Information Security: Mobile Botnet Threats and Mitigation Strategies
VerifiedAdded on 2021/04/17
|28
|7728
|183
Report
AI Summary
This report provides a detailed analysis of mobile botnets, starting with an executive summary that highlights the increasing vulnerability of mobile devices to malicious code. The introduction traces the evolution of mobile malware, focusing on botnets controlled by remote entities through command and control (C&C) servers. The literature review examines the differences between PC and mobile botnets, including platform of operation, connectivity, and detection methods, as well as the lucrative nature of mobile botnet attacks. The report discusses the structure of botnets, including C&C mechanisms like IRC and P2P, and explores various infection methods and trigger events. It also presents solutions for detecting malicious activity, such as analyzing transmitted packets and mitigating DDoS attacks. The report covers attacks like theft of data and phone hijacking, and examines malware detection techniques including signature-based detection, behavior checking, and integrity checkers. The conclusion summarizes the key findings and emphasizes the ongoing challenges in mobile security.
Running head: INFORMATION SECURITY
INFORMATION SECURITY
Name of the student
Name of the University
Authors note:
INFORMATION SECURITY
Name of the student
Name of the University
Authors note:
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
1INFORMATION SECURITY
Executive Summary
With the rise and advent of popularity in various kinds of wireless devices, the number of small
enabled device has increase in due course of time. Mobile device is becoming more and more
used to people of various kinds of people. It can easily result in various threats which are
vulnerable to malicious codes. Mobile devices heavily depend on open and public transmission
media. It provides a large number of features like email address, downloading of software and
also e-banking. With the increase in the capabilities of these device the impact and threat of
malicious code have increased a lot.
Executive Summary
With the rise and advent of popularity in various kinds of wireless devices, the number of small
enabled device has increase in due course of time. Mobile device is becoming more and more
used to people of various kinds of people. It can easily result in various threats which are
vulnerable to malicious codes. Mobile devices heavily depend on open and public transmission
media. It provides a large number of features like email address, downloading of software and
also e-banking. With the increase in the capabilities of these device the impact and threat of
malicious code have increased a lot.
2INFORMATION SECURITY
Table of Contents
Introduction..........................................................................................................................3
Literature Review................................................................................................................4
Structure of botnet...........................................................................................................6
Command and Control.....................................................................................................7
Infection Method.............................................................................................................9
Trigger Events...............................................................................................................10
Solution for detection of malicious activity between phone and server............................10
Distributed Denial of Service Prevention Methods.......................................................10
Mobile Ad Hoc Network (MANET).............................................................................12
Attacks.......................................................................................................................15
Security......................................................................................................................17
Theft of data...................................................................................................................18
Phone Hijacking.............................................................................................................18
Malicious code detection technique...............................................................................19
Signature based detection..........................................................................................19
Behavior Checking....................................................................................................19
Integrity checker........................................................................................................19
Conclusion.........................................................................................................................19
References..........................................................................................................................21
Table of Contents
Introduction..........................................................................................................................3
Literature Review................................................................................................................4
Structure of botnet...........................................................................................................6
Command and Control.....................................................................................................7
Infection Method.............................................................................................................9
Trigger Events...............................................................................................................10
Solution for detection of malicious activity between phone and server............................10
Distributed Denial of Service Prevention Methods.......................................................10
Mobile Ad Hoc Network (MANET).............................................................................12
Attacks.......................................................................................................................15
Security......................................................................................................................17
Theft of data...................................................................................................................18
Phone Hijacking.............................................................................................................18
Malicious code detection technique...............................................................................19
Signature based detection..........................................................................................19
Behavior Checking....................................................................................................19
Integrity checker........................................................................................................19
Conclusion.........................................................................................................................19
References..........................................................................................................................21
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
3INFORMATION SECURITY
Introduction
In the year of 2014 mobile malware completed ten years of existence. Cabir was
considered to be first mobile worm discovered in 2004. Mobile malware has been considered to
have the same evolution as the PC malware (Appala et al., 2015). This report mainly focused on
emergence of bots for mobile phones and piece of malware which can easily control by a remote
entity. Command and Control (C&C) server or botmaster is used for performing various kinds of
function. A botnet is nothing but a collection of compromised computer comprised controls done
by a botmaster. Bots or compromised control can be easily used for various kinds of attacks like
Distributed denial of service (DDoS), identification of theft and lastly spamming. Most of
botnets generally makes of command and control server which makes use of botmaster for issues
various kinds of commands to specific bots (Arora, Garg & Peddoju, 2014). Mobile applications
are gaining large amount of popularity in the era of mobile and cloud computing. Most of the
sensitive information is generally stored inside this kinds of mobile application like Facebook,
various authentication tokens and browsing histories of chrome. However, there are certain
number ways which can be used for private files from various application in an indirect way
(Arzt et al., 2014). It is generally achieved by exploiting files in indirect manner by making use
of trusted victims.
In the coming pages of the report a literature review has been done on the various
methods for detection of malicious activity between mobile phone and the server. It is generally
achieved by making use of command and control and by making use of MTM proxy. This paper
mainly discusses the problem that is attackers steal vital information without the consent of
client. Possible solution for detection of malware activity is the analyzation of transmitted
packets between mobile phone and server.
Introduction
In the year of 2014 mobile malware completed ten years of existence. Cabir was
considered to be first mobile worm discovered in 2004. Mobile malware has been considered to
have the same evolution as the PC malware (Appala et al., 2015). This report mainly focused on
emergence of bots for mobile phones and piece of malware which can easily control by a remote
entity. Command and Control (C&C) server or botmaster is used for performing various kinds of
function. A botnet is nothing but a collection of compromised computer comprised controls done
by a botmaster. Bots or compromised control can be easily used for various kinds of attacks like
Distributed denial of service (DDoS), identification of theft and lastly spamming. Most of
botnets generally makes of command and control server which makes use of botmaster for issues
various kinds of commands to specific bots (Arora, Garg & Peddoju, 2014). Mobile applications
are gaining large amount of popularity in the era of mobile and cloud computing. Most of the
sensitive information is generally stored inside this kinds of mobile application like Facebook,
various authentication tokens and browsing histories of chrome. However, there are certain
number ways which can be used for private files from various application in an indirect way
(Arzt et al., 2014). It is generally achieved by exploiting files in indirect manner by making use
of trusted victims.
In the coming pages of the report a literature review has been done on the various
methods for detection of malicious activity between mobile phone and the server. It is generally
achieved by making use of command and control and by making use of MTM proxy. This paper
mainly discusses the problem that is attackers steal vital information without the consent of
client. Possible solution for detection of malware activity is the analyzation of transmitted
packets between mobile phone and server.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
4INFORMATION SECURITY
Literature Review
Cryptolocker ransomware generally targets various kinds of Android platform which is
used for deactivation of commands from its botmaster. In the first section of the conceptual and
implementation differences between computers and mobile botnets will be discussed.
Platform of operation: According to Chou (2013), the platform for running botmasters
and slaves is considered to be a difference between mobile and PC botnets. In the matter of PC
malware both of the botmaster and salve run on the same kind of platform whereas in the case of
mobile botnets the bot slave is generally mobile phone. Botmaster running on computers or
phone is generally operated by an attacker.
Connectivity: It is stated by Ding, et al (2014) that Mobile botnets are generally
subjected to connectivity of a mobile phone with a cellular network for communication with the
help of cellular network for communication with Command and control (C and C) server.
Whereas PC botnets are generally subjected to internet access of PC that is generally affected by
networks faults and technical errors in the devices. This domain is generally considered to be
leveled for both kinds of botnets.
Lucrativeness: It is stated by Dua and Bansal (2014) that mobile devices generally
provide better lucrative attacks because of fact that they are carried by various kinds of user. It
focusses on providing large value of probability of having proper information from various kinds
of information from audio and video recordings and cameras. It generally focusses on PC botnets
which depend on uptime of device and availability of user. A key point to notice for mobile
botnets that their system counterparts they do not provide any kind of ability which can be used
for location of victim in real time.
Literature Review
Cryptolocker ransomware generally targets various kinds of Android platform which is
used for deactivation of commands from its botmaster. In the first section of the conceptual and
implementation differences between computers and mobile botnets will be discussed.
Platform of operation: According to Chou (2013), the platform for running botmasters
and slaves is considered to be a difference between mobile and PC botnets. In the matter of PC
malware both of the botmaster and salve run on the same kind of platform whereas in the case of
mobile botnets the bot slave is generally mobile phone. Botmaster running on computers or
phone is generally operated by an attacker.
Connectivity: It is stated by Ding, et al (2014) that Mobile botnets are generally
subjected to connectivity of a mobile phone with a cellular network for communication with the
help of cellular network for communication with Command and control (C and C) server.
Whereas PC botnets are generally subjected to internet access of PC that is generally affected by
networks faults and technical errors in the devices. This domain is generally considered to be
leveled for both kinds of botnets.
Lucrativeness: It is stated by Dua and Bansal (2014) that mobile devices generally
provide better lucrative attacks because of fact that they are carried by various kinds of user. It
focusses on providing large value of probability of having proper information from various kinds
of information from audio and video recordings and cameras. It generally focusses on PC botnets
which depend on uptime of device and availability of user. A key point to notice for mobile
botnets that their system counterparts they do not provide any kind of ability which can be used
for location of victim in real time.
5INFORMATION SECURITY
Detection: It is stated by Falcone and Garro (2014) that Possible ways or methods for
detection of sign of infection generally exist in both mobile and PC botnets. Apart from that
mobile botnets address various kinds of risk of detection resulting from various kinds of mobile
bills which can occur due to internet connection or any kind of SMS message in fixed amount or
any kind of unusual number in the call history.
Takedown: It is stated by Grymin and Farhood (2014) that Mobile botnets are generally
considered to be fair for taking down. All the cases addressed so far in the single point of taking
down that can be either a phone number, a sever and email associated with it. However due to
development of new variety with remotely upgraded Command and control, mobile botnets may
have headed towards a new level of complexity for various kinds of PC botnets.
This part mainly discusses Yxes malware for Symbian platform which is considered to be
first step for mobile botnets. In the year of 2009, Symbian malware known as Yxes was
discovered which focused on focused on forecast of mobile botnet.
Internet access: According to Guido et al. (2013), the malware collected information
from various kinds of information from infected phones like serial numbers and subscription
number and after that it is forwarded to remote server by fulfilling of requirement for various
kinds of qualification like bot client.
SMS propagation: According to Guri et al., (2015), Malware generally affect the sent
out message which contains the download link. After that the link is pointed to a copy of the
worm. There are no doubts regarding the fact that remote copy of malware can be easily
upgraded by attackers which focus on the ability for listing various kinds of commands.
Detection: It is stated by Falcone and Garro (2014) that Possible ways or methods for
detection of sign of infection generally exist in both mobile and PC botnets. Apart from that
mobile botnets address various kinds of risk of detection resulting from various kinds of mobile
bills which can occur due to internet connection or any kind of SMS message in fixed amount or
any kind of unusual number in the call history.
Takedown: It is stated by Grymin and Farhood (2014) that Mobile botnets are generally
considered to be fair for taking down. All the cases addressed so far in the single point of taking
down that can be either a phone number, a sever and email associated with it. However due to
development of new variety with remotely upgraded Command and control, mobile botnets may
have headed towards a new level of complexity for various kinds of PC botnets.
This part mainly discusses Yxes malware for Symbian platform which is considered to be
first step for mobile botnets. In the year of 2009, Symbian malware known as Yxes was
discovered which focused on focused on forecast of mobile botnet.
Internet access: According to Guido et al. (2013), the malware collected information
from various kinds of information from infected phones like serial numbers and subscription
number and after that it is forwarded to remote server by fulfilling of requirement for various
kinds of qualification like bot client.
SMS propagation: According to Guri et al., (2015), Malware generally affect the sent
out message which contains the download link. After that the link is pointed to a copy of the
worm. There are no doubts regarding the fact that remote copy of malware can be easily
upgraded by attackers which focus on the ability for listing various kinds of commands.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
6INFORMATION SECURITY
However, Yxes is not considered as a bot because it lacks certain functionality of bot like
ability of accepting commands from distance or remote location (Guri et al., 2014). In the same
year another kind of malware known as Eeki.B on iOS platform was discovered. This type of
variant is generally used for stealing information from infected mobile phones like database of
SMS, OS version of iPhone and SQL version to a remote server. This version was not included
because of two important reasons namely
Jailbroken devices: Malware generally worked as type of Jailbroken device. Apart from
this it only tends to work on SSH-enabled applications and makes use of ssh password known as
‘alpine’.
C and C down: The malware is generally needed or required so that it can easily qualify
as a bot. In this matter there are certain number of confirmed cases known as exact response
which is generally received from C and C.
Structure of botnet
In a generic botnet, various components are considered to be necessary which is mainly
inclusive of structure of command and control, a protocol for communication, functionality
related to bot, infection method and events (Hoekstra et al.,2013). After the infection, the system
of victim generally runs or executes a script known as shell. The main task of this to easily fetch
image of bot binary from a particular location or area. After that hot binary is generally installed
on the targeted machine.
However, Yxes is not considered as a bot because it lacks certain functionality of bot like
ability of accepting commands from distance or remote location (Guri et al., 2014). In the same
year another kind of malware known as Eeki.B on iOS platform was discovered. This type of
variant is generally used for stealing information from infected mobile phones like database of
SMS, OS version of iPhone and SQL version to a remote server. This version was not included
because of two important reasons namely
Jailbroken devices: Malware generally worked as type of Jailbroken device. Apart from
this it only tends to work on SSH-enabled applications and makes use of ssh password known as
‘alpine’.
C and C down: The malware is generally needed or required so that it can easily qualify
as a bot. In this matter there are certain number of confirmed cases known as exact response
which is generally received from C and C.
Structure of botnet
In a generic botnet, various components are considered to be necessary which is mainly
inclusive of structure of command and control, a protocol for communication, functionality
related to bot, infection method and events (Hoekstra et al.,2013). After the infection, the system
of victim generally runs or executes a script known as shell. The main task of this to easily fetch
image of bot binary from a particular location or area. After that hot binary is generally installed
on the targeted machine.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7INFORMATION SECURITY
Fig 1: Life cycle of generic botnet
(Source: Created by Author)
In the Fig 1 an idea has been gathered regarding generic botnet which focus on command
and control. The botmaster generates issues of commands by the help of internet relay chat (IRC)
servers with the help of infected host.
Command and Control
Among various kinds of command and control (C and C) of botnets, IRC is considered to
be successful and has been implemented by majority of botnets. The ultimate goal of IRC is to
provide synchronous way of messaging (Karim, Shah & Salleh, 2014). IRC is generally used for
online chat, audio and video conferencing and it also address text based function by various
kinds on multi-user. IRC generally enables various kinds of botmaster to generate commands to
individual kinds of bot. Another benefit of using IRC for a particular kind of botnet is the
command and control traffic which is considered to be difficult to normal kind of IRC usage.
Fig 1: Life cycle of generic botnet
(Source: Created by Author)
In the Fig 1 an idea has been gathered regarding generic botnet which focus on command
and control. The botmaster generates issues of commands by the help of internet relay chat (IRC)
servers with the help of infected host.
Command and Control
Among various kinds of command and control (C and C) of botnets, IRC is considered to
be successful and has been implemented by majority of botnets. The ultimate goal of IRC is to
provide synchronous way of messaging (Karim, Shah & Salleh, 2014). IRC is generally used for
online chat, audio and video conferencing and it also address text based function by various
kinds on multi-user. IRC generally enables various kinds of botmaster to generate commands to
individual kinds of bot. Another benefit of using IRC for a particular kind of botnet is the
command and control traffic which is considered to be difficult to normal kind of IRC usage.
8INFORMATION SECURITY
IRC depend botnet is considered to be a centralized way as the botmaster makes use of
one server or more than one server and can easily communicate directly with all the bots (Khan
et al., 2016). IRC is based on C and C architecture which is considered to be easy to build or
construct and aims in providing efficient and effective ways or method for distributing botmaster
commands. By making use of C and C server a single botmaster can easily control a large
number of bots.
Instead of making use of IRC channel, a few kind of botnet have make use of peer to peer
(P2P) mechanism for C and C. In proper peer to peer architecture, in the network architecture
any node can easily act like a server and client (Kharraz et al.,2014). For a kind of botnet, the
benefit of P2P is that there are is no single point of failure. It is considered to be extremely
difficult for law enforcement to stop P2P botnet even if the botnet is considered to be in offline
state, botnet may have considered to function. However, it is generally considered to be difficult
for developing of architecture of P2P botnet.
Some of the examples of botnets based on IRC-based botnets are AgoBot, SpyBot,
GTBot, SDBot. All the botnets have been described in details in the coming pages.
AgoBot is generally is encrypted in C/C++ and because of use standard structure of data
it becomes for various kinds of attackers to change and add new functions to it (Kim & Lie,
2015). It is a sophisticated type of malware which can easily launch various kinds of DDoS kind
of attacks and can easily harvest various kinds of sensitive information. It can easily evade
various kinds of detection by making use of vulnerabilities, closure of back door and stopping of
access to various kinds of internet sites.
IRC depend botnet is considered to be a centralized way as the botmaster makes use of
one server or more than one server and can easily communicate directly with all the bots (Khan
et al., 2016). IRC is based on C and C architecture which is considered to be easy to build or
construct and aims in providing efficient and effective ways or method for distributing botmaster
commands. By making use of C and C server a single botmaster can easily control a large
number of bots.
Instead of making use of IRC channel, a few kind of botnet have make use of peer to peer
(P2P) mechanism for C and C. In proper peer to peer architecture, in the network architecture
any node can easily act like a server and client (Kharraz et al.,2014). For a kind of botnet, the
benefit of P2P is that there are is no single point of failure. It is considered to be extremely
difficult for law enforcement to stop P2P botnet even if the botnet is considered to be in offline
state, botnet may have considered to function. However, it is generally considered to be difficult
for developing of architecture of P2P botnet.
Some of the examples of botnets based on IRC-based botnets are AgoBot, SpyBot,
GTBot, SDBot. All the botnets have been described in details in the coming pages.
AgoBot is generally is encrypted in C/C++ and because of use standard structure of data
it becomes for various kinds of attackers to change and add new functions to it (Kim & Lie,
2015). It is a sophisticated type of malware which can easily launch various kinds of DDoS kind
of attacks and can easily harvest various kinds of sensitive information. It can easily evade
various kinds of detection by making use of vulnerabilities, closure of back door and stopping of
access to various kinds of internet sites.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
9INFORMATION SECURITY
SpyBot is taken to be enhanced or upgraded form of SDBot and is generally written in C
language. It has only 3000 lines of codes and comes up with scanning capability and host
controlling functions. GTBot stands for Global threat Bot is also known as Aristotles can easily
perform, port scanning and RPC exploration. In comparison to AgoBot and SpyBot, GTBot
gives limited amount of controls over host (Konoth, van der Veen & Bos, 2016). A GT bot is
only capable of obtaining local type of system information and can easily affect local files.
SDBots are source codes which are written in C and generally consist of less than 2500
lines of codes. It has certain number of command set and specification much similar to AgoBot.
SDBot is considered to be powerful scanning tool which is used for locating various potential
victims. P2P botnets are generally considered to be difficult for construction and there are few
examples of such kinds of botnets (Kraunelis et al., 2013). Some recent example of P2P botnet
is Nugache and Storm. Storm is generally inclusive of distributed denial service (DDoS) which is
nothing but triggered based on information which is generally gathered from various kinds of
overlay networks.
Infection Method
Another important part of design of practical botnet is method which is used for infecting
various systems. Some of the generally methods used by Botnet are:
Exploiting the vulnerabilities that is security bugs and followed by downloading
and installing of software.
Exploiting of various kinds of network services like RPC or MSSQL.
Tricking of various kinds of user by downloading and execution of various
programs.
SpyBot is taken to be enhanced or upgraded form of SDBot and is generally written in C
language. It has only 3000 lines of codes and comes up with scanning capability and host
controlling functions. GTBot stands for Global threat Bot is also known as Aristotles can easily
perform, port scanning and RPC exploration. In comparison to AgoBot and SpyBot, GTBot
gives limited amount of controls over host (Konoth, van der Veen & Bos, 2016). A GT bot is
only capable of obtaining local type of system information and can easily affect local files.
SDBots are source codes which are written in C and generally consist of less than 2500
lines of codes. It has certain number of command set and specification much similar to AgoBot.
SDBot is considered to be powerful scanning tool which is used for locating various potential
victims. P2P botnets are generally considered to be difficult for construction and there are few
examples of such kinds of botnets (Kraunelis et al., 2013). Some recent example of P2P botnet
is Nugache and Storm. Storm is generally inclusive of distributed denial service (DDoS) which is
nothing but triggered based on information which is generally gathered from various kinds of
overlay networks.
Infection Method
Another important part of design of practical botnet is method which is used for infecting
various systems. Some of the generally methods used by Botnet are:
Exploiting the vulnerabilities that is security bugs and followed by downloading
and installing of software.
Exploiting of various kinds of network services like RPC or MSSQL.
Tricking of various kinds of user by downloading and execution of various
programs.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
10INFORMATION SECURITY
Trigger Events
A trigger event can be easily used for activation of botnet for performing various kinds of
malicious activities (Machado, Barreto & Yano, 2013). For example, a specific date can be easily
used on certain time of day and easily serve as a trigger event.
Convert channels
A convert channel is generally used for establishing communication path which is
generally not intended by a system designer. Convert channel arises in many situations within
network communication (Machado et al., 2015). Convert channels are generally considered to be
virtually impossible for elimination in high-security environment and main stress is only limited
to capacity of channels.
Solution for detection of malicious activity between phone and server
Distributed Denial of Service Prevention Methods
In the world of computers and smart phone a revolution came with the advancement of
internet. Internet has become an important in present society as it is changing the way of
communication, business mode (Machado et al., 2014). Various kinds of services like banking,
power and defense are now dependent on internet. Use of internet technology are now growing at
a rapid rate as various organization round the globe are large dependent on it.
A DOS attack generally makes use of various for launching coordinate attacks against
one or more targets. It is generally launched by sending a stream of computerized system by
transmitting a stream of useless aggregate traffic which is mainly focused to exploit various
kinds of victims (Nagy & Mezei, 2016). There are many kinds of side effects of DDoS attack
like it generally creates congestion on the way from the source to the target which ultimately
Trigger Events
A trigger event can be easily used for activation of botnet for performing various kinds of
malicious activities (Machado, Barreto & Yano, 2013). For example, a specific date can be easily
used on certain time of day and easily serve as a trigger event.
Convert channels
A convert channel is generally used for establishing communication path which is
generally not intended by a system designer. Convert channel arises in many situations within
network communication (Machado et al., 2015). Convert channels are generally considered to be
virtually impossible for elimination in high-security environment and main stress is only limited
to capacity of channels.
Solution for detection of malicious activity between phone and server
Distributed Denial of Service Prevention Methods
In the world of computers and smart phone a revolution came with the advancement of
internet. Internet has become an important in present society as it is changing the way of
communication, business mode (Machado et al., 2014). Various kinds of services like banking,
power and defense are now dependent on internet. Use of internet technology are now growing at
a rapid rate as various organization round the globe are large dependent on it.
A DOS attack generally makes use of various for launching coordinate attacks against
one or more targets. It is generally launched by sending a stream of computerized system by
transmitting a stream of useless aggregate traffic which is mainly focused to exploit various
kinds of victims (Nagy & Mezei, 2016). There are many kinds of side effects of DDoS attack
like it generally creates congestion on the way from the source to the target which ultimately
11INFORMATION SECURITY
disrupts the normal kind of network kind of internet operation. At present major of the internet
operation are carried by organized criminals which ultimately hampers financial institutions and
e-commerce. Classification of wide range of DDoS attacks are generally found in wild which
internet providers and users are needed to be well aware. It was launched in two forms namely
first one to exploiting of software vulnerabilities and second form is to make use of massive
volume (Nigam, 2015). The first form focus on target by sending packets and crashing of system.
The second form is to garbled packets so one can easily look for communication resource on
proper machine so that it cannot serve various kinds of legitimate users. The resource consumed
by various kinds of attacks focus on network bandwidth, disk space, data structure and various
kinds of network connection. It is possible to easily to establish protection for first form of
patching down of vulnerabilities, on the contrary second form cannot be easily prevented (Ning
& Yan, 2015). Various targets can be easily attacked as they are generally connected to a public
network.
DDoS is generally known as event in which a user or organization deprives certain
number of services like web, network connectivity. It is generally considered to be a resource
overloading problem. Resource can be anything like bandwidth, CPU cycles and buffers. The
attackers can easily bombard resources by flood of packets or can easily make use of single logic
packets that can activate a series of process.
Network bandwidth Resources: This is generally related with capacity of linking
various kinds of servers to wider value of internet or connectivity between clients and IPS
(Internet Service Provider). Major of the time bandwidth of client’s internal network is
considered to be less connectivity with the external kinds of network. Traffic which generally
disrupts the normal kind of network kind of internet operation. At present major of the internet
operation are carried by organized criminals which ultimately hampers financial institutions and
e-commerce. Classification of wide range of DDoS attacks are generally found in wild which
internet providers and users are needed to be well aware. It was launched in two forms namely
first one to exploiting of software vulnerabilities and second form is to make use of massive
volume (Nigam, 2015). The first form focus on target by sending packets and crashing of system.
The second form is to garbled packets so one can easily look for communication resource on
proper machine so that it cannot serve various kinds of legitimate users. The resource consumed
by various kinds of attacks focus on network bandwidth, disk space, data structure and various
kinds of network connection. It is possible to easily to establish protection for first form of
patching down of vulnerabilities, on the contrary second form cannot be easily prevented (Ning
& Yan, 2015). Various targets can be easily attacked as they are generally connected to a public
network.
DDoS is generally known as event in which a user or organization deprives certain
number of services like web, network connectivity. It is generally considered to be a resource
overloading problem. Resource can be anything like bandwidth, CPU cycles and buffers. The
attackers can easily bombard resources by flood of packets or can easily make use of single logic
packets that can activate a series of process.
Network bandwidth Resources: This is generally related with capacity of linking
various kinds of servers to wider value of internet or connectivity between clients and IPS
(Internet Service Provider). Major of the time bandwidth of client’s internal network is
considered to be less connectivity with the external kinds of network. Traffic which generally
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
1 out of 28
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.