Distributed Denial Of Service DDOS Attack Computer Science Essay

Distributed Denial Of Service DDOS Attack Computer Science Essay Information technology is an exciting and emerging day by day technology which requires communication systems for data and services exchange. As nowadays every services and products uses computer and internet as a medium to interchange data or money in an open internet, hence prone to vulnerabilities. Distributed Denial of Service (DDoS) attack is an attack to the availability of the resources available, so that authenticated users do not use those resources. This paper intended to explore the existing threats and vulnerabilities of DDoS with possible solutions and recommendations plus overview and architecture methodology of this kind of attack. Confidentiality, Integrity and Availability are the three main features of the any computer network communication systems. DDoS which is a subset of Denial of service (DoS) attack, which result in overwhelming the victim machine and deny the services to its legitimate users results in Unavailability of the resources and services for concern clients. Some examples are smurf attack, SYN UDP floods and ping of death. DDoS is a type of DoS attack but uses distributed computers from different location to attack on a particular victim may be a server or client which results into the stopping of its functionality to provide services, hence unavailability of the server ultimately results loss in monetary plus status of the organization. It works by flooding all the network of the given organization with unwanted traffic, the first well known DDoS was identified in 2000 on yahoo.com which goes down to around two hours. The DDoS is a result of weakness of internet which prone to several vulne rabilities as internet was designed only for functionality but not concern about any security. As internet is an open network everything is open and is shared among authenticated users. Another big problem is that it is not centralized network different organization, different countries have their own rules and regulation regarding internet. DDoS Layer Involved The DDoS attack mainly occurs in three layers of the OSI model which are layer 3 (Network) layer 4 (transport) and layer 7 (application). In transport layer what exactly happens is that attacker uses a forged IP address to request for connection so in typical connection, 3 way TCP handshake is done but in this attack it does not complete 3 way handshake but send connection request over and over server reserves resources for each attempt and results in out of connection requires for the legitimate users. In network layer it includes ping of death and ICMP requests, where as in application layer is kind of effective DDoS attack and hard to detect because it passes the 3 way handshake and treated as authenticated user to the concern server, so attacker requests a large amount of data continuously through HTTP and results in avoiding its legitimate users as got busy with those false requests. In DDoS attack a combination of those three layers results in an effective attack that results i n some really drastic effects. Application Layer Presentation Layer Session Layer Transport Layer Network Layer Data link Layer Physical Layer Fig: 1-Layers Involved in DDoS DDoS Architecture The main purpose of DDoS attack is to overwhelm the related server and makes it down, it can be for benefit or for fun only but in both case legitimate clients suffered as bandwidth, resources, memory and CPU got wasted. DDoS attack architecture consists of hierarchy pattern to attack; the four main components of DDoS are as follows: Attacker Master Machines/Handler Zombie Machines Victim First of all attacker scans thousands of computers on the internet independent of the origin of the systems for known vulnerabilities that is which have minimum security aspect on the computer and makes Master machines or handlers, its consists of more than two systems to many depends upon how sophisticated is attack, after making handlers rest scans for the vulnerable systems is done by these handlers, which results in thousands of zombies across the globe without knowledge of concern users and when these zombies are ready attacker can execute for attack and makes the victim down. Attacker Master Machines/Handlers Zombie Machines Victim Fig: 2- DDoS Architecture As seen from the above figure attacker takes control of one or more than one masters which then take control over thousands zombies and when triggered at a specific time these zombies flood the victim. These attack results with the use of some tools (software or malware) which to be install on the masters and zombies so that attacker can take controls through these tools and monopoly the systems. Here above the communication between attacker and master machines is done through TCP protocol whereas between master machines to zombie and zombie machines to victim use UDP protocol for communication, as UDP is unreliable protocol so does not hold any state and results in no trace back, it uses TCP for initial communication because it needs to organize other subordinates with master machines. DDoS Tools The tools used by DDoS attack are very sophisticated as it runs in background or in foreground with the systems program name and is not visible or very hard to detect by administrators. Trin00, tribal flood network, stacheldraht, tribal flood network 2000, trinity, wintrin00, MStream and etc are the examples of such kind of tools used in DDoS attack, by this tools attacker installed and executes accordingly. It also helps him to facilitates co ordination between masters and zombie, and execute timer also to bombards at a fixed time, so that all zombies attacks the victim. Trin00 scans for buffer overflows in systems and install attack shell daemon through remote shell, it communicate through unencrypted UDP. In tribal flood network, it installs the daemon which carries out the multiple attacks like ICMP flood, UDP flood, SYN flood, communication done through ICMP ECHO and REPLY. List of zombies daemon IP address is encrypted in later version of TFN. Stacheldraht uses the combination of trin00 and TFN. Encryption takes place between attacker and masterà ¢Ãƒ ¢Ã¢â‚¬Å¡Ã‚ ¬Ãƒ ¢Ã¢â‚¬Å¾Ã‚ ¢s communication and attacks are similar to TFN. Trinity floods through UDP, SYN, and ACK through Internet Relay Chat (IRC) has a backdoor program which monitors TCP port. MStream uses forged TCP packets with ACK flag set, it uses TCP and UDP floods with no encryption in between but master machines are kept password protected. Beside these tools various other program and tools are readily available for such kind of attack which leaves no residue to trace back. DDoS Types DDoS are acts differently but mainly classified in two main categories according to their attack pattern which are as follows: Bandwidth Depletion attack Resource Depletion attack In bandwidth depletion attack the main targeted area is the bandwidth of the concern victim by overwhelming with unwanted traffic more than 10 Gbps (It depends) and prevents the legitimate users from gaining access for the services. Some examples of such attacks are UDP flood, ping flood, Smurf and reflection attacks which bombards with unwanted traffic to make unavailability of the services. Whereas in resource depletion attack, the main concern area are the resources available. This attack leads to the out of resource available for the concern users by TCP SYN attack, PUSH ACK attack, Teardrop attack. These attacks through the requests like SYN to the concern server which in return reserves resources for this request, but attacker bombards the same again and again and hence server goes out resources. DDoS Detection The very first question about this attack is that, how to know if DDoS attack happened in any organization or in any machine. So following are some ways to know if it occurs: Performance of CPU, Memory and bandwidth degrades abnormally. Services become unavailable or partially available. Cannot access given resources properly. These above are preliminary steps to know the DDoS attack. It can be monitor through the continuously analyzing of the systems. DDoS Defense Practically speaking it is impossible to prevent DDoS attack but what we can do is to reduce its effect or tries to make security strong as much as possible. The following are very basic defense mechanism against DDoS attacks are: Prevention Detection Classification Justifying Tracing back The first phase called prevention which means to prevent from DDoS attack as much as possible that is to prevent itself to be part of the attack architecture, so not to become handler. It is done through the continuous monitor of the systems but every user is not aware of the security issues. The second phase describes to know that if the systems are under attack by verifying abnormal activities like CPU or bandwidth uses, it can done through firewalls or routers. The third phase is classification of the detected attack according to its prototypes like IP Addresses, protocol used and packet type used; it can be done through the use of Intrusion Detection System for future countermeasure. The fourth mechanism is justifying the detected attack that is how to deal with the known or detected attack one way is to block the whole traffic from those addresses by using access control list on gateways or react accordingly another approach is to trace back the detected packet so that source ca n be identified. The final part of our defense mechanism is trace back which will be covered in later section of this paper. DDoS trace back DDoS trace back is possible to zombies only but may be if done in proper way can leads to the attacker, chances are very rare as it is independent of the location. Some of the methods are as follows: Link Testing Controlled Flooding ICMP Trace back IP Trace back In link testing, when attack is in progress routers can co ordinates with each other to determines which router originated the attack traffic and can trace to the upstream but requires inter ISP co operations as different connections are maintained by different ISP. Whereas in controlled flooding it floods each incoming links of the router to determines the source but needs router co operation and better network map, similarly in ICMP and IP trace back a reverse path is generated to identify the source but path can be long and packet format space is limited to cope. DDoS Security measures As currently various research are going on to stop DDoS attack and it may takes time but DDoS becoming deadly day by day and is considered second in financial losses due to attack after viruses but comparison to virus it is very new and have vast effect with no remedy. So only option we got is to make it harder for attacker to penetrate into the systems, and following are some security precaution we should follow: Install and update continuously antivirus and spyware software from trusted authority and run regularly. Patches the security components of the systems continuously and be always ready for up gradation of systems. A well set network infrastructure with proper installation of firewalls and routers with appropriate policies, so that unwanted traffic and organization traffic can be separated clearly. Filters incoming traffic on routers or rate-limit certain types of traffic like ICMP and SYN packets. Monitors continuously incoming and outgoing packets and if some abnormality seen then react accordingly. Use Network Address Translation (NAT) to hide internal IP addresses. Use Intrusion detection systems (IDS) implement host based IDS plus network based IDS in a mix pattern to filter and detect abnormalities in the network. Egress and Ingress filtering, these are filtering mechanism implement on IP traffic. Egress sets the ranges of IPs leaving the organizationà ¢Ãƒ ¢Ã¢â‚¬Å¡Ã‚ ¬Ãƒ ¢Ã¢â‚¬Å¾Ã‚ ¢s network whereas in ingress a set of IP address ranges are allowed to move into the network. Using of SYN and RST cookies to verifies both communication parties with the help of cookies, so that legitimate clients can access the resources. Use a proxy server in between the network so that a request goes via proxy to server and proxy filters it according the rules implemented on it. Implement Honeypots systems, these are the systems in an organization with open security and are separated with internal network to know the attack pattern. At last but not least literate the users or clients about the security concerns. Conclusion DDoS Attack is an attack on availability of the resources and services which results in financial losses, loss of organization reputation, and disturbance in work flow environment. The bitter truth is that the security technologies like firewall, routers and IDS are very week to prevent DDoS as it cannot differentiate between original and fake traffic. Another factor is that it uses IP spoofing, difficult to verify with original packets plus the routing involved is stateless. Hence results in very strong attack. In this paper we have gone through the DDoS overview with its architecture layouts plus types and tools involved in DDoS attack. We have highlighted the DDoS detection part and visualize the security aspects and implementation to safeguard the assets against such attack plus a brief summary to how to trace back. To compete with DDoS one way effort cannot prevent or defeat it, it needs all round support to tackle with it like among different internet communities, different countries to enforce such laws and regulation strictly to cope with it. suggestions DDoS is a newer and disastrous attack, so to prevent it I would suggest that very carefully implement DDoS security measures which are defined above. Beside these IPSec and SSL/TLS protocols implementation can helps a lot to prevent. VPNs can be added for secure channel communications. Use Mozilla Firefox as browser instead of others.

Key Events in the Civil Rights Movement Essay -- Civil Rights Equality

The Civil Rights Movement started with The Montgomery Bus Boycott. The Boycott officially started on December 1, 1955. Rosa Parks was an Educated women and she attended the laboratory school at Alabama State College. Even with that kind of education she decided to become a seamstress because of the fact that she could not find a job to suit her skills. Rosa Parks was arrested December 1955. Rosa Parks Entered a bus with three other blacks and sat on the fifth row. The fifth row was the first row the black could occupy. After a few stops later the rows in front of them where filled with whites. According to the law at the time blacks and whites could not occupy the same row. There had been one white man left with out a seat. The bus driver had told the four to move so the white man had a place to sit. The other three that was with Rosa Parks had moved. Rosa Parks however did not. She refused and was arrested. E.D. Nixon post bond for Rosa Parks. He told her that with her permission they could break segregation from buses with her case. Jo Ann Robinson made flyers and distributed them with her students. The flyers urged people to stay off the buses on Monday the day Rosa Parks case was due. Martin Luther King, Jr. a minister thought that if they could 60 percent of the blacks to stay off the buses the boycott would be a success. Martin Luther King Jr. thought he saw a miracle when he saw bus after bus pass his house with no blacks in them. That night they had called a meeting him and other ministers and blacks of the community which they called there self (MIA) Montgomery Improvement Association. They elected King the president of the group. They had a decision to make whether or not to continue with boycott or not. Then E.D. Nixon rose to speak: ?What's the matter with you people? Here you have been living off the sweat of these washerwomen all these years and you have never done anything for them. Now you have a chance to pay them back, and you're too damn scared to stand on your feet and be counted! The time has come when you men is going to have to learn to be grown men or scared boys.? The MIA had then decided to let the people vote on whether or not to let the boycott continue or not. They held a mass meeting and it was obvious to see that they decided to continue with the boycott. When the boycott began no one had expected for it to ... ...a return to Montgomery, where the civil rights movement had started ten years earlier with the Montgomery Bus Boycott. A few months later, blacks had reason to rejoice again. It was truly a day for celebration. On August 6, 1965, President Johnson signed the Voting Rights Act into law. By 1969, 61% of voting-age blacks in America were registered to vote, compared to 23% in 1964. The Selma to Montgomery march clearly showed both how far American blacks had come and how far they still had to go. Ten years ago blacks could barley do anything and now they are equally treated how they are suppose to be. During the movement mainly great people died. The sacrifices they made help make America what it is today. The movement was from 1955-1965, those years where some of the hardest years for America. We overcome our differences and now everyone is equal. This report was based on The Civil Rights Movement. Websites http://www.mecca.org/~crights/cyber.html http://www.cr.nps.gov/nr/travel/civilrights/ http://www.infoplease.com/spot/civilrightstimeline1.html Books Voices of Freedom: An Oral History of the Civil Rights Movement The Origins of the Civil Rights Movement

Analyze Individual And Societal Influences

Analyze individual and societal influences that lead to deviance from dominant group norms. People who become part of a group or are members of that group share similar characteristics of the same nature. â€Å"When there is proof of the uniqueness of a team, such person is believed to have an effect of black sheep, as he refused guidelines of the group and left the group. Individuals who are member of the group experience have more trouble with party members rather than out-group members.† (Fiske, 2010)Differences happen when an individual of a group understands and sees the implications of having a reward for his or her behavior. Difference happens when individuals understand and see the cost implications to reward their behavior. This behavior, deviance, is considered distracting and bad influence. It is considered negative when associated with criminals and addicts. People who deviate, are able to develop a sense of self-identity and truly are aware of the decision they ar e making.â€Å"Anomaly occurs because people develop an identity sense or self-understanding, which becomes their personal life standard,† however many of these people from the group become â€Å"anomaly learned contra conventional ways or objectives and attitudes of support in their early socialization. â€Å" An individual is prepared for deviance with this type of learning and social behavior that prepares for elimination of conservative norms and legitimacy from the group.The process of deviance happens with normal learning processes and with different theories of association, attitude learning, motivation values and knowledge to a degree that all of these becomes part of his identity and makes him or her strong enough for commitment. The learning process and the socialization help the individual change a very straight forward experience eliminating all conservative standards to neutral place, eliminating the guilt, underlying important personal characteristics.Also, de viation of a group is possible for having individuals who have inspirational behavior but no chance of becoming a leader in the group. There are standards that are required as key element to eliminate tendency of the group going for deviance. The most important factor of preventing deviance within the group is communication of feelings. â€Å"If members of a group are participants who are active, who know they have a potential in the group, who are well known of their skills or position in the group, which is less likely to deviate from the group.

Burmese Days an Example of Imperialism Essay - 772 Words

Burmese Days: An Example of Imperialism Nineteenth century industrialization brought new riches and power to Western Europe, driving the expansion of opportunities and the building of empires in undeveloped territories. Although the developed countries brought many modern technologies to under-developed nations, they also brought fierce racism and European arrogance. Burmese Days by George Orwell was written in 1834 as a satirical view of English imperial life in Burma. Orwell provides a realistic observation of the arrogance the English demonstrated towards the natives and how they justified their actions. Europeans brought many new technologies to the countries that they imperialized. They built railroads and other types of†¦show more content†¦Although Flory has a fondness towards the Burmese people, he still considers himself superior to them which is especially demonstrated through his interactions his Mistress, Ma Hla May. On the day he meets Elizabeth, when Ma H la May shows up he tells her â€Å"Go away this instant. If you make any trouble I will afterwards take a bamboo and beat you till not one of your ribs is whole† (Orwell 87). It is doubtful that he would carry through with the beating, but the threat demonstrates his feeling of superiority. The attitudes of the English are wrong, but perhaps understandable. They assume that because the Burmese are not educated in the same manner as the English, they are not as intelligent. Since the country is not industrialized they have no ambition. Since they are mild mannered and do not fight the English (who have guns), they have surrendered to their natural place in society. Since their skin is brown instead of white, they are not beautiful. One must question how history would change if the Europeans of the 19th century and all people up to today would choose to learn and understand the cultures of others rather than pass judgments and make assumptions. Just as struggles between the upper and lower class were born from a lack of understanding for the other man’s condition in the early days of industrialization, the same is true for the times of imperialism. The English in Burmese Days have taken control of the area with noShow MoreRelatedBurmese Days1142 Words   |  5 PagesRacism in Burmese Britain owned many colonies throughout the 1800’s including Burma. While the British were able to manufacturing raw materials from Burma until the early 1900’s, British Imperialism would forever influence the Burmese Natives. In George Orwell book â€Å"Burmese Days,† racism is one example of this British Imperialism influence. British Imperialism allowed the use of racism to influence the European Club members and British military. Some British authority used racism to diminish theRead MoreBritish Imperialism In George Orwells Shooting An Elephant1042 Words   |  5 PagesBritish man, where rising imperialism of British in Burma is becoming more dominant. The essay started off identifying who George Orwell was. A sub-divisional police officer of Moulmein, who developed a feeling of being anti-European towards the Burmese people. By claiming that no one is courageous enough to raise a riot against the British, Orwell basically told us how dominant the imperialist was. Even the Buddhist priests, who are well respected amongst the Burmese were being jeered by the BritishRead MoreRhetorical Analysis Of George Orwell s Shooting An Elephant 1272 Words   |  6 Pagessecretly sides with the Burmese, he is resentful of the way they torment him. Eventually, a previously chained elephant is introduced to the essay. It is when this elephant escapes that it begins ravaging Moulmein. After concluding that the elephant’s mahout, a person who works with, rides, and tends to elephants, is a 12-hour’s journey away, Orwell is asked to step in. Here, Orwell is faced with the displeasuring choice of shooting it, or once again—bein g humiliated by the Burmese through numerous paragraphsRead MoreThe Evolution Of Imperialism In Shooting An Elephant By George Orwell711 Words   |  3 Pages As society has progressed, the evolution of imperialism has come to a point where people see it has pure history. It has vanished from our daily lives as we have not recently witness a country trying to dominate another. In â€Å"Shooting an Elephant† by George Orwell, we are able to envision the lives of the Burmese as they were involuntarily controlled by the British. In the early 1900’s we are told a true story of Orwell himself where he was once established in Burma was apart of his military serviceRead MoreShooting an Elephant bye George Orwell1019 Words   |  4 Pagesideal example. In the story, Orwell, the main character, works as a policeman in Burma in the 1930s for the British Empire. One day, an elephant tramples loose, and although Orwell has no intent on shooting the elephant, a mob of native Bur mese pressures Orwell to shoot the elephant. He reluctantly acquiesces to prevent being humiliated. After that experience, Orwell writes â€Å"Shooting an Elephant† to demonstrate native resentment of the British through mood, to reveal the tyranny of imperialism andRead MoreBurmese Days by George Orwell1125 Words   |  5 Pagesconnections to Burma go a long way back, all the way back to the first Anglo-Burmese war which was fought in the mid-1820s. It was then and there that Burma was subjected to the colonial rule of the British, and the lives of its people were forever changed. The rich became poorer, the middle class became poorer and the poor, needless to say became the poorest. The British intruded and forced themselves into the Burmese people’s lives with clear intent, they wanted to give the people of Burma somethingRead MoreImperialism In The 19Th Century Resulted In European Countries1726 Words   |  7 PagesImperialism in the 19th century resulted in Eur opean countries using social Darwinism to justify controlling the social and cultural lives of natives in African countries.When Chinua Achebe published Things fall apart in 1958, a novel criticizing the European aspects of imperialism, his aspiration was to teach readers that â€Å"their past-with all its imperfections-was not one long night of savagery from which the first Europeans acting on God’s behalf delivered them†(Chinua Achebe on the Role of theRead MoreShooting An Elephant By George Orwell867 Words   |  4 Pagesstory â€Å"Shooting an Elephant† by George Orwell describes Orwell’s experience as a police officer of a town in the British colony of Burma. George Orwell, a military occupier in the Burmese land is much hated by the civilians. The hatred he receives from the locals makes him despise the British Empires mistreatment on the Burmese people. However, he also resents the locals in the village for revolting against him, for he is only a worker of the British Empire. â€Å"Shooting an Elephant† by George Orwell discussesRead MoreEssay An Analysis of Orwells quot;Shooting an Elephantquot;2832 Words   |  12 Pagesloyalties going on in his heart because of the fact that he was at once opposed to the dirty work of Imperialistic feelings, but could not express them properly. He loathed the tyrannous and oppressive rule of a handful of British on a large number of Burmese people. He belonged to the class of oppressors but had sympathy with the uneasiness of conscience made it difficult for him to continue in the service of Imperial Police. The native peoples hatred for the British and the strong anti-English feelingRead MoreGrade 10 English - King vs Orwell Essay1633 Words   |  7 Pagesmakes their approach to injustices interesting is that neither of the authors were native to the area where the oppression was occurring, yet both felt that it was in their best interest to do or say something about the situati on. Dr. King, for example, explained that although not from Birmingham, he needed to be there because of all the injustices the white people where doing to the coloured community; â€Å"I am in Birmingham because injustice is here† (King). Orwell, although less enthusiastic