered a new method of attack by means of amplification with the intention to
multiply the attacked resources. The attacking vector is known as the mem-cached UDP
reflection which makes use of resources that are available on the internet where no botnet is
required. On February 28, 2018 the largest Distributed Denial of Service attack was reported
which targeted the customers of Akamai with a mem-cached reflection traffic ranging up to
1.3 terabits per second (Blott et al. 2015). In 2018, in the first week of February itself, over
19 cases of mem-cached reflection attacking the Distributed denial of service was noted
affecting over many customers across many industries. One of the most critical victim of
memcrashed attack is the GitHub. On an unprotected server over the internet, mem-cached is
delivered with the data in it with the association of the enabled UDP communication protocol
including a spoofed IP address. Researchers estimated that more than 50000 of mem-crashed
exploits on mem-cached servers are recently vulnerable to being under the mem-cached
reflection exploitation (Bhat et al. 2015).
11VULNERABILITY OF MEM-CRASHED
Solution of the mem-crashed exploit:
According to Duro et al. (2014) with the continuous popularity of the Distributed
denial of service vectors which basically relied on the remote administration system to
reconfigure, patch, or in order to remove the vulnerability of the servers, immediate results
will be needed to be yield. As reported an increased number of Mem-cached Distributed
denial of service attack will be experienced in future mem-cached servers. As with the mem-
cached Distributed denial of service attack, the attacking method do not need any botnets or
any malware to infect. The mem-crashed exploit tool enables unsophisticated attackers to
launch an attack in the mem-cached servers (Karras, Blott and Vissers 2014). In future more
number of mem-cached attacks will be visible causing Device denial of service attack of
Solution of the mem-crashed exploit:
According to Duro et al. (2014) with the continuous popularity of the Distributed
denial of service vectors which basically relied on the remote administration system to
reconfigure, patch, or in order to remove the vulnerability of the servers, immediate results
will be needed to be yield. As reported an increased number of Mem-cached Distributed
denial of service attack will be experienced in future mem-cached servers. As with the mem-
cached Distributed denial of service attack, the attacking method do not need any botnets or
any malware to infect. The mem-crashed exploit tool enables unsophisticated attackers to
launch an attack in the mem-cached servers (Karras, Blott and Vissers 2014). In future more
number of mem-cached attacks will be visible causing Device denial of service attack of
12VULNERABILITY OF MEM-CRASHED
almost all sizes. So this attack which may even lead to ransomware vulnerability needs to be
prevented with the help of undertaking certain solutions.
Some of the easiest method to prevent mem-crashed servers from such exploits is by
firewalling, blocking the UDP on the port source of 11211. The running mem-cached server
needs to be resolved in order to stop this mem-crashed exploitation. This can be done in
several steps as follows:
1. Firstly, the UDP supporting the memcached server needs to be disabled by updating the
server to 1.5.6.
2. Installing a firewall with the mem-cached server which forms a protective wall between
the internet sources. This done because according to detailed study report it is recommended
that mem cached servers should not be exposed to the internet directly.
3. Once this step is done, the mem-cached server is prevented from becoming a vector for the
attackers for the amplified device denial of service attack.
With the wide spreading news of the mem crashed attack a number of different
solutions are recommended by various researchers. One of the mem crashed exploitation
mitigation technique that is described by a researcher in order to prevent the mem-cached
server is described as follows. By using the kill switch which resulted to be extremely
effective for the prevention of the attack (Sanz 2018). Another important method that can be
used effectively invalidating the cache on the server containing malicious payload from the
attack (Ashraf and Latif 2014). Apart from updating the servers to their latest version and by
using the flush all method as an important technique that is recommended by researchers for
users facing this attack needs to take the following actions:
1. The user needs to verify the external accessibility of the server and needs to ensure that
there are limited accessibility present within the server publicly.
almost all sizes. So this attack which may even lead to ransomware vulnerability needs to be
prevented with the help of undertaking certain solutions.
Some of the easiest method to prevent mem-crashed servers from such exploits is by
firewalling, blocking the UDP on the port source of 11211. The running mem-cached server
needs to be resolved in order to stop this mem-crashed exploitation. This can be done in
several steps as follows:
1. Firstly, the UDP supporting the memcached server needs to be disabled by updating the
server to 1.5.6.
2. Installing a firewall with the mem-cached server which forms a protective wall between
the internet sources. This done because according to detailed study report it is recommended
that mem cached servers should not be exposed to the internet directly.
3. Once this step is done, the mem-cached server is prevented from becoming a vector for the
attackers for the amplified device denial of service attack.
With the wide spreading news of the mem crashed attack a number of different
solutions are recommended by various researchers. One of the mem crashed exploitation
mitigation technique that is described by a researcher in order to prevent the mem-cached
server is described as follows. By using the kill switch which resulted to be extremely
effective for the prevention of the attack (Sanz 2018). Another important method that can be
used effectively invalidating the cache on the server containing malicious payload from the
attack (Ashraf and Latif 2014). Apart from updating the servers to their latest version and by
using the flush all method as an important technique that is recommended by researchers for
users facing this attack needs to take the following actions:
1. The user needs to verify the external accessibility of the server and needs to ensure that
there are limited accessibility present within the server publicly.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
13VULNERABILITY OF MEM-CRASHED
2. User also needs to ensure the presence of more than one upstream providers so that they
can be used in case if one is initially blocked.
3. It is important to ensure that anti spoofing tools are implemented within the network
providers. This will allow users to identify and prevent the use of spoofed packets in the
Distributed denial of service reflection attack.
Distributed denial of service attack are gradually increasing in a rapid rate and more frequent
attacks will be experienced in future. Other services that are reported to be used during the
attack of the Akamai includes use of prolexic network, using fast DNS infrastructure, using
well prepared cloud oriented Distributed denial of service mitigation plan, and implementing
Distributed denial of service resilience in the Content Delivery Network.
1. Using Prolexic Network: Prolexic network is among the most effective tool which helps
in scrubbing the mem-cached servers in the world (Fukuda et al. 2014). The network consists
of about seven global scrubbing centers and a team of about 150 security professionals. Each
scrubbing center consists multiple connections of tier 1 and a high performing traffic
(Gillman et al. 2015).
2. User also needs to ensure the presence of more than one upstream providers so that they
can be used in case if one is initially blocked.
3. It is important to ensure that anti spoofing tools are implemented within the network
providers. This will allow users to identify and prevent the use of spoofed packets in the
Distributed denial of service reflection attack.
Distributed denial of service attack are gradually increasing in a rapid rate and more frequent
attacks will be experienced in future. Other services that are reported to be used during the
attack of the Akamai includes use of prolexic network, using fast DNS infrastructure, using
well prepared cloud oriented Distributed denial of service mitigation plan, and implementing
Distributed denial of service resilience in the Content Delivery Network.
1. Using Prolexic Network: Prolexic network is among the most effective tool which helps
in scrubbing the mem-cached servers in the world (Fukuda et al. 2014). The network consists
of about seven global scrubbing centers and a team of about 150 security professionals. Each
scrubbing center consists multiple connections of tier 1 and a high performing traffic
(Gillman et al. 2015).
14VULNERABILITY OF MEM-CRASHED
2. Using fast resilience DNS infrastructure: The fast DNS infrastructure that is used during
the Akamai attack provided high speed availability (van et al. 2016). The servers there are
distributed to a wide range of segments over the cloud environment. As a result, the impact
was much less that affected the customers.
3. Implementing Device denial of service resilience in the content delivery network: By
implementing Distributed denial of service resilience in the content delivery network can help
in overcoming adverse conditions of Distributed denial of service attacks (Chen et al. 2016).
The Content delivery network gets adjusted depending on the stats of individual servers and
automatically routes the traffic around congestion. Implementing this, rate control feature and
controlling the blacklists is also provided for each servers.
Apart from all the measures there are still several best practices that are recommended for
preventing the Distributed denial of service attack in the mem-cache server. This attacks can
be blocked by using dedicated intelligent Distributed denial of service. Mitigation system like
the Arbor threat management system, Arbor availability protection system and Arbor cloud
managed Distributed denial of service attack protection service.
2. Using fast resilience DNS infrastructure: The fast DNS infrastructure that is used during
the Akamai attack provided high speed availability (van et al. 2016). The servers there are
distributed to a wide range of segments over the cloud environment. As a result, the impact
was much less that affected the customers.
3. Implementing Device denial of service resilience in the content delivery network: By
implementing Distributed denial of service resilience in the content delivery network can help
in overcoming adverse conditions of Distributed denial of service attacks (Chen et al. 2016).
The Content delivery network gets adjusted depending on the stats of individual servers and
automatically routes the traffic around congestion. Implementing this, rate control feature and
controlling the blacklists is also provided for each servers.
Apart from all the measures there are still several best practices that are recommended for
preventing the Distributed denial of service attack in the mem-cache server. This attacks can
be blocked by using dedicated intelligent Distributed denial of service. Mitigation system like
the Arbor threat management system, Arbor availability protection system and Arbor cloud
managed Distributed denial of service attack protection service.
15VULNERABILITY OF MEM-CRASHED
Future experience and effectiveness of mem-crashed:
With the increased risk of future mem-crashed attacks utilizing the mem cached
leading to Distributed denial of service attacks security measures need to be taken for future
use. In future, they are most likely to attack the online applications (Fleck et al. 2018). For
this the technicians will be using a simple configuration change in future which will be
processed by virtual servers. The future Distributed denial of service attacks are getting much
smarter and bigger with a diversified nature. With the innovation of new techniques, the
attack is also taking a wide platform in the mem-cache servers. In future this attack will be
taking off majority of the websites offline (Van Trung et al. 2015). Affecting customer
service and normal business functions. Future mem crashed threats are more sophisticated
targeting micro contents (Li et al. 2014). Future attacks are getting more complex and longer.
One of the most notable evolution that is coming up in future is in the growth of volumetric
attacks.
Conclusion:
Mem cached is a server that is used by many small and medium sized websites and
ISP’s that provides services through web content. Each and every users gets indirectly in
contact with the mem cache services but as the process is not transparent, user do not get
aware about it. It is impossible to guess how fast attackers can get hold of the mem cache
servers. In 2018, the rumor of different mem cached vulnerability started circulating based on
the recent attacks. Multiple cloud service providers and internet vice networks has taken steps
against this attack to prevent their networks from being the target of mem cached traffic.
Linux defaults have also been updated in order to prevent the exposure of different services
to the internet across the globe. All the recent attacks that are reported compounded all the
possible vulnerabilities in the future and the need to change the configuration as a result. This
attacks serve as a gentle reminder to the security experts to take steps and implement
Future experience and effectiveness of mem-crashed:
With the increased risk of future mem-crashed attacks utilizing the mem cached
leading to Distributed denial of service attacks security measures need to be taken for future
use. In future, they are most likely to attack the online applications (Fleck et al. 2018). For
this the technicians will be using a simple configuration change in future which will be
processed by virtual servers. The future Distributed denial of service attacks are getting much
smarter and bigger with a diversified nature. With the innovation of new techniques, the
attack is also taking a wide platform in the mem-cache servers. In future this attack will be
taking off majority of the websites offline (Van Trung et al. 2015). Affecting customer
service and normal business functions. Future mem crashed threats are more sophisticated
targeting micro contents (Li et al. 2014). Future attacks are getting more complex and longer.
One of the most notable evolution that is coming up in future is in the growth of volumetric
attacks.
Conclusion:
Mem cached is a server that is used by many small and medium sized websites and
ISP’s that provides services through web content. Each and every users gets indirectly in
contact with the mem cache services but as the process is not transparent, user do not get
aware about it. It is impossible to guess how fast attackers can get hold of the mem cache
servers. In 2018, the rumor of different mem cached vulnerability started circulating based on
the recent attacks. Multiple cloud service providers and internet vice networks has taken steps
against this attack to prevent their networks from being the target of mem cached traffic.
Linux defaults have also been updated in order to prevent the exposure of different services
to the internet across the globe. All the recent attacks that are reported compounded all the
possible vulnerabilities in the future and the need to change the configuration as a result. This
attacks serve as a gentle reminder to the security experts to take steps and implement
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
16VULNERABILITY OF MEM-CRASHED
necessary measures against prevention of this attacks. In future about 93000 mem cached
servers will be affected with an amplification factor of about 51200. Other technologies and
protocols can also be exploited for Distributed denial of service attacks including TFTP,
CLDP, SNMP, LDAP, Bit torrent and many more (Tapsell et al. 2018). So it is required to
take necessary security measures against the future vulnerabilities of mem crash exploitation
and mmost importantly it is required to implement a Distributed denial of service protection
vendor that can with stand a 1.3 plus terabit per second traffic attack and familiarize with the
SLA from that vendor to make sure they work efficiently when come under attack.
necessary measures against prevention of this attacks. In future about 93000 mem cached
servers will be affected with an amplification factor of about 51200. Other technologies and
protocols can also be exploited for Distributed denial of service attacks including TFTP,
CLDP, SNMP, LDAP, Bit torrent and many more (Tapsell et al. 2018). So it is required to
take necessary security measures against the future vulnerabilities of mem crash exploitation
and mmost importantly it is required to implement a Distributed denial of service protection
vendor that can with stand a 1.3 plus terabit per second traffic attack and familiarize with the
SLA from that vendor to make sure they work efficiently when come under attack.
17VULNERABILITY OF MEM-CRASHED
References:
Ashraf, J. and Latif, S., 2014, November. Handling intrusion and DDoS attacks in Software
Defined Networks using machine learning techniques. In 2014 National Software
Engineering Conference (pp. 55-60). IEEE.
Bhat, A., Islam, N.S., Lu, X., Wasi-ur-Rahman, M., Shankar, D. and Panda, D.K.D., 2015,
August. A plugin-based approach to exploit rdma benefits for apache and enterprise hdfs.
In BPOE (pp. 119-132). Springer, Cham.
Blott, M., Liu, L., Karras, K. and Vissers, K., 2015. Scaling out to a single-node 80Gbps
memcached server with 40terabytes of memory. In 7th {USENIX} Workshop on Hot Topics
in Storage and File Systems (HotStorage 15).
Bugiotti, F., Cabibbo, L., Atzeni, P. and Torlone, R., 2014, October. Database design for
NoSQL systems. In International Conference on Conceptual Modeling(pp. 223-231).
Springer, Cham.
Chen, J., Zheng, X., Duan, H.X., Liang, J., Jiang, J., Li, K., Wan, T. and Paxson, V., 2016.
Forwarding-Loop Attacks in Content Delivery Networks. In NDSS.
Duro, F.R., Marozzo, F., Blas, J.G., Talia, D. and Trunfio, P., 2016. Exploiting in-memory
storage for improving workflow executions in cloud platforms. The Journal of
Supercomputing, 72(11), pp.4069-4088.
Duro, R., García Blas, J., Isaila, F.D., Carretero Pérez, J., Wozniak, J.M. and Ross, R., 2014.
Exploiting data locality in Swift/T workflows using Hercules.
Fleck, D., Stavrou, A., Kesidis, G., Nasiriani, N., Shan, Y. and Konstantopoulos, T., 2018,
December. Moving-target Defense against Botnet Reconnaissance and an Adversarial
References:
Ashraf, J. and Latif, S., 2014, November. Handling intrusion and DDoS attacks in Software
Defined Networks using machine learning techniques. In 2014 National Software
Engineering Conference (pp. 55-60). IEEE.
Bhat, A., Islam, N.S., Lu, X., Wasi-ur-Rahman, M., Shankar, D. and Panda, D.K.D., 2015,
August. A plugin-based approach to exploit rdma benefits for apache and enterprise hdfs.
In BPOE (pp. 119-132). Springer, Cham.
Blott, M., Liu, L., Karras, K. and Vissers, K., 2015. Scaling out to a single-node 80Gbps
memcached server with 40terabytes of memory. In 7th {USENIX} Workshop on Hot Topics
in Storage and File Systems (HotStorage 15).
Bugiotti, F., Cabibbo, L., Atzeni, P. and Torlone, R., 2014, October. Database design for
NoSQL systems. In International Conference on Conceptual Modeling(pp. 223-231).
Springer, Cham.
Chen, J., Zheng, X., Duan, H.X., Liang, J., Jiang, J., Li, K., Wan, T. and Paxson, V., 2016.
Forwarding-Loop Attacks in Content Delivery Networks. In NDSS.
Duro, F.R., Marozzo, F., Blas, J.G., Talia, D. and Trunfio, P., 2016. Exploiting in-memory
storage for improving workflow executions in cloud platforms. The Journal of
Supercomputing, 72(11), pp.4069-4088.
Duro, R., García Blas, J., Isaila, F.D., Carretero Pérez, J., Wozniak, J.M. and Ross, R., 2014.
Exploiting data locality in Swift/T workflows using Hercules.
Fleck, D., Stavrou, A., Kesidis, G., Nasiriani, N., Shan, Y. and Konstantopoulos, T., 2018,
December. Moving-target Defense against Botnet Reconnaissance and an Adversarial
18VULNERABILITY OF MEM-CRASHED
Coupon-Collection Model. In 2018 IEEE Conference on Dependable and Secure Computing
(DSC) (pp. 1-8). IEEE.
Fukuda, E.S., Inoue, H., Takenaka, T., Kim, D., Sadahisa, T., Asai, T. and Motomura, M.,
2014, September. Caching memcached at reconfigurable network interface. In 2014 24th
International Conference on Field Programmable Logic and Applications (FPL) (pp. 1-6).
IEEE.
Ghiëtte, V. and Doerr, C., 2018, August. How Media Reports Trigger Copycats: An Analysis
of the Brewing of the Largest Packet Storm to Date. In Proceedings of the 2018 Workshop on
Traffic Measurements for Cybersecurity (pp. 8-13). ACM.
Gillman, D., Lin, Y., Maggs, B. and Sitaraman, R.K., 2015. Protecting websites from attack
with secure delivery networks. Computer, 48(4), pp.26-34.
Karras, K., Blott, M. and Vissers, K., 2014. High-level synthesis case study: implementation
of a memcached server. arXiv preprint arXiv:1408.5387.
Lavasani, M., Angepat, H. and Chiou, D., 2014. An fpga-based in-line accelerator for
memcached. IEEE Computer Architecture Letters, 13(2), pp.57-60.
Li, M., Andersen, D.G., Park, J.W., Smola, A.J., Ahmed, A., Josifovski, V., Long, J., Shekita,
E.J. and Su, B.Y., 2014. Scaling distributed machine learning with the parameter server.
In 11th {USENIX} Symposium on Operating Systems Design and Implementation ({OSDI}
14) (pp. 583-598).
Liu, C., Ouyang, K., Chu, X., Liu, H. and Leung, Y.W., 2015, August. R-memcached: A
reliable in-memory cache system for big key-value stores. In International Conference on
Big Data Computing and Communications (pp. 243-256). Springer, Cham.
Coupon-Collection Model. In 2018 IEEE Conference on Dependable and Secure Computing
(DSC) (pp. 1-8). IEEE.
Fukuda, E.S., Inoue, H., Takenaka, T., Kim, D., Sadahisa, T., Asai, T. and Motomura, M.,
2014, September. Caching memcached at reconfigurable network interface. In 2014 24th
International Conference on Field Programmable Logic and Applications (FPL) (pp. 1-6).
IEEE.
Ghiëtte, V. and Doerr, C., 2018, August. How Media Reports Trigger Copycats: An Analysis
of the Brewing of the Largest Packet Storm to Date. In Proceedings of the 2018 Workshop on
Traffic Measurements for Cybersecurity (pp. 8-13). ACM.
Gillman, D., Lin, Y., Maggs, B. and Sitaraman, R.K., 2015. Protecting websites from attack
with secure delivery networks. Computer, 48(4), pp.26-34.
Karras, K., Blott, M. and Vissers, K., 2014. High-level synthesis case study: implementation
of a memcached server. arXiv preprint arXiv:1408.5387.
Lavasani, M., Angepat, H. and Chiou, D., 2014. An fpga-based in-line accelerator for
memcached. IEEE Computer Architecture Letters, 13(2), pp.57-60.
Li, M., Andersen, D.G., Park, J.W., Smola, A.J., Ahmed, A., Josifovski, V., Long, J., Shekita,
E.J. and Su, B.Y., 2014. Scaling distributed machine learning with the parameter server.
In 11th {USENIX} Symposium on Operating Systems Design and Implementation ({OSDI}
14) (pp. 583-598).
Liu, C., Ouyang, K., Chu, X., Liu, H. and Leung, Y.W., 2015, August. R-memcached: A
reliable in-memory cache system for big key-value stores. In International Conference on
Big Data Computing and Communications (pp. 243-256). Springer, Cham.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
19VULNERABILITY OF MEM-CRASHED
Lu, X., Shankar, D. and Panda, D.K., 2017. Scalable and Distributed Key-Value Store-based
Data Management Using RDMA-Memcached. IEEE Data Eng. Bull., 40(1), pp.50-61.
Sanz, I.J., 2018. GRAPH-BASED FEATURE ENRICHMENT FOR ONLINE INTRUSION
DETECTION IN VIRTUAL NETWORKS (Doctoral dissertation, Universidade Federal do Rio
de Janeiro).
Tapsell, J., Akram, R.N. and Markantonakis, K., 2018. An evaluation of the security of the
Bitcoin Peer-to-Peer Network. arXiv preprint arXiv:1805.10259.
van Rijswijk-Deij, R., Jonker, M., Sperotto, A. and Pras, A., 2016. A High-Performance,
Scalable Infrastructure for Large-Scale Active DNS Measurements. IEEE Journal on
Selected Areas in Communications, 34(6), pp.1877-1888.
Van Trung, P., Huong, T.T., Van Tuyen, D., Duc, D.M., Thanh, N.H. and Marshall, A., 2015,
October. A multi-criteria-based DDoS-attack prevention solution using software defined
networking. In 2015 International Conference on Advanced Technologies for
Communications (ATC) (pp. 308-313). IEEE.
Wang, Z. and Chen, S., 2017, May. Exploiting common patterns for tree-structured data.
In Proceedings of the 2017 ACM International Conference on Management of Data (pp. 883-
896). ACM.
Zhang, W., Hwang, J., Wood, T., Ramakrishnan, K.K. and Huang, H., 2014. Load balancing
of heterogeneous workloads in memcached clusters. In 9th International Workshop on
Feedback Computing (Feedback Computing 14).
Lu, X., Shankar, D. and Panda, D.K., 2017. Scalable and Distributed Key-Value Store-based
Data Management Using RDMA-Memcached. IEEE Data Eng. Bull., 40(1), pp.50-61.
Sanz, I.J., 2018. GRAPH-BASED FEATURE ENRICHMENT FOR ONLINE INTRUSION
DETECTION IN VIRTUAL NETWORKS (Doctoral dissertation, Universidade Federal do Rio
de Janeiro).
Tapsell, J., Akram, R.N. and Markantonakis, K., 2018. An evaluation of the security of the
Bitcoin Peer-to-Peer Network. arXiv preprint arXiv:1805.10259.
van Rijswijk-Deij, R., Jonker, M., Sperotto, A. and Pras, A., 2016. A High-Performance,
Scalable Infrastructure for Large-Scale Active DNS Measurements. IEEE Journal on
Selected Areas in Communications, 34(6), pp.1877-1888.
Van Trung, P., Huong, T.T., Van Tuyen, D., Duc, D.M., Thanh, N.H. and Marshall, A., 2015,
October. A multi-criteria-based DDoS-attack prevention solution using software defined
networking. In 2015 International Conference on Advanced Technologies for
Communications (ATC) (pp. 308-313). IEEE.
Wang, Z. and Chen, S., 2017, May. Exploiting common patterns for tree-structured data.
In Proceedings of the 2017 ACM International Conference on Management of Data (pp. 883-
896). ACM.
Zhang, W., Hwang, J., Wood, T., Ramakrishnan, K.K. and Huang, H., 2014. Load balancing
of heterogeneous workloads in memcached clusters. In 9th International Workshop on
Feedback Computing (Feedback Computing 14).
1 out of 20
Related Documents
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.