Cybersecurity Report: Investigating the 2016 Dyn DDoS Attack
VerifiedAdded on 2025/04/28
|12
|1965
|116
AI Summary
Desklib provides past papers and solved assignments for students. This report analyzes contemporary cybersecurity issues, focusing on DDoS attacks.
Assessment 1
Report on contemporary cybersecurity
issues
Student Name:
Student ID:
Report on contemporary cybersecurity
issues
Student Name:
Student ID:
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Contents
Introduction......................................................................................................................................2
1 Distributed Denial of Services walkthrough.................................................................................3
1.1 What is a Distributed Denial of services Attack?..................................................................3
1.2 How it works in real world....................................................................................................4
2 Real world examples of your chosen attack type and On the basis of incident address the
following..........................................................................................................................................8
When did the attack occur and was it given a specific name......................................................8
What was the outcome of your chosen incident?........................................................................8
What was the impact of your chosen incident (financial, devices affected etc.)?.......................8
Which aims of security were breaches and what was the resultant consequence?......................8
What specification did the company take to address the issue?..................................................9
Conclusion.....................................................................................................................................10
References......................................................................................................................................11
List of Figures
Figure 1: Hits per second.................................................................................................................3
Figure 2: 7 layers of a network........................................................................................................4
Figure 3: Application layer attack...................................................................................................5
Figure 4: Protocol Attack.................................................................................................................6
Figure 5: Volumetric Attack............................................................................................................7
1
Introduction......................................................................................................................................2
1 Distributed Denial of Services walkthrough.................................................................................3
1.1 What is a Distributed Denial of services Attack?..................................................................3
1.2 How it works in real world....................................................................................................4
2 Real world examples of your chosen attack type and On the basis of incident address the
following..........................................................................................................................................8
When did the attack occur and was it given a specific name......................................................8
What was the outcome of your chosen incident?........................................................................8
What was the impact of your chosen incident (financial, devices affected etc.)?.......................8
Which aims of security were breaches and what was the resultant consequence?......................8
What specification did the company take to address the issue?..................................................9
Conclusion.....................................................................................................................................10
References......................................................................................................................................11
List of Figures
Figure 1: Hits per second.................................................................................................................3
Figure 2: 7 layers of a network........................................................................................................4
Figure 3: Application layer attack...................................................................................................5
Figure 4: Protocol Attack.................................................................................................................6
Figure 5: Volumetric Attack............................................................................................................7
1
Introduction
A distributed denial of service attack or DDoS is one of the most aggressive and powerful
techniques on internet. When we hear a website service get unavailable means a DDoS attack has
been made. In another word, the attackers use multiple sources to attack target to make them
unavailable by creating a flood of service request to overwhelm the website. So it is most
important to differentiate regular rate of service request and malicious service request.
2
A distributed denial of service attack or DDoS is one of the most aggressive and powerful
techniques on internet. When we hear a website service get unavailable means a DDoS attack has
been made. In another word, the attackers use multiple sources to attack target to make them
unavailable by creating a flood of service request to overwhelm the website. So it is most
important to differentiate regular rate of service request and malicious service request.
2
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
1 Distributed Denial of Services walkthrough
1.1 What is a Distributed Denial of services Attack?
Distributed denial of service also called DDoS is a malicious attack on the normal traffic rate of
target server or network by applying a flood of traffic. Distributed denial of services completes
their target by using multiple services request and compromised system to attack specific target.
This type of system includes high-level sophisticated computers, network and IoT devices. In
another word it is a high-level attack where traffic of the server could be jam by restricting the
regular service request to reach its destination. There are several types of DDoS attack existed
and different type of denial of service target different component of a network connection.
The distributed denial of services is mainly used to target the high rated website and online
services with the aim of overwhelming the domain server by help of applying more and more
traffic rate than the capacity of the server or by completely jam the natural service request. It
may be a massive amount of messages, requests for services and duplicate packets. In minor
cases, the targeted victims have faced low-level risk, but in maximum cases, they lost everything
including their mode of service too. For example, in 2015 to 2016 a criminal group proposed
high-level attack called ransom to repeatedly extort the banks, hosting service providers and top-
level corporate (Us.norton.com, 2019).
Figure 1: Hits per second
3
1.1 What is a Distributed Denial of services Attack?
Distributed denial of service also called DDoS is a malicious attack on the normal traffic rate of
target server or network by applying a flood of traffic. Distributed denial of services completes
their target by using multiple services request and compromised system to attack specific target.
This type of system includes high-level sophisticated computers, network and IoT devices. In
another word it is a high-level attack where traffic of the server could be jam by restricting the
regular service request to reach its destination. There are several types of DDoS attack existed
and different type of denial of service target different component of a network connection.
The distributed denial of services is mainly used to target the high rated website and online
services with the aim of overwhelming the domain server by help of applying more and more
traffic rate than the capacity of the server or by completely jam the natural service request. It
may be a massive amount of messages, requests for services and duplicate packets. In minor
cases, the targeted victims have faced low-level risk, but in maximum cases, they lost everything
including their mode of service too. For example, in 2015 to 2016 a criminal group proposed
high-level attack called ransom to repeatedly extort the banks, hosting service providers and top-
level corporate (Us.norton.com, 2019).
Figure 1: Hits per second
3
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
1.2 How it works in real world
Distributed denial of services works on a simple concept to overwhelm the network by exceeding
the capacity of handling service request. It is a special type of cyber-attack that is happening on a
server, website or on a network by creating a flood of an incoming service request through
multiple sources of computers.
The attack distributed denial of service requires an attacker who poses control over the network
of an online system to perform the attack activities. The online system including IoT devices and
computers are supposed to get infected and convert them into a bot. Then an attacker uses this
bot to gain control over the server that is called botnet. Once the connectivity of botnet gets
establish, an attacker can able to send update request remotely. When Internet protocol of victim
has been a target by the networked botnet, each of the bots starts sending a request and then
target server become overwhelmed by exceeding its request handling capacity.
To understand how it basically works, it is most important to understand the work structure of
network connection. The below diagram illustrates the 7 layers of a network.
Figure 2: 7 layers of a network
4
Distributed denial of services works on a simple concept to overwhelm the network by exceeding
the capacity of handling service request. It is a special type of cyber-attack that is happening on a
server, website or on a network by creating a flood of an incoming service request through
multiple sources of computers.
The attack distributed denial of service requires an attacker who poses control over the network
of an online system to perform the attack activities. The online system including IoT devices and
computers are supposed to get infected and convert them into a bot. Then an attacker uses this
bot to gain control over the server that is called botnet. Once the connectivity of botnet gets
establish, an attacker can able to send update request remotely. When Internet protocol of victim
has been a target by the networked botnet, each of the bots starts sending a request and then
target server become overwhelmed by exceeding its request handling capacity.
To understand how it basically works, it is most important to understand the work structure of
network connection. The below diagram illustrates the 7 layers of a network.
Figure 2: 7 layers of a network
4
As we see above the network connection is a combination of several different components called
layers like structuring of a building from bottom to top. Each and every layer in network
connection has a different purpose. The distributed denial of service request is classified into
three categories. Means an attacker can use one or several attacking vectors.
Application layer attack- This type of attack also referred to as layer 7 distributed denial
of services attack. The major goal behind this attack on the resources of the target. This
attack rises where the web page generates on server and delivers on HTTP request. A
single request of HTTP is cheap on client side, but it is quite expensive on server side
because to respond it use server and load multiple files including running of database
queries to form a webpage.
Figure 3: Application layer attack
Protocol Attack- Protocol attack also called execution time attack, causes by disturbing
all state of capacity of website or web application or resources that is used to protect that
like a firewall. This type of attack is used to make a breach available in layer 3 and 4 to
render the target machine
5
layers like structuring of a building from bottom to top. Each and every layer in network
connection has a different purpose. The distributed denial of service request is classified into
three categories. Means an attacker can use one or several attacking vectors.
Application layer attack- This type of attack also referred to as layer 7 distributed denial
of services attack. The major goal behind this attack on the resources of the target. This
attack rises where the web page generates on server and delivers on HTTP request. A
single request of HTTP is cheap on client side, but it is quite expensive on server side
because to respond it use server and load multiple files including running of database
queries to form a webpage.
Figure 3: Application layer attack
Protocol Attack- Protocol attack also called execution time attack, causes by disturbing
all state of capacity of website or web application or resources that is used to protect that
like a firewall. This type of attack is used to make a breach available in layer 3 and 4 to
render the target machine
5
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
Figure 4: Protocol Attack
Volumetric Attack- This type of attack used to attempt to make congestion by utilizing
the bandwidth of server that connects the computer with internet. Very enough amounts
of data are sent to the target in form of amplification which means it creates huge traffic
on website.
6
Volumetric Attack- This type of attack used to attempt to make congestion by utilizing
the bandwidth of server that connects the computer with internet. Very enough amounts
of data are sent to the target in form of amplification which means it creates huge traffic
on website.
6
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Figure 5: Volumetric Attack
The major concern to mitigate the DDoS attack is making a difference in between abnormal
traffic rate and normal traffic rate of request. In today era the DDoS attack comes in several
forms. The attack may vary from single source attack to complex and multilevel attack. The
multiple vector attack uses several paths to overwhelm the target so to mitigate that it requires in
order measuring all different trajectories. In simple term, the more complex multi-vendor attack
result in more likely traffic rate that is difficult to address by making a comparison to normal
traffic requests. Use of black hole technique is also an important attempt to mitigate the attack.
In this, an admin has to create a black hole rout to filter the requests. When the malicious attack
is identified it routed the request to null route or black hole and fire from the network (Inside Out
Security, 2019).
7
The major concern to mitigate the DDoS attack is making a difference in between abnormal
traffic rate and normal traffic rate of request. In today era the DDoS attack comes in several
forms. The attack may vary from single source attack to complex and multilevel attack. The
multiple vector attack uses several paths to overwhelm the target so to mitigate that it requires in
order measuring all different trajectories. In simple term, the more complex multi-vendor attack
result in more likely traffic rate that is difficult to address by making a comparison to normal
traffic requests. Use of black hole technique is also an important attempt to mitigate the attack.
In this, an admin has to create a black hole rout to filter the requests. When the malicious attack
is identified it routed the request to null route or black hole and fire from the network (Inside Out
Security, 2019).
7
2 Real world examples of your chosen attack type and On the basis of incident
address the following
When did the attack occur and was it given a specific name
The 2016 Dyn Attack is the biggest attack and directed as Dyn. Dyn is a DNS service provider
and the attack was made in 2016. The 2016 Dyn attack was has been done to disrupt services of
the service provider and because of this attack major giant company like AirBnB, PayPal,
Amazon and GitHibhave been affected. This is a distributed denial of service attack done on
Dyn, so this attack gets a name “The 2016 Dyn Attack”.
What was the outcome of your chosen incident?
In the year 2016, a series of attack that comes under category of distributed denial of service
attack had been happening on 21st of October. The attack mainly targeted the system whichever
has been operated by Dyn. The 2016 Dyn Attack was made with the help of Mirai malware. The
Mirai malware creates a botnet except for the internet of things devices like smart TV, radios and
even cameras. To perform the attack, these compromised devices are programmed to make a
huge number of request to a single victim. The Dyn was successfully able to mitigate this within
one day, but the purpose of attack had never been discovered. Due to attack, the major service
provider platform becomes unavailable and the responsibility of attack has been taken by
Anonymous and new world hackers.
What was the impact of your chosen incident (financial, devices affected etc.)?
In 2016 Anonymous and new world hacker target the DNS providing organization to disrupt the
services of all the major organization that was getting services of the Dyn. There are several
online platforms and services get unavailable for the user of Europe and America. The attack
affected services of Airnb, Amazon.com, BBC, New York Times, CNN, GitHub, PayPal and
many more. Almost every type of devices has been used to create a botnet and start attacking
Dyn.
Which aims of security were breaches and what was the resultant consequence?
An investigation has been performed by the US Department of homeland security as per source
of White House and found that no group and others take responsibility during or just after the
attack. The chief of the company stated that the breach is very complex, unlike everyday DDoS
8
address the following
When did the attack occur and was it given a specific name
The 2016 Dyn Attack is the biggest attack and directed as Dyn. Dyn is a DNS service provider
and the attack was made in 2016. The 2016 Dyn attack was has been done to disrupt services of
the service provider and because of this attack major giant company like AirBnB, PayPal,
Amazon and GitHibhave been affected. This is a distributed denial of service attack done on
Dyn, so this attack gets a name “The 2016 Dyn Attack”.
What was the outcome of your chosen incident?
In the year 2016, a series of attack that comes under category of distributed denial of service
attack had been happening on 21st of October. The attack mainly targeted the system whichever
has been operated by Dyn. The 2016 Dyn Attack was made with the help of Mirai malware. The
Mirai malware creates a botnet except for the internet of things devices like smart TV, radios and
even cameras. To perform the attack, these compromised devices are programmed to make a
huge number of request to a single victim. The Dyn was successfully able to mitigate this within
one day, but the purpose of attack had never been discovered. Due to attack, the major service
provider platform becomes unavailable and the responsibility of attack has been taken by
Anonymous and new world hackers.
What was the impact of your chosen incident (financial, devices affected etc.)?
In 2016 Anonymous and new world hacker target the DNS providing organization to disrupt the
services of all the major organization that was getting services of the Dyn. There are several
online platforms and services get unavailable for the user of Europe and America. The attack
affected services of Airnb, Amazon.com, BBC, New York Times, CNN, GitHub, PayPal and
many more. Almost every type of devices has been used to create a botnet and start attacking
Dyn.
Which aims of security were breaches and what was the resultant consequence?
An investigation has been performed by the US Department of homeland security as per source
of White House and found that no group and others take responsibility during or just after the
attack. The chief of the company stated that the breach is very complex, unlike everyday DDoS
8
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
attack. They also disclosed as per risk intelligence firm the attack had been performed by
creating botnet network using a large number of an internet of thing devices including baby
monitors, printers, camera and etc. all this could be done by Mirai Malware. They also disclosed
that they start receiving a malicious request from more than 10 million IP addresses. The Mirai
malware had been designed to breach the security of IoT devices and allow the hacker to
remotely control the system. As a result of this attack services of a number of service provider
get unavailable for the user of Europe and North America. The organization of list is too long,
but some of the major giants are Amazon.com, BBC, New York Times, CNN, GitHub and
PayPal.
What specification did the company take to address the issue?
The Dyn requested to address the issue to business risk intelligence organization Akamai
Technologies and Flashpoint. They quickly put protective measures on a place from where the
attack has been done and continuously extended those protective measures. They also get support
to address the issue by making an analysis of internet infrastructure and continuously monitoring
the community (Dyn.com, 2019).
9
creating botnet network using a large number of an internet of thing devices including baby
monitors, printers, camera and etc. all this could be done by Mirai Malware. They also disclosed
that they start receiving a malicious request from more than 10 million IP addresses. The Mirai
malware had been designed to breach the security of IoT devices and allow the hacker to
remotely control the system. As a result of this attack services of a number of service provider
get unavailable for the user of Europe and North America. The organization of list is too long,
but some of the major giants are Amazon.com, BBC, New York Times, CNN, GitHub and
PayPal.
What specification did the company take to address the issue?
The Dyn requested to address the issue to business risk intelligence organization Akamai
Technologies and Flashpoint. They quickly put protective measures on a place from where the
attack has been done and continuously extended those protective measures. They also get support
to address the issue by making an analysis of internet infrastructure and continuously monitoring
the community (Dyn.com, 2019).
9
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Conclusion
Distributed Denial of Services is the most powerful brute force technique that is used by an
attacker to make the services unavailable. As per research, it is also identified that this can be
either application layer level attack, protocol attack or volumetric attack and can be resolved by
one of the best solution, creation of a black hole in network. Within this technique, an attacker
creates several bots in target network by transforming the internet of things devices and create a
botnet network to remotely access the whole system. The research work helps me to effectively
understand concept of DDoS cyber-attack including its type and working structure on different
OSI Layers. It also helps to learn about the attacking strategies and possible tricks to solve the
problem that could be raised because of this attack.
10
Distributed Denial of Services is the most powerful brute force technique that is used by an
attacker to make the services unavailable. As per research, it is also identified that this can be
either application layer level attack, protocol attack or volumetric attack and can be resolved by
one of the best solution, creation of a black hole in network. Within this technique, an attacker
creates several bots in target network by transforming the internet of things devices and create a
botnet network to remotely access the whole system. The research work helps me to effectively
understand concept of DDoS cyber-attack including its type and working structure on different
OSI Layers. It also helps to learn about the attacking strategies and possible tricks to solve the
problem that could be raised because of this attack.
10
References
Cloudflare. (2019). Famous DDoS Attacks | Cloudflare. [online] Available at:
https://www.cloudflare.com/learning/ddos/famous-ddos-attacks/ [Accessed 5 Apr. 2019].
Digitalattackmap.com. (2019). Digital Attack Map. [online] Available at:
https://www.digitalattackmap.com/understanding-ddos/ [Accessed 5 Apr. 2019].
Dyn.com. (2019). Dyn Analysis Summary Of Friday, October 21 Attack | Dyn Blog. [online]
Available at: https://dyn.com/blog/dyn-analysis-summary-of-friday-october-21-attack/ [Accessed
5 Apr. 2019].
Incapsula.com. (2019). DISTRIBUTED DENIAL OF SERVICE ATTACK (DDOS) DEFINITION.
[online] Available at: https://www.incapsula.com/ddos/ddos-attacks.html [Accessed 5 Apr.
2019].
Inside Out Security. (2019). What is a Distributed Denial of Service (DDoS) attack? | Varonis.
[online] Available at: https://www.varonis.com/blog/what-is-a-ddos-attack/ [Accessed 5 Apr.
2019].
Us.norton.com. (2019). What is a DDoS attack?. [online] Available at:
https://us.norton.com/internetsecurity-emerging-threats-what-is-a-ddos-attack-30sectech-by-
norton.html [Accessed 5 Apr. 2019].
Woolf, N. (2019). DDoS attack that disrupted internet was largest of its kind in history, experts
say. [online] the Guardian. Available at:
https://www.theguardian.com/technology/2016/oct/26/ddos-attack-dyn-mirai-botnet [Accessed 5
Apr. 2019].
11
Cloudflare. (2019). Famous DDoS Attacks | Cloudflare. [online] Available at:
https://www.cloudflare.com/learning/ddos/famous-ddos-attacks/ [Accessed 5 Apr. 2019].
Digitalattackmap.com. (2019). Digital Attack Map. [online] Available at:
https://www.digitalattackmap.com/understanding-ddos/ [Accessed 5 Apr. 2019].
Dyn.com. (2019). Dyn Analysis Summary Of Friday, October 21 Attack | Dyn Blog. [online]
Available at: https://dyn.com/blog/dyn-analysis-summary-of-friday-october-21-attack/ [Accessed
5 Apr. 2019].
Incapsula.com. (2019). DISTRIBUTED DENIAL OF SERVICE ATTACK (DDOS) DEFINITION.
[online] Available at: https://www.incapsula.com/ddos/ddos-attacks.html [Accessed 5 Apr.
2019].
Inside Out Security. (2019). What is a Distributed Denial of Service (DDoS) attack? | Varonis.
[online] Available at: https://www.varonis.com/blog/what-is-a-ddos-attack/ [Accessed 5 Apr.
2019].
Us.norton.com. (2019). What is a DDoS attack?. [online] Available at:
https://us.norton.com/internetsecurity-emerging-threats-what-is-a-ddos-attack-30sectech-by-
norton.html [Accessed 5 Apr. 2019].
Woolf, N. (2019). DDoS attack that disrupted internet was largest of its kind in history, experts
say. [online] the Guardian. Available at:
https://www.theguardian.com/technology/2016/oct/26/ddos-attack-dyn-mirai-botnet [Accessed 5
Apr. 2019].
11
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
1 out of 12
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.