Executive Summary:
Distributed Denial-of-Service (DDoS) attacks are among the most established and pricey forms of such attacks, posing a serious threat to online businesses. During a DDoS attack, remote attackers generate a flood of traffic to a specific destination to disrupt a targeted website or server. The attack can come from one or multiple compromised machines or large networks of infected computers (i.e. botnets) to flood the target with high volumes of illegal traffic. As the targeted systems strain to keep up with the inundation, the subsequent slowdown/shutdown blocks legitimate users from access. The goal of most DDoS attacks is to force the targeted computing resources completely offline. The assailants succeed most of the time.
The Paradise Beach University (PBU) network specialists’ policy is to get involved in three different phases in fighting the denial of service attacks. During the first step, the network team will have to identify if the school is experiencing an attack and for the second step, the PBU’s specialists will have to find out if the attack has been implemented on the school’s network. For the final and most important phase, the network specialists will need to get involved in counteracting the attack.
Since the PBU network team discovered that a password sniffer application was somehow installed on a large portion of the computers in various university computer labs, and the attack came from inside the network as a User Datagram Protocol (UDP), then the team will need to concentrate on the data packets that were already sent through the UDP protocol and the packets that had already been processed as soon as the receiving system received the packets. Therefore, the whole system has been already compromised and the network specialist will need work on fixing the issue.
The Paradise Beach University specialists will finally counteract the attack. The Network specialists have proposed two schemes to deal with DDoS attacks. Firstly, the team will work by implementing singular tracking routers, the centrally tracking router will be tied to the routers by joining them to the network. The tracking router configuration works by dynamically routing the victim through the network. Consequently, step by step tracking is applied to IP traceback to the access point of the attacking source, beginning from the nearby tracking router to the target. This pattern shows a great advantage to the minimum number of steps that is required to IP traceback to the cause of the attack. Nonetheless, if the method is not executed without a hiccup it could certainly mean that one little error may possibly disturb the system.
For the second method, the Paradise Beach University network specialists will implement the following: the control routers through a database will collect all the traffic information that communicating through the school network. This basically will contain the destination address and the source information. In case an attack has been taken place, the database will be investigated ground on the attack signature as a result to conclude the entrance nearby. The tracing technique is unlimited to the attack period and does not involve any tracking steps to trace the opening edge.
These two DDoS future techniques will frustrate invaders who try to penetrate the Paradise Beach University network system and the PBU registration system’s web servers.
In conclusion, many businesses globally are losing millions of dollars by being penetrated to their organization’s networks. Attackers are causing a great deal of disturbance with the following two forms of attack (DoS) and (DDoS). The amount of resources and time devoted on creating an effective countermeasure is very irrelevant contrary to the initiation of a Distributed Denial of Service attack. Frankly, there are many innovative practices for combating and discovering all these attacks and they are continually being created. Nonetheless, a lot of attacks are also being generated making all these countermeasures outdated. This is an ongoing problem to which there is no permanent solution in prospect.
You May Also Find These Documents Helpful
-
References: 267. Beijtlich, R. (n.d.). The Practice of Network Security Monitoring: understanding incident detection and response. [Books24x7 Version.…
- 4846 Words
- 17 Pages
Powerful Essays -
The university network was a victim of a DDoS attack. Whereby a cyber criminal first acquired administrator access. We suspect that the attacker gained access to the network from an internal computer, most likely from a student PC in one of the labs. The attacker likely used keylogger software to discover administrator credentials.…
- 508 Words
- 3 Pages
Satisfactory Essays -
c) Logical IDS: Network and workstation mechanisms that monitors network traffic and provide real-time alarms for network-based attacks Service Network.…
- 1152 Words
- 4 Pages
Satisfactory Essays -
Taking these factors into account, it can be safe to say it was an actual attack rather than just legitimate network usage. Now that it is known what such an event would look like, identifying similar attacks in the future will be much easier and may allow for limited down time.…
- 1279 Words
- 6 Pages
Better Essays -
Defense in Depth provides the university several layers of protection. Starting at the endpoints, host intrusion protection (HIPS), should be installed on each Device. Properly installed, HIPS will not permit the installation of unauthorized programs. This was the root cause of the (D)DoS recently experienced. At the routers access control lists (ACLs) must be put in place to allow only traffic with a legitimate protocol and destination. Between the routers and the endpoint a firewall solution must be put in place. The firewall must be configured to allow only allowed protocols and port numbers to communicate with specific destinations. Between the firewall and endpoint a (D)DoS a detection tool (such as Arbor’s Prevail) must be put in place. This measure not only allows for quick detection of (D)DoS it also permits the automatic mitigation of the…
- 569 Words
- 2 Pages
Good Essays -
In a Denial-of-Service (DoS) attack, a malicious client (the attacker) performs operations designed to partially or completely prevent legitimate clients from gaining service from a server (the victim). (Brustoloni, N.D.) To defend your system from DoS attacks it typically involves the use of a combination of attack detection software, aiming to block traffic that is identified as illegitimate and allow all traffic that is identified as legitimate. Some traffic classification and response tools are Firewalls, Switches, Routers, Application front end hardware, IPS based prevention, DDS based…
- 498 Words
- 2 Pages
Good Essays -
The attack performed on the network had the intention of making the online services provided to students unusable during a critical time of need for those systems. The attack was first performed by acquiring the Administrator password for the systems and using each system to perform a large quantity of requests for service to the web servers. By dissecting what occurred steps can be put in place to prevent such an attack in the future. This attack can be summarized in a few bullets:…
- 719 Words
- 3 Pages
Good Essays -
The Internet is vulnerable to myriads kinds of attacks, due to vulnerabilities in the TCP-IP protocol, and no global flow control mechanisms. The two problems lead to many TCP exploits and the horrible DDoS attacks. We have devised a method of incrementally upgrading the network infrastructure at the transport level that solves the above problems and makes the network significantly more resilient to attacks, particularly the DDoS attack. The approach uses "hardened routers", routers that can do simple cryptographic functions (encryption, signatures) on all packets flowing in the network, as well as to participate in a hierarchical control network.…
- 309 Words
- 2 Pages
Good Essays -
A Denial of Service (DoS) attack on the corporate IT system at IVK Corporation. (Adapted from the book The Adventures of an IT Leader, 2009, Harvard Business School Publishing). After reading the case description, answer the questions that follow.…
- 1127 Words
- 4 Pages
Powerful Essays -
Global Finance, Inc. (GFI) is a hypothetical company, which has grown rapidly over the past year. GFI has invested in its network and designed it to be fault tolerant and resilient from any network failures. However, although the company’s financial status has matured and its network has expanded at a rapid pace, its overall network security posture has not kept up with the company growth. The trusted computing base (TCB) internal network within the Global Finance, Inc. Network Diagram hosts the company’s mission critical systems that are vital to the company’s operations that also affect the overall financial situation. The most vital application servers is the company is their Oracle database and email system. GFI cannot afford system or network outages, as its cash flow and financial systems heavily depend on the network stability and availability. GFI has recently experienced multiple network attacks resulting in a total estimated loss at more than $1,000,000.…
- 2659 Words
- 9 Pages
Powerful Essays -
Welcome to Foundations of Cybersecurity CSIA 301, a hybrid course. My name is Professor Nancy M. Landreville and I have been teaching here at the University of Maryland, University College since February 2007. My phone number is (301) 401-0144. You may contact me by phone any evening during the week (Monday - Friday) from 7:00pm - 9:00pm. You may email me at any time at nancy.landreville@faculty.umuc.edu . I encourage you to use the private messaging area rather than the faculty email address. This will facilitate faster response to your course questions. I will respond to your email within 24 hours from receipt of your email. Please place the name of the course in the subject line so I know the email is from one of my students. I check email every day from my students. I encourage you to contact me with any questions about the course, require that you contact me for extenuating circumstances for late work, and meet with me online for any required conferences that are held during the course. We will meet in the online chat room at least once this semester to discuss the midterm and once this semester to discuss your final assignment. This is in addition to your required face-to-face attendance each week for eight weeks.…
- 4678 Words
- 19 Pages
Good Essays -
Denial of services is an attack on networks that are intended at making computer or particular service on a computer unavailable.…
- 488 Words
- 2 Pages
Satisfactory Essays -
This particular report provides information on cutting edge and growing threats to Internet security. Using the background provided by the class so far, as well as your own critical thinking skill, you need to write a summary of the top threats described in the whitepaper. Explain why the threats are important issues and how these threats have changed or are changing.…
- 5563 Words
- 23 Pages
Powerful Essays -
All rights reserved. Page 6 Types of Vulnerabilities Insecure servers or services Exploitable applications and protocols Unprotected system or network resources Traffic interception and eavesdropping Lack of preventive and protective measures against malware or automated attacks NT2580 Introduction to Information Security…
- 526 Words
- 5 Pages
Satisfactory Essays -
Defense against web attacks is a key element in a security professional’s skill set. For this assignment, your manager has asked you to review the Aim Higher College’s Web server and application security and to suggest appropriate defenses. For each of the following scenarios, explain what the threat or threats are, what defenses you would recommend, and why.…
- 1988 Words
- 8 Pages
Better Essays