Ethical hacking

• S-B: L3
• By: Ms. Ankita Nagmote
• Asst. Professor
• Department of Computer Engineering
• MPSTME, NMIMS
 DoS

DDoS
Contents
DoS vs DDoS

Buffer Overflow
DoS- Denial of Service
• Linked with the CIA triad – Availability
• Denial of service (DoS) attacks are designed to prevent legitimate users from having access to a
computer resource or service and can take many forms.
• For example,
i. Attackers could attempt to use all available bandwidth to the network resource
ii. Attacker may actively attempt to destroy a user’s authentication method.
iii. Unplugging the power cord
iv. jam the wireless signal altogether, using some type of jamming device and, usually, a high-gain
antenna/amplifier
• The following are signs of a DoS attack:
• Unusual slow network performance, such as long file or website load times
• Inability to load a specific website, such as your web property
• An unexpected loss of connectivity among devices on the same network
• A high volume of email spam.
DDoS- Distributed Denial of Service
• A distributed denial-of-service (DDoS) attack is a type of DoS attack in which the traffic
used to overwhelm the target is spread across multiple sources.
• This type of attack exploits the specific capacity limits that apply to any network resource,
such as a company’s infrastructure that supports its website. During this attack, an attacker
will send multiple requests to the attacked web resource to exceed the website’s capacity
to handle various requests. Thus, preventing it from functioning correctly.
DDoS attacks commonly target the following targets:
• Websites for online shopping
• Online gambling establishments (Online Casinos)
• Any company or organization that relies on online services
Recent DDoS Attacks
• The Microsoft attack: Microsoft had the most significant DDoS attack recorded in
November 2021, attacking an Azure client with a throughput of 3.45 Tbps and a packet rate
of 340 million PPS. In addition, the use of DDoS to demand ransom payments for stopping
attacks — or not launching them in the first place — increased in 2021.
• The Google attack: Google’s Security Reliability Engineering team measured a record-
breaking UDP amplification attack originating from several Chinese ISPs (ASNs 4134,
4837, 58453, and 9394) in 2020 which remains the largest bandwidth attack that Google is
aware of.
• The AWS attack: Amazon’s AWS Shield service was credited with mitigating the largest
DDoS attack ever recorded, a 2.3 Tbps attack in mid-February 2020. The incident was
revealed in the company’s AWS Shield Threat Landscape [PDF], a report detailing web
attacks mitigated by Amazon’s AWS shield protection service
DoS Attack Vs DDoS Attck
DoS Vs DDoS
DDoS DoS

In a DDoS attack, multiple systems target Only a single system targets the victim’s
the victim’s system. system in a DoS attack.

Victim PC is loaded from the data packet Victim PC is loaded from the data packet
sent from multiple locations. sent from a single location.

DDoS attacks are more rapid than DoS DoS attacks are slower than DDoS
attacks. attacks.

DDoS attacks are difficult to track down. DoS attacks are simple to track down.

DDoS attacks enable an attacker to flood

DoS attacks have less traffic volume than
the victim network with massive amounts
DDoS attacks.
of traffic.
Quiz
1. A hacker grows frustrated in his attempts against a network server and performs a successful denial
of service attack. Which security element is being compromised?
A. Confidentiality
B. Integrity
C. Availability
D. Authentication

2. List down and summarize at least two DoS attacks (names of attacks should be specified)
Buffer Overflow
• A buffer is a temporary area for data storage. When more data (than was originally allocated to be
stored) gets placed by a program or system process, the extra data overflows. It causes some of
that data to leak out into other buffers, which can corrupt or overwrite whatever data they were
holding.
• In a buffer-overflow attack, the extra data sometimes holds specific instructions for actions
intended by a hacker or malicious user; for example, the data could trigger a response that
damages files, changes data or unveils private information.
• There are two types of buffer overflows:
• stack-based -- Stack-based buffer overflows, which are more common among attackers, exploit
applications and programs by using stack memory space that is used to store user input.
• heap-based -- Heap-based, which are difficult to execute and the least common of the two, attack an
application by flooding the memory space reserved for a program.
Questions
• What are the different forms of overflow attacks? When did they initially start happening? What
should a programmer do to avoid a buffer overflow in a programmer he/she wrote? Make a one-
page paper out of your study.
Thank You