Case Study: The Distributed Denial of Service Attack
A recently distributed denial of service attack (DDoS) against a large DNS service provider showed the weaknesses inherent in the Internet domain name system. On October 21, 2016, during the early morning hours, users on the East Coast found difficulty in connecting with Amazon.com, Wired.com, the New York Times, and other websites. The issues stemmed from the inability to lookup the IP addresses of these websites from the large DNS infrastructure company “DYN,” located in New Hampshire. DNS is the phonebook for the Internet, allowing computers to change a human readable name such as “Amazon.com,” seen in the web browser, to a machine-readable IP address, which in turn is used to connect to the remote server by the local computer. Without the ability to lookup names and convert them to routable IP addresses, the human user would have to enter in the IP address by hand number by number, and thus destroy the usability of the Internet. This attack had three waves: the first at 7 a.m. EST, then early noon, and again at 4 p.m. EST. What was of interest was the size of the waves of attacks numbering in the tens of millions of devices sending numerous connections as well as the sources—webcams and DVRs. What had been unleashed by malicious actors was a botnet virus that targeted the Internet of Things devices (i.e., home security systems webcams, DVRs, and other “things”), which the owners left set to their default passwords. Once the botnet virus, called “Mirai,” had spread throughout home user’s network, all was ready for the call to attack by the command and control server against any target the hackers wanted. The “DYN” attack and similar outages brings into focus three areas of concern to the security professional: legacy protocols (DNS) that were not designed with security as an integral aspect; the lack of accountability of service providers who transport malware and attack traffic; and finally, lack of responsibility by manufacturers and users to secure devices that have the potential to massively compromise our daily life.
The case is based on Newman, L. H. (2016, October 21). What We Know About Friday’s Massive East Coast Internet Outage. Retrieved November 22, 2016, from https://www.wired.com/2016/10/internet-outage-ddos-dns-dyn/.
1. Describe a layered security approach that would prevent such a DDoS attack.
2. What measure could have allowed earlier detection of such an attack from the service provider and home networks?
With PGP, Phil Zimmermann experienced resistance from the U.S. government before being allowed to distribute it. Do an Internet search to find additional information about Zimmermann’s case. Then, in a 1- to 2-page group report, perform the following:
Your report should be written in APA style.
Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.
You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.Read more
Each paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.Read more
Thanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.Read more
Your email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.Read more
By sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.Read more