CO4509 Computer Security: Analyzing the Memcrashed Vulnerability
VerifiedAdded on  2023/04/25
|15
|4454
|413
Report
AI Summary
This report provides an in-depth analysis of the Memcrashed vulnerability, starting with the principles of key-value databases and a comparison with traditional relational databases. It discusses Memcached, its functionalities, and its advantages and limitations compared to conventional data storage. The report delves into the Memcrashed attack, explaining its concept, how it works, and its impact, including the reasons behind the attacks and potential solutions. It also covers the working process of Memcrashed attacks, from initial traffic implantation to the resulting DDoS condition. The report concludes with an analysis of the causes and solutions for Memcrashed exploits and predictions regarding the future of Memcrashed, highlighting its effectiveness and potential evolution.
Running head: Report on Memcrashed Vulnerability
REPORT
ON
MEMCRASHED VULNERABILITY
Name of the Student
Name of the University
Author note
REPORT
ON
MEMCRASHED VULNERABILITY
Name of the Student
Name of the University
Author note
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1Memcrashed
Introduction:
The purpose of this study is to prepare a report on Memcrashed, which will help to
determine the several key concepts related to this topic. This report consists of a brief idea of
the Key-Value database and the comparison with traditional RDB. Along with this, the study
has a detail discussion about the Memcached server and its functionalities; the report will also
compare the conventional data storage with Memcached in order to determine the
effectiveness of Memcached. Furthermore, this report will consist of the discussion about
Memcrashed which will include the debate about the concept of Memcrashed, how the
Memcrashed attack works and its impact. Along with this, the reason behind these attacks
and their solutions are also provided with this report. Lastly, this report will conclude that
how Memcache can be utilized in a positive way it has also described its effectiveness and
future evolution of Memcrashed compared with the previous year.
Principles key values of Database:
According to the study of Travis (2014), a database is storage of the collection of data
which are logically related to each other, in which the user can perform any operations such
as query, insertion-deletion as well as the modification. The key-value database is nothing but
a data storage structure which is designed to retrieve, sort and manage data which is most
commonly termed as Hash table or dictionary. The hash table is consist of collected data
which may have the different field from each other. Thus, in order to retrieve these data from
the data storage the key value is used. The traditional relational database works with the
principle of storing pre-defined structured data in a well-defined data table; however, the key
value system is fundamentally based on collecting the whole data in very less memory
storage in order to reduce the workload (Bugiotti et al. 2014). The concept of the key-value
database in invented in order to store the data in pairs as this is a simple process of storing the
Introduction:
The purpose of this study is to prepare a report on Memcrashed, which will help to
determine the several key concepts related to this topic. This report consists of a brief idea of
the Key-Value database and the comparison with traditional RDB. Along with this, the study
has a detail discussion about the Memcached server and its functionalities; the report will also
compare the conventional data storage with Memcached in order to determine the
effectiveness of Memcached. Furthermore, this report will consist of the discussion about
Memcrashed which will include the debate about the concept of Memcrashed, how the
Memcrashed attack works and its impact. Along with this, the reason behind these attacks
and their solutions are also provided with this report. Lastly, this report will conclude that
how Memcache can be utilized in a positive way it has also described its effectiveness and
future evolution of Memcrashed compared with the previous year.
Principles key values of Database:
According to the study of Travis (2014), a database is storage of the collection of data
which are logically related to each other, in which the user can perform any operations such
as query, insertion-deletion as well as the modification. The key-value database is nothing but
a data storage structure which is designed to retrieve, sort and manage data which is most
commonly termed as Hash table or dictionary. The hash table is consist of collected data
which may have the different field from each other. Thus, in order to retrieve these data from
the data storage the key value is used. The traditional relational database works with the
principle of storing pre-defined structured data in a well-defined data table; however, the key
value system is fundamentally based on collecting the whole data in very less memory
storage in order to reduce the workload (Bugiotti et al. 2014). The concept of the key-value
database in invented in order to store the data in pairs as this is a simple process of storing the
2Memcrashed
data. KV database is structured to handle a significant amount of data in a practical way as
KV was built in order to perform the big data operations. There are several benefits of using
the key value database storage over the traditional RDB such as using the key value database
storage; there is no need to maintain any database index. However traditional RDB demands
logically related information to store in the database, key-value database is not restricted for
highly related data. Similar to the conventional RDB key-value database also does all most
all the operations such as insertion, deletion, updating and modification (Lavasani Angepat
and Chiou 2014).
Memcached:
In the year 2003 a high performance, open source, distributed memory caching system
has invented by Brad Fitzpatrick for dynamic web operations in order to minimize the
database load. Mostly it is used to speed up database-driven websites by which the objects
and caching data present in RAM in order to reduce the time taken by external information
resource which needs to be read (Ruan et al. 2014). Memcached is nothing but the key- value
of objects and strings which are stored in the memory, caused by API calls, page rendering
and database calls. Though it fundamentally depends on the libevent library, it runs on both
types of operating systems like Linux and Microsoft Windows. According to the study of
Marathe et al. (2017) APIs of Memcached provides an enlarged multi-machine distributed
hash table. Followed by the data insertion, when the schedule is full in order to allow new
entrants to the hash table it pushed the older data to the LRU which stands for Least Recently
Used order. Initially, Memcached was invented and used for Fitzpatrick LiveJournal;
however, followed by the years it has involved many users. Presently Memcached is several
other application which includes Twitter, YouTube, FaceBook, Wikipedia, Microsoft Azure
as well as Google search engine (Zhang et al. 2014). Along with the above systems, Amazon
data. KV database is structured to handle a significant amount of data in a practical way as
KV was built in order to perform the big data operations. There are several benefits of using
the key value database storage over the traditional RDB such as using the key value database
storage; there is no need to maintain any database index. However traditional RDB demands
logically related information to store in the database, key-value database is not restricted for
highly related data. Similar to the conventional RDB key-value database also does all most
all the operations such as insertion, deletion, updating and modification (Lavasani Angepat
and Chiou 2014).
Memcached:
In the year 2003 a high performance, open source, distributed memory caching system
has invented by Brad Fitzpatrick for dynamic web operations in order to minimize the
database load. Mostly it is used to speed up database-driven websites by which the objects
and caching data present in RAM in order to reduce the time taken by external information
resource which needs to be read (Ruan et al. 2014). Memcached is nothing but the key- value
of objects and strings which are stored in the memory, caused by API calls, page rendering
and database calls. Though it fundamentally depends on the libevent library, it runs on both
types of operating systems like Linux and Microsoft Windows. According to the study of
Marathe et al. (2017) APIs of Memcached provides an enlarged multi-machine distributed
hash table. Followed by the data insertion, when the schedule is full in order to allow new
entrants to the hash table it pushed the older data to the LRU which stands for Least Recently
Used order. Initially, Memcached was invented and used for Fitzpatrick LiveJournal;
however, followed by the years it has involved many users. Presently Memcached is several
other application which includes Twitter, YouTube, FaceBook, Wikipedia, Microsoft Azure
as well as Google search engine (Zhang et al. 2014). Along with the above systems, Amazon
3Memcrashed
Web Services and IBM Bluemix has also shown an interest to use Memcached through API.
Memcached uses Client-server architecture in order to perform its operations.
Operations of Memcached –
According to Ruan et al. (2014), since Memcached follows the client-server
architecture, there are different operations present in its service. Server-side operation
fundamentally consists of an associative array which is a key value. Data are stored in this
array, and the query related to that information are performed in this array as well. The
critical range is up to 250bytes long, and the value range is not more than 1 megabyte. In the
client side, the clients opted for the libraries in order to communicate with the server. Clients
are well aware of the servers; thus, when a client post a query, at first the client library
communicates with the respective hash table to contact the desired server. These fundamental
values are mostly stored in the ram; thus, if any machine has low RAM, in that case, the old
keys will be permanently deleted. The system cannot assure the users that all the keys are
present in the RAM. Since these operations mainly depend on the hash table values; thus if
two or more organization are following the same hash table, they might end up with having
others confidential data as well (Shankar et al. 2015).
Features of Memcached –
According to Diegues Romano and Rodrigue (2014), Memcached has several in order to
provide both the advantage and those functionalities has several disadvantages too. The
characteristics of Memcached are listed below:
ï‚· A client-server approach.
ï‚· It follows the Berkeley Software Distribution license (BSD).
ï‚· An efficient approach to reducing database load.
ï‚· Contains the concept of Hash Table.
Web Services and IBM Bluemix has also shown an interest to use Memcached through API.
Memcached uses Client-server architecture in order to perform its operations.
Operations of Memcached –
According to Ruan et al. (2014), since Memcached follows the client-server
architecture, there are different operations present in its service. Server-side operation
fundamentally consists of an associative array which is a key value. Data are stored in this
array, and the query related to that information are performed in this array as well. The
critical range is up to 250bytes long, and the value range is not more than 1 megabyte. In the
client side, the clients opted for the libraries in order to communicate with the server. Clients
are well aware of the servers; thus, when a client post a query, at first the client library
communicates with the respective hash table to contact the desired server. These fundamental
values are mostly stored in the ram; thus, if any machine has low RAM, in that case, the old
keys will be permanently deleted. The system cannot assure the users that all the keys are
present in the RAM. Since these operations mainly depend on the hash table values; thus if
two or more organization are following the same hash table, they might end up with having
others confidential data as well (Shankar et al. 2015).
Features of Memcached –
According to Diegues Romano and Rodrigue (2014), Memcached has several in order to
provide both the advantage and those functionalities has several disadvantages too. The
characteristics of Memcached are listed below:
ï‚· A client-server approach.
ï‚· It follows the Berkeley Software Distribution license (BSD).
ï‚· An efficient approach to reducing database load.
ï‚· Contains the concept of Hash Table.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
4Memcrashed
ï‚· Open source approach.
ï‚· Follows the UDP concept.
Along with the above features, Memcached also does not consist of several drawbacks
such as, it has high fault occurrence, non – persistent data storage which needs to be handled
with care. Or else the information can be easily hacked by any criminal for any illegal
activity.
Limitation of Memcached –
However, Memcached has several advantages over traditional data storage various
limitations has been observed while comparing it with the traditional database storage
system. According to the study of Cheng et al. (2017), the limitation of Memcached is listed
below:
ï‚· One of the major drawbacks of Memcached is it does not provide the access to old
data. Like, if some of the data are not used recently, those data might be permanently
deleted from the database.
ï‚· Since Memcached has unorganized database storage, there is a problem related to the
Memcached node monitoring and they query. It is very hard to access unorganized
data from offline Memcached database.
ï‚· Low storage scalability.
ï‚· Memcached has a high rate of vulnerability.
Memcrashed:
In the past 2 3 years, it has been observed that the ratio of UDP amplification and
reflection has increased across the internet. Utilizing the Memcached protocol and arising
from the port 11211 these attacks acts their operations. This cybercrimes basically attacks the
unprotected UDP enabled Memcached server in order to expand maximum effect to the
ï‚· Open source approach.
ï‚· Follows the UDP concept.
Along with the above features, Memcached also does not consist of several drawbacks
such as, it has high fault occurrence, non – persistent data storage which needs to be handled
with care. Or else the information can be easily hacked by any criminal for any illegal
activity.
Limitation of Memcached –
However, Memcached has several advantages over traditional data storage various
limitations has been observed while comparing it with the traditional database storage
system. According to the study of Cheng et al. (2017), the limitation of Memcached is listed
below:
ï‚· One of the major drawbacks of Memcached is it does not provide the access to old
data. Like, if some of the data are not used recently, those data might be permanently
deleted from the database.
ï‚· Since Memcached has unorganized database storage, there is a problem related to the
Memcached node monitoring and they query. It is very hard to access unorganized
data from offline Memcached database.
ï‚· Low storage scalability.
ï‚· Memcached has a high rate of vulnerability.
Memcrashed:
In the past 2 3 years, it has been observed that the ratio of UDP amplification and
reflection has increased across the internet. Utilizing the Memcached protocol and arising
from the port 11211 these attacks acts their operations. This cybercrimes basically attacks the
unprotected UDP enabled Memcached server in order to expand maximum effect to the
5Memcrashed
targeted Memcached (Wu and Wu 2018). It is a Memcached DDoS exploit application tool
written in the python language to forged UDP packets present in the Memcached server. In
order to run the Memcrashed operation, the criminals used to send a package of ordinary
UDP from a burlesque IP address to the targeted server. Due to this, the hacker gets a
significant response from the victim’s Memcached network. Due to this Denial of Service
scenario occurs (Baia 2018).
Since, Memcached application has been structured in order to speed up the dynamic
web applications by decreasing the database load which helps the administration to work
efficiently and effectively, to increase the database efficiency Facebook, Twitter, and
YouTube has adopted the Memcached system. In the field of database systems apparently, an
attack has been spotted which was developed by Cloudflare (Tapsell Akram and
Markantonakis 2018). The primary target of the attack was the unprotected Memcached
server which has enabled UDP which can promote the DDoS attacks to a significant extent,
which has established it as one of the most prominent Cyber-attack across the world (Xiao et
al. 2015).
Memcrashed Attack:
Unlike other cyber-crimes Memcached DDoS attacks are also the type of cyber-attack
with tried to block or corrupt the victims by internet traffic. Memorized follows the concept
of distributed denial of service attack. In the field of computing Distributed Denial of Service
attack is a type of cyber-attack in which the attacker intended to block any machine or
resource from the targeted users (Bhuyan Bhattacharyya and Kalita 2015). The DDoS is
fundamentally implemented by request to overloading the system and prevent the access of
the selective system from its actual owner or user. Since Memcached follows the UDP
system, this protocol is structured to respond to the UDP request thus. Initially, the attacker
spoofs the application to any unprotected Memcached server, in order to flood the targeted
targeted Memcached (Wu and Wu 2018). It is a Memcached DDoS exploit application tool
written in the python language to forged UDP packets present in the Memcached server. In
order to run the Memcrashed operation, the criminals used to send a package of ordinary
UDP from a burlesque IP address to the targeted server. Due to this, the hacker gets a
significant response from the victim’s Memcached network. Due to this Denial of Service
scenario occurs (Baia 2018).
Since, Memcached application has been structured in order to speed up the dynamic
web applications by decreasing the database load which helps the administration to work
efficiently and effectively, to increase the database efficiency Facebook, Twitter, and
YouTube has adopted the Memcached system. In the field of database systems apparently, an
attack has been spotted which was developed by Cloudflare (Tapsell Akram and
Markantonakis 2018). The primary target of the attack was the unprotected Memcached
server which has enabled UDP which can promote the DDoS attacks to a significant extent,
which has established it as one of the most prominent Cyber-attack across the world (Xiao et
al. 2015).
Memcrashed Attack:
Unlike other cyber-crimes Memcached DDoS attacks are also the type of cyber-attack
with tried to block or corrupt the victims by internet traffic. Memorized follows the concept
of distributed denial of service attack. In the field of computing Distributed Denial of Service
attack is a type of cyber-attack in which the attacker intended to block any machine or
resource from the targeted users (Bhuyan Bhattacharyya and Kalita 2015). The DDoS is
fundamentally implemented by request to overloading the system and prevent the access of
the selective system from its actual owner or user. Since Memcached follows the UDP
system, this protocol is structured to respond to the UDP request thus. Initially, the attacker
spoofs the application to any unprotected Memcached server, in order to flood the targeted
6Memcrashed
server with internet traffic, by temporarily blocking the access of the victim,s resources
(Kharchenko Kolisnyk and Piskachova 2018).
Impact of Memcrashed:
Similar to the other amplification procedures Memcrashed has also followed the
process of spoofing the IP address in order to restrict the users from using the targeted server.
This attack is also base on the transaction of the request to the targeted server’s IP address in
order to get the response from the unprotected Memcached system. Several Memcached
servers have been utilized in the wrong way by DDoS attack or Memcrashed attack.
According to Wang et al. (2015), it has been observed that few bytes of UDP request sent to
the unprotected server or Memcached can respond with thousand times bigger information
with respect to the input request. Most of the corrupt Memcrashed system is being hosted by
the OVH, Sakura and Digital Ocean that has abused several Memcached servers by DDoS
amplification. According to the study of Cloudflare a whole number of 5730 numbers of
individual IP resources associated with unprotected Memcrashed servers. But in future, they
are assuming that there will be significant growth of these types of Memcached servers (Van
et al. 2015). Along with the above operations also it has been observed that some of the
attacks are directed to the TCP port number 11211 in order to abuse the unprotected
Memcached server however TCP has not to consist any response to any high-risk
Memcached amplifications. According to several studies, the Memcached vulnerability is
inviting the DDoS attacks specially noticed in South Korea whereas, the exploration of these
attack is progressing across the world significantly (Deshmukh and Devadkar 2015).
Working process of Memcrashed –
According to Hu Hong and Chen (2017) Fundamentally Memcrashed attack is performed in 4
steps which are listed below:
server with internet traffic, by temporarily blocking the access of the victim,s resources
(Kharchenko Kolisnyk and Piskachova 2018).
Impact of Memcrashed:
Similar to the other amplification procedures Memcrashed has also followed the
process of spoofing the IP address in order to restrict the users from using the targeted server.
This attack is also base on the transaction of the request to the targeted server’s IP address in
order to get the response from the unprotected Memcached system. Several Memcached
servers have been utilized in the wrong way by DDoS attack or Memcrashed attack.
According to Wang et al. (2015), it has been observed that few bytes of UDP request sent to
the unprotected server or Memcached can respond with thousand times bigger information
with respect to the input request. Most of the corrupt Memcrashed system is being hosted by
the OVH, Sakura and Digital Ocean that has abused several Memcached servers by DDoS
amplification. According to the study of Cloudflare a whole number of 5730 numbers of
individual IP resources associated with unprotected Memcrashed servers. But in future, they
are assuming that there will be significant growth of these types of Memcached servers (Van
et al. 2015). Along with the above operations also it has been observed that some of the
attacks are directed to the TCP port number 11211 in order to abuse the unprotected
Memcached server however TCP has not to consist any response to any high-risk
Memcached amplifications. According to several studies, the Memcached vulnerability is
inviting the DDoS attacks specially noticed in South Korea whereas, the exploration of these
attack is progressing across the world significantly (Deshmukh and Devadkar 2015).
Working process of Memcrashed –
According to Hu Hong and Chen (2017) Fundamentally Memcrashed attack is performed in 4
steps which are listed below:
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7Memcrashed
Stage 1 – A large scale of internet traffic or payload is implanted on a targeted Memcached
server.
Stage 2 – In the next step, the attacker tries to get the access of the IP address by spoofing the
HTTP GET to the targeted Memcached server.
Stage 3 – in this stage the unprotected Memcached server will respond to the UDP request in
order to provide them with a large amount of data.
Stage 4 – the targeted server will be then blocked as a large amount of data transaction is
occurring there; thus the server was overloaded and DDoS condition occurs.
Cause and solution of Memcrashed exploit:
As per the above discussion, it has been observed that it is essential to determine the
reason behind these types of attacks and how this can be mitigated. Thus, in order to prevent
Memcached servers from Memcrashed attack, the analysis of the reason and their solutions
are described below.
Cause of Memcrashed attack –
The memcrashed attack which basically stands for DDoS amplification has effected
significant numbers of organizations which are connected to the internet. According to the
study of Yuan Li and Li (2017) occurrence of these attacks are sometimes for a few common
reasons which are listed below:
ï‚· Some of the cyber-attacks are caused by the employs mistake such as the employer
might have unwillingly done some malicious action in the organization’s server.
ï‚· Distraction from the desired work and looking around the pop-up advertisements can
cause these types of attack since the attacker sometimes opts for using random
advertisement in order to distract the user and influence them to use visit the page.
Stage 1 – A large scale of internet traffic or payload is implanted on a targeted Memcached
server.
Stage 2 – In the next step, the attacker tries to get the access of the IP address by spoofing the
HTTP GET to the targeted Memcached server.
Stage 3 – in this stage the unprotected Memcached server will respond to the UDP request in
order to provide them with a large amount of data.
Stage 4 – the targeted server will be then blocked as a large amount of data transaction is
occurring there; thus the server was overloaded and DDoS condition occurs.
Cause and solution of Memcrashed exploit:
As per the above discussion, it has been observed that it is essential to determine the
reason behind these types of attacks and how this can be mitigated. Thus, in order to prevent
Memcached servers from Memcrashed attack, the analysis of the reason and their solutions
are described below.
Cause of Memcrashed attack –
The memcrashed attack which basically stands for DDoS amplification has effected
significant numbers of organizations which are connected to the internet. According to the
study of Yuan Li and Li (2017) occurrence of these attacks are sometimes for a few common
reasons which are listed below:
ï‚· Some of the cyber-attacks are caused by the employs mistake such as the employer
might have unwillingly done some malicious action in the organization’s server.
ï‚· Distraction from the desired work and looking around the pop-up advertisements can
cause these types of attack since the attacker sometimes opts for using random
advertisement in order to distract the user and influence them to use visit the page.
8Memcrashed
ï‚· In order to reduce the business competition, the DoS service is sometimes offered by
the cyber-criminal to any organization in order to interrupt their business operation or
take out some useful information.
 This attack can be caused by revenge from the victim’s organization due to the deal
refusal.
 Sometimes these types of attacks occur in order to demand money from the victim’s
organization.
Furthermore, in this report, the mitigation process of Memcrashed has been discussed in
order to protect the organizations from unwanted DDoS attacks.
Mitigation process of Memcrashed Attack –
In order to protect organisations servers from cyber criminals it essential to take actions to
prevent the servers from cyber-attacks. According to the study of Qin Xu and Wang 2015),
those Memcrashed prevention processes are described below:
 UDP – Since, the Memcrashed has enabled UDP support which helps the server to
send a response to requested notifications thus, in order to reduce the chance of
getting hacked by a Memcrashed attacker it is necessary to disable the UDP support if
it is not needs as it makes the targeted server vulnerable.
 IP Spoofing – In order to protect the network server from Memcrashed attack, it is
essential to prevent IP address spoofing. Since by spoofing the IP address, the DDoS
attack can occur. Thus, it is necessary for the transit providers to enable spoofing
prevention protocol in order to filter their internet traffic. If all most every Internet
service provider or transit provider implement the internet filter process the chance of
DDoS attack will be less.
ï‚· In order to reduce the business competition, the DoS service is sometimes offered by
the cyber-criminal to any organization in order to interrupt their business operation or
take out some useful information.
 This attack can be caused by revenge from the victim’s organization due to the deal
refusal.
 Sometimes these types of attacks occur in order to demand money from the victim’s
organization.
Furthermore, in this report, the mitigation process of Memcrashed has been discussed in
order to protect the organizations from unwanted DDoS attacks.
Mitigation process of Memcrashed Attack –
In order to protect organisations servers from cyber criminals it essential to take actions to
prevent the servers from cyber-attacks. According to the study of Qin Xu and Wang 2015),
those Memcrashed prevention processes are described below:
 UDP – Since, the Memcrashed has enabled UDP support which helps the server to
send a response to requested notifications thus, in order to reduce the chance of
getting hacked by a Memcrashed attacker it is necessary to disable the UDP support if
it is not needs as it makes the targeted server vulnerable.
 IP Spoofing – In order to protect the network server from Memcrashed attack, it is
essential to prevent IP address spoofing. Since by spoofing the IP address, the DDoS
attack can occur. Thus, it is necessary for the transit providers to enable spoofing
prevention protocol in order to filter their internet traffic. If all most every Internet
service provider or transit provider implement the internet filter process the chance of
DDoS attack will be less.
9Memcrashed
 Firewall – Along with the above protections the organization should surely opt for
firewall protection where the only the administration will the get the access of UDP
for particular Memcached, and they will use it when it is necessary to use it otherwise
the UDP responses to the unknown request will be blocked.
ï‚· UDP response - In order to reduce the chance of Memcharesd attack another DDoS
prevention technique is present which offers technique of reducing the UDP response
such as if the responder information is larger than the size of requested information
the transaction should be blocked. And if the response is equal to or smaller than the
request, then the transaction should proceed. By this way, the chance of amplification
will be less.
Utilizing the above DDoS attack rectification process the frequency of Memcrashed
attack will be less.
Future importance and expectations from Memcrashed:
After analysing the previous year Memcrashed effect on Memcached sever it has been
observed that Memcrashedthe had a significant impact on the Memcached server in 2017.
However, in 2018, the impact of Memcrashed has significantly increased while considering it
with the previous year. From the analysing of the end of 2018 has been observed that the
several DDoS attacks have occurred in the field of cryptocurrencies. With respect to the
growing industry, it can be assumed that the growth of crypto-currency DDoS attack will
drastically high within 6 to 12 months. Since the financial structure of any country or
organization is essential for the sake of their future growth, this types of crypto-currency
DDoS attacks can be utilized to manipulate the market valuation and can be used as a border
attack component (Wang et al. 2018). Another exceptional utilization of DDoS attack is it can
be used for the betterment of the country. The proper utilization of these types of attacks is
 Firewall – Along with the above protections the organization should surely opt for
firewall protection where the only the administration will the get the access of UDP
for particular Memcached, and they will use it when it is necessary to use it otherwise
the UDP responses to the unknown request will be blocked.
ï‚· UDP response - In order to reduce the chance of Memcharesd attack another DDoS
prevention technique is present which offers technique of reducing the UDP response
such as if the responder information is larger than the size of requested information
the transaction should be blocked. And if the response is equal to or smaller than the
request, then the transaction should proceed. By this way, the chance of amplification
will be less.
Utilizing the above DDoS attack rectification process the frequency of Memcrashed
attack will be less.
Future importance and expectations from Memcrashed:
After analysing the previous year Memcrashed effect on Memcached sever it has been
observed that Memcrashedthe had a significant impact on the Memcached server in 2017.
However, in 2018, the impact of Memcrashed has significantly increased while considering it
with the previous year. From the analysing of the end of 2018 has been observed that the
several DDoS attacks have occurred in the field of cryptocurrencies. With respect to the
growing industry, it can be assumed that the growth of crypto-currency DDoS attack will
drastically high within 6 to 12 months. Since the financial structure of any country or
organization is essential for the sake of their future growth, this types of crypto-currency
DDoS attacks can be utilized to manipulate the market valuation and can be used as a border
attack component (Wang et al. 2018). Another exceptional utilization of DDoS attack is it can
be used for the betterment of the country. The proper utilization of these types of attacks is
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
10Memcrashed
used in defence in order to attacks the oppositions cyber network or terrorism (Thilak and
Amuthan 2018). By utilizing the Memcrashed attack, the attacker can fetch useful
information from any vulnerable Memcached server of the opponent or may block the
terrorism server in order to reduce the terrorist attack. Another major influence of Distributed
Denial of Service is it can be utilized in order to hack the terrorist network. However, these
types of threads have a bad impact on the IT services; sometimes these attacks are helpful for
by reducing the criminal attacks.
Conclusion:
Therefore it can be concluded that the action taken against the threat of Memcrashed
attack should be immediate as these types of attacks are significantly harmful to IT server.
While discussing the Memcrashed vulnerability, the report is followed by a brief discussion
about Key- Value database which stated that a key-value database is a type of database
structure in order to store the information by occupying less space. This types of database
structures consist hash table in order to keep track of the records. Furthermore, this report has
a discussion about Memcached and its functionalities which has covered all most every
perspective of Memcached which has stated that Memcached is a high performance, open
source, distributed memory caching system which was invented by Brad Fitzpatrick in order
to perform dynamic web operations for the sake of minimizing the database load. Mostly it is
utilized in order to speed up the database-driven websites because of which the objects and
caching data present in RAM to reduce the time taken by any other information resources
which need to be fetched. This report has also mentioned the features of Memcrashed which
has made the progress of Memcrashed work efficiency it has also compared the Memcached
system with traditional data storage which has stated that however, Memcached has several
advantages over traditional data storage system Memcached has a high possibility of
vulnerability which can cause DDoS attack. Later on, this study has explored Memcrashed
used in defence in order to attacks the oppositions cyber network or terrorism (Thilak and
Amuthan 2018). By utilizing the Memcrashed attack, the attacker can fetch useful
information from any vulnerable Memcached server of the opponent or may block the
terrorism server in order to reduce the terrorist attack. Another major influence of Distributed
Denial of Service is it can be utilized in order to hack the terrorist network. However, these
types of threads have a bad impact on the IT services; sometimes these attacks are helpful for
by reducing the criminal attacks.
Conclusion:
Therefore it can be concluded that the action taken against the threat of Memcrashed
attack should be immediate as these types of attacks are significantly harmful to IT server.
While discussing the Memcrashed vulnerability, the report is followed by a brief discussion
about Key- Value database which stated that a key-value database is a type of database
structure in order to store the information by occupying less space. This types of database
structures consist hash table in order to keep track of the records. Furthermore, this report has
a discussion about Memcached and its functionalities which has covered all most every
perspective of Memcached which has stated that Memcached is a high performance, open
source, distributed memory caching system which was invented by Brad Fitzpatrick in order
to perform dynamic web operations for the sake of minimizing the database load. Mostly it is
utilized in order to speed up the database-driven websites because of which the objects and
caching data present in RAM to reduce the time taken by any other information resources
which need to be fetched. This report has also mentioned the features of Memcrashed which
has made the progress of Memcrashed work efficiency it has also compared the Memcached
system with traditional data storage which has stated that however, Memcached has several
advantages over traditional data storage system Memcached has a high possibility of
vulnerability which can cause DDoS attack. Later on, this study has explored Memcrashed
11Memcrashed
attack which has a great impact on IT services and defence. Since Memcrashed is a kind of
DDoS cyber-attacks, the main tactic of this attacks is to block the targeted server by sending
a large amount of load by UDP request. Along with the cyber-crime detection, this report has
also detected the reason behind these types of attacks and provided the prevention techniques
which needs to be followed by the administrator or the Memcached user. Followed by the
report the future expectations and importance of Memcrashed attack has been discussed. This
has disclosed how Memcrashed attacks are growing day by day, and how the effect of
Memcrashed attacks can be utilized positively for the betterment of respective country or
organization.
attack which has a great impact on IT services and defence. Since Memcrashed is a kind of
DDoS cyber-attacks, the main tactic of this attacks is to block the targeted server by sending
a large amount of load by UDP request. Along with the cyber-crime detection, this report has
also detected the reason behind these types of attacks and provided the prevention techniques
which needs to be followed by the administrator or the Memcached user. Followed by the
report the future expectations and importance of Memcrashed attack has been discussed. This
has disclosed how Memcrashed attacks are growing day by day, and how the effect of
Memcrashed attacks can be utilized positively for the betterment of respective country or
organization.
12Memcrashed
Reference
Baia, K., 2018. Analysis and Prevention of Memcache UDP Reflection Amplification Attack.
Bhuyan, M.H., Bhattacharyya, D.K. and Kalita, J.K., 2015. An empirical evaluation of
information metrics for low-rate and high-rate DDoS attack detection. Pattern
Recognition Letters, 51, pp.1-7.
Bugiotti, F., Cabibbo, L., Atzeni, P. and Torlone, R., 2014, October. Database design for
NoSQL systems. In International Conference on Conceptual Modeling (pp. 223-231).
Springer, Cham.
Cheng, W., Ren, F., Jiang, W. and Zhang, T., 2017, June. Modeling and Analyzing Latency
in the Memcached system. In 2017 IEEE 37th International Conference on
Distributed Computing Systems (ICDCS) (pp. 538-548). IEEE.
Deshmukh, R.V. and Devadkar, K.K., 2015. Understanding DDoS attack & its effect in cloud
environment. Procedia Computer Science, 49, pp.202-210.
Diegues, N., Romano, P. and Rodrigues, L., 2014, August. Virtues and limitations of
commodity hardware transactional memory. In Proceedings of the 23rd international
conference on Parallel architectures and compilation (pp. 3-14). ACM.
Hu, D., Hong, P. and Chen, Y., 2017, December. Fadm: Ddos flooding attack detection and
mitigation system in software-defined networking. In GLOBECOM 2017-2017 IEEE
Global Communications Conference (pp. 1-7). IEEE.
Kharchenko, V., Kolisnyk, M. and Piskachova, I., 2018, May. The research of the smart
office availability model considering patches on the router firewall software. In 2018
IEEE 9th International Conference on Dependable Systems, Services and
Technologies (DESSERT) (pp. 169-174). IEEE.
Reference
Baia, K., 2018. Analysis and Prevention of Memcache UDP Reflection Amplification Attack.
Bhuyan, M.H., Bhattacharyya, D.K. and Kalita, J.K., 2015. An empirical evaluation of
information metrics for low-rate and high-rate DDoS attack detection. Pattern
Recognition Letters, 51, pp.1-7.
Bugiotti, F., Cabibbo, L., Atzeni, P. and Torlone, R., 2014, October. Database design for
NoSQL systems. In International Conference on Conceptual Modeling (pp. 223-231).
Springer, Cham.
Cheng, W., Ren, F., Jiang, W. and Zhang, T., 2017, June. Modeling and Analyzing Latency
in the Memcached system. In 2017 IEEE 37th International Conference on
Distributed Computing Systems (ICDCS) (pp. 538-548). IEEE.
Deshmukh, R.V. and Devadkar, K.K., 2015. Understanding DDoS attack & its effect in cloud
environment. Procedia Computer Science, 49, pp.202-210.
Diegues, N., Romano, P. and Rodrigues, L., 2014, August. Virtues and limitations of
commodity hardware transactional memory. In Proceedings of the 23rd international
conference on Parallel architectures and compilation (pp. 3-14). ACM.
Hu, D., Hong, P. and Chen, Y., 2017, December. Fadm: Ddos flooding attack detection and
mitigation system in software-defined networking. In GLOBECOM 2017-2017 IEEE
Global Communications Conference (pp. 1-7). IEEE.
Kharchenko, V., Kolisnyk, M. and Piskachova, I., 2018, May. The research of the smart
office availability model considering patches on the router firewall software. In 2018
IEEE 9th International Conference on Dependable Systems, Services and
Technologies (DESSERT) (pp. 169-174). IEEE.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
13Memcrashed
Lavasani, M., Angepat, H. and Chiou, D., 2014. An fpga-based in-line accelerator for
Memcached. IEEE Computer Architecture Letters, 13(2), pp.57-60.
Marathe, V.J., Seltzer, M., Byan, S. and Harris, T., 2017. Persistent Memcached: Bringing
legacy code to byte-addressable persistent memory. In 9th {USENIX} Workshop on
Hot Topics in Storage and File Systems (HotStorage 17).
Qin, X., Xu, T. and Wang, C., 2015, December. DDoS attack detection using flow entropy
and clustering technique. In 2015 11th International Conference on Computational
Intelligence and Security (CIS) (pp. 412-415). IEEE.
Ruan, W., Vyas, T., Liu, Y. and Spear, M., 2014, February. Transactionalizing legacy code:
An experience report using GCC and Memcached. In ACM SIGPLAN Notices (Vol.
49, No. 4, pp. 399-412). ACM.
Ruan, W., Vyas, T., Liu, Y. and Spear, M., 2014, February. Transactionalizing legacy code:
An experience report using GCC and Memcached. In ACM SIGPLAN Notices (Vol.
49, No. 4, pp. 399-412). ACM.
Shankar, D., Lu, X., Jose, J., Wasi-ur-Rahman, M., Islam, N. and Panda, D.K., 2015, March.
Can rdma benefit online data processing workloads on Memcached and mysql?.
In 2015 IEEE International Symposium on Performance Analysis of Systems and
Software (ISPASS) (pp. 159-160). IEEE.
Tapsell, J., Akram, R.N. and Markantonakis, K., 2018. An evaluation of the security of the
Bitcoin Peer-to-Peer Network. arXiv preprint arXiv:1805.10259.
Thilak, K.D. and Amuthan, A., 2018. Cellular automata-based improved ant colony-based
optimization algorithm for mitigating DDoS attacks in VANETs. Future Generation
Computer Systems, 82, pp.304-314.
Lavasani, M., Angepat, H. and Chiou, D., 2014. An fpga-based in-line accelerator for
Memcached. IEEE Computer Architecture Letters, 13(2), pp.57-60.
Marathe, V.J., Seltzer, M., Byan, S. and Harris, T., 2017. Persistent Memcached: Bringing
legacy code to byte-addressable persistent memory. In 9th {USENIX} Workshop on
Hot Topics in Storage and File Systems (HotStorage 17).
Qin, X., Xu, T. and Wang, C., 2015, December. DDoS attack detection using flow entropy
and clustering technique. In 2015 11th International Conference on Computational
Intelligence and Security (CIS) (pp. 412-415). IEEE.
Ruan, W., Vyas, T., Liu, Y. and Spear, M., 2014, February. Transactionalizing legacy code:
An experience report using GCC and Memcached. In ACM SIGPLAN Notices (Vol.
49, No. 4, pp. 399-412). ACM.
Ruan, W., Vyas, T., Liu, Y. and Spear, M., 2014, February. Transactionalizing legacy code:
An experience report using GCC and Memcached. In ACM SIGPLAN Notices (Vol.
49, No. 4, pp. 399-412). ACM.
Shankar, D., Lu, X., Jose, J., Wasi-ur-Rahman, M., Islam, N. and Panda, D.K., 2015, March.
Can rdma benefit online data processing workloads on Memcached and mysql?.
In 2015 IEEE International Symposium on Performance Analysis of Systems and
Software (ISPASS) (pp. 159-160). IEEE.
Tapsell, J., Akram, R.N. and Markantonakis, K., 2018. An evaluation of the security of the
Bitcoin Peer-to-Peer Network. arXiv preprint arXiv:1805.10259.
Thilak, K.D. and Amuthan, A., 2018. Cellular automata-based improved ant colony-based
optimization algorithm for mitigating DDoS attacks in VANETs. Future Generation
Computer Systems, 82, pp.304-314.
14Memcrashed
Travis, J., Pivotal Software Inc, 2014. Time series data mapping into a key-value database.
U.S. Patent 8,745,014.
Van Trung, P., Huong, T.T., Van Tuyen, D., Duc, D.M., Thanh, N.H. and Marshall, A., 2015,
October. A multi-criteria-based DDoS-attack prevention solution using software
defined networking. In 2015 International Conference on Advanced Technologies for
Communications (ATC) (pp. 308-313). IEEE.
Wang, B., Zheng, Y., Lou, W. and Hou, Y.T., 2015. DDoS attack protection in the era of
cloud computing and software-defined networking. Computer Networks, 81, pp.308-
319.
Wang, C., Miu, T.T., Luo, X. and Wang, J., 2018. SkyShield: a sketch-based defense system
against application layer DDoS attacks. IEEE Transactions on Information Forensics
and Security, 13(3), pp.559-573.
Wu, X. and Wu, G., Intel Corporation, 2018. Memcached systems having local caches. U.S.
Patent Application 14/911,353.
Xiao, P., Qu, W., Qi, H. and Li, Z., 2015. Detecting DDoS attacks against data center with
correlation analysis. Computer Communications, 67, pp.66-74.
Yuan, X., Li, C. and Li, X., 2017, May. DeepDefense: identifying DDoS attack via deep
learning. In 2017 IEEE International Conference on Smart Computing
(SMARTCOMP) (pp. 1-8). IEEE.
Zhang, W., Hwang, J., Wood, T., Ramakrishnan, K.K. and Huang, H., 2014. Load balancing
of heterogeneous workloads in Memcached clusters. In 9th International Workshop
on Feedback Computing (Feedback Computing 14).
Travis, J., Pivotal Software Inc, 2014. Time series data mapping into a key-value database.
U.S. Patent 8,745,014.
Van Trung, P., Huong, T.T., Van Tuyen, D., Duc, D.M., Thanh, N.H. and Marshall, A., 2015,
October. A multi-criteria-based DDoS-attack prevention solution using software
defined networking. In 2015 International Conference on Advanced Technologies for
Communications (ATC) (pp. 308-313). IEEE.
Wang, B., Zheng, Y., Lou, W. and Hou, Y.T., 2015. DDoS attack protection in the era of
cloud computing and software-defined networking. Computer Networks, 81, pp.308-
319.
Wang, C., Miu, T.T., Luo, X. and Wang, J., 2018. SkyShield: a sketch-based defense system
against application layer DDoS attacks. IEEE Transactions on Information Forensics
and Security, 13(3), pp.559-573.
Wu, X. and Wu, G., Intel Corporation, 2018. Memcached systems having local caches. U.S.
Patent Application 14/911,353.
Xiao, P., Qu, W., Qi, H. and Li, Z., 2015. Detecting DDoS attacks against data center with
correlation analysis. Computer Communications, 67, pp.66-74.
Yuan, X., Li, C. and Li, X., 2017, May. DeepDefense: identifying DDoS attack via deep
learning. In 2017 IEEE International Conference on Smart Computing
(SMARTCOMP) (pp. 1-8). IEEE.
Zhang, W., Hwang, J., Wood, T., Ramakrishnan, K.K. and Huang, H., 2014. Load balancing
of heterogeneous workloads in Memcached clusters. In 9th International Workshop
on Feedback Computing (Feedback Computing 14).
1 out of 15
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
 +13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024  |  Zucol Services PVT LTD  |  All rights reserved.