Memcached DDoS Attack: A Deep Dive into Computer Security Threats

Verified

Added on 2023/04/22

AI Summary

This report provides an overview of the Memcached DDoS attack, a powerful cyber weapon that exploits vulnerabilities in Memcached servers to amplify traffic and disrupt systems. The attack involves attackers spoofing IP addresses, sending large data packets to exposed Memcached servers, and overwhelming the victim's system with massive amounts of data. The report discusses the effectiveness and ease of execution of the attack, as well as preventive measures such as network monitoring, Adaptive Defense 360 implementation, and Memcached server deactivation. The report references empirical evaluations and mitigation strategies to provide a comprehensive understanding of the Memcached DDoS attack and its impact on computer security.

Running head: COMPUTER SECURITY
MEMCACHED DDOS ATTACK - COMPUTER SECURITY
Name of the Student
Name of the University
Author Note

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1COMPUTER SECURITY
Memcached DDoS attack
Memcached is the latest DDoS attack faced by the cyber world. This has become one of the
most powerful weapon used for performing cybercrimes. Memcached is used to reduce the database
load speeds up web application. This is in the form of memory object caching system. Moreover
100,000 Memcached servers are exposed without proper authentication (Bhuyan, Bhattacharyya &
Kalita, 2015). At the mid of March these attack took place and this was the most powerful attack in
the history with around 1.35 terabytes of traffic hitting the GitHub that is the collaborative platform.
After the configuration of Mmeacached server, the criminals took the advantage of the vulnerability
and started launching several attacks by making this server as base server.
Way attack conducted
The Memcached exposed without protection allowed several criminals to get access sever the
servers and using them to deliver large data sets. The attackers used this servers as base to attack on
target. They spoofed the IP address of victims after this the attackers sent large data packet towards
the Memcached servers. This data packet offers faster and direct response. Hence this lead to creation
of large internet traffic within the server of the victim ((Bhuyan, Bhattacharyya & Kalita, 2015). The
huge amount of data delivered to the victims system lead to a reason of outage. This attack was
effective because it was easy to perform and is enough to paralyze the system. The reason behind
becoming one of the major attacks is that it had given an easy access towards the attackers.
Preventing the server from DDoS attacks
With the implementation of proper measures and tools these attacks can be neutralized.
Moreover proper monitoring should be done on the organization’s network (Singh, 2018). This will
help the organization to identify ad rectify the problem. In order to monitor the activities and traffic
Adaptive Defense 360 can be installed within the server for detailed visibility of every activity. Apart
from this in order to prevent the attack deactivation of Memcached server can help in providing
proper protection and will also help in amplification.

2COMPUTER SECURITY

3COMPUTER SECURITY
References
Bhuyan, M. H., Bhattacharyya, D. K., & Kalita, J. K. (2015). An empirical evaluation of information
metrics for low-rate and high-rate DDoS attack detection. Pattern Recognition Letters, 51, 1-
7.
Singh, K., & Singh, A. (2018, October). Memcached DDoS Exploits: Operations, Vulnerabilities,
Preventions and Mitigations. In 2018 IEEE 3rd International Conference on Computing,
Communication and Security (ICCCS) (pp. 171-179). IEEE.