How to Escape Denial of Service Attacks
تكنولوجيا MAR 29, 2017

Denial of Service attacks, also known as DoS attacks, are one of the most powerful and dangerous cyber-attacks. Before explaining how to escape it, let us explain the background behind it in a very simple and non-technical manner. When you, the user (technically referred to as the client) want to communicate with a website or service (technically referred to as service), your device will send a request to that server asking for its permission to communicate, think of it as a handshake. When you and three other clients wish to communicate with that server, the server will receive three different handshakes and can only shake hands with one client simultaneously. On average, a server would receive hundreds of requests per second and would be able to satisfy them very nicely. A DoS attack happens when millions and millions of handshake requests are submitted to that server, purposely, making it congested and unable to process any more requests. Kind of like overloading a car and driving it up-hill. It would simply overheat and break down.

 Availability is a very important factor to each of us. Imagine a client using a cloud (simply put, it is an online USB) to run their business and for some reason, the service goes down. Imagine you wanted to text your friend via WhatsApp and the service was down, you would immediately switch to another app. This shows you the repercussions of a DoS attack in terms of financial losses for a company or a service.

A DoS attack will definitely affect the a system's quality. It may become extremely slow or even come to a complete stop! When you are a target of DoS attacks, it is really hard to stop or prevent them. DoS attacks consume large amounts of processing power. There actually exist online services that enable people to perform DoS attacks without the need of any technical skills. A more advanced and more dangerous DoS attack is the Distributed DoS attack (DDoS). This happens when an attack is initiated from several devices across the world. One dangerous technique used nowadays is the use of smart home appliances, such as smart lamps, TVs, microwaves, basically anything that is able to connect to the Internet can be used to launch a DDoS attack.

Providers should be aware of application-level DoS attacks, which target Web servers and database vulnerabilities. The key is to have a plan to mitigate the attack before it occurs, so administrators have access to those resources when they need them.

In what follows we list some steps;  they can be performed to escape this kind of attacks and to mitigate the damage they can cause by avoiding the loss of control over the network:

1. Physically separate the management plane (also known as  Out Of Bound management OOB management) from the data plane. In this case, when a DoS is launched, administrators still have access to the devices in order to manage, reconfigure them or perform any other tasks. The congestion would only occur on the data level and not the service itself. 

 

 

 

 

2. We will give an example on how you can find a temporary solution: We’ll consider the following: 

  

 

Charlie decides to launch a DDoS attack against John (phase 1 in the figure below). Meaning, John's service will be overloaded with handshakes and will be forced to stop (phase 2 in the figure below). Instead of letting his services stop, John can make a deal with Bob that states the following: Whenever John is under attack, he will redirect its traffic to Bob, and rent a certain bandwidth from Bob. In other words, whenever John can no longer handle any handshakes, he will ask Bob to service the handshake requests on his behalf.

Now John should open a tunnel with Bob (phase 3 in the figure below). So all the attack will be redirected to Bob. 

Once the attack ends, John returns to the initial state. 

 Inline image 1

Finally, a DoS attack can be really harmful for businesses. One of the most dangerous DoS attacks ever launched was on the 21st of October, 2016. This happened when an actor used 100,000 infected devices to launch a DDoS against DYN (a cloud provider) and caused several services to stop for a couple of hours. Twitter, Github, Spotify, Etsy and more went offline or suffered from service interruptions. “This attack demonstrated how attackers can leverage insecure IoT devices to wreak havoc against the Internet writ large”*.

 So if you are ever considering using someone's online services for your business, make sure to ask them about their security measures against cyber attacks!

تكنولوجيا MAR 29, 2017
إستطلاع
مجلة آفاق الشباب
عدد استثنائي
إقرأ المزيد