Thanks to visit codestin.com
Credit goes to www.scribd.com

Scribd
Upload
3 views30 pages

Dos 1

The document discusses Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks, highlighting their impact on network availability and the various methods used to execute them. It emphasizes the importance of detection and mitigation strategies, including the use of machine learning to identify attack patterns in network traffic. The document also outlines the consequences of such attacks, including financial losses and reputational damage, and suggests a combination of preventive tools and real-time responses for effective defense.

Uploaded by

nanduahkd
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
3 views30 pages

Dos 1

The document discusses Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks, highlighting their impact on network availability and the various methods used to execute them. It emphasizes the importance of detection and mitigation strategies, including the use of machine learning to identify attack patterns in network traffic. The document also outlines the consequences of such attacks, including financial losses and reputational damage, and suggests a combination of preventive tools and real-time responses for effective defense.

Uploaded by

nanduahkd
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 30

Emanuel A Simon

Roll No: 05
Network Security
Information Security
 Protecting data from unauthorized access,
misuse, or theft.
 CIA Triad: Confidentiality, Integrity,
Availability – DoS targets Availability.
 Common threats: Malware, phishing, MiTM,
and DoS/DDoS attacks.
A Denial of Service (DoS) attack is an attempt
to make a computer resource unavailable to
its intended users.
 A cyberattack aimed at rendering a network
resource or system unavailable to its
intended users.
 Floods the target with excessive traffic or
requests.
 Not about stealing, but about disruption.
Disrupts normal functioning
 Attackers overload:
-Bandwidth
-System resources (CPU, memory)
-Application processes
 Causes server unresponsiveness or complete
crash.
 Hacktivism – Political protest via disruption
(e.g. Anonymous).
 Revenge or personal disputes.
 Extortion – Threaten DoS unless ransom is
paid.
 Cyber warfare – Disabling enemy
infrastructure.
 Volume-Based: Focused on bandwidth.
 Protocol Attacks: Exploit network layer
protocols.
 Application Layer Attacks: Target services
like HTTP or DNS.
 UDP Floods – Send UDP packets to random
ports.
 ICMP Floods (Ping Flood) – High ping rate
overwhelms target.
 Measured in Gbps.
 SYN Flood: Exploits TCP handshake by
sending SYN packets but never completing
connection.
 Ping of Death: Sends malformed pings.
 Smurf Attack: Spoofed ping requests to
amplify traffic.
 Target Layer 7 (HTTP, DNS, SMTP).
 Harder to detect since requests look
legitimate.
 Examples:
- Slowloris – Keeps many HTTP connections
open.
- HTTP GET Floods
Factor DoS DDoS

Multiple devices
Origin One device
(botnet)

Complexity Simple Complex

Scale Limited Massive

Detection Easier Harder


A network of compromised devices used in
DDoS attacks.
 Controlled by a C&C (Command & Control)
server.
 Mirai, Mozi, Reaper – infamous botnets.
 LOIC, HOIC – easy-to-use GUI tools.
 hping3 – command-line packet crafter.
 Slowloris – app-layer DoS.
 GitHub Attack (2018): 1.35 Tbps –
Memcached vulnerability.
 Dyn DNS Attack (2016): Took down Twitter,
Netflix, Reddit.
 Estonia (2007): Nationwide infrastructure
attack.
 Service unavailability
 Direct Costs: Downtime = lost revenue.
 Reputation damage
 Customer trust
 Compliance issues (e.g., GDPR penalties)
 Network monitoring
 Traffic anomaly detection
 Threshold alerts
 Flow analysis tools: NetFlow, Wireshark
 Compares incoming packets to known attack
patterns.
 Quick but ineffective for zero-day attacks.
 Builds baseline traffic profile.
 Alerts on deviations.
 AI/ML-based tools like Zeek, Snort with
anomaly plugins.
 Firewalls and Routers
 Intrusion Detection Systems (IDS)
 Rate Limiting
 Load Balancing
 Anti-DoS Services (e.g. Arbor, FortiDDoS,
Cloudflare )
 AWS Shield, Cloudflare, Akamai Kona Site
Defender
 Uses anycast routing, scrubbing centers
 Distributes
load across multiple servers.
 Combined with auto-scaling in cloud.
 Denial of Service attacks are a serious threat
to online services.
 DoS = major threat to availability.
 Mitigation requires a mix of preventive tools,
network architecture, and real-time response
 Detect early, respond quickly.
 Combine detection + mitigation + resilience.
DDoS Attack Detection Using
Machine Learning
 Tobuild and evaluate a machine learning-
based system that can effectively detect
Distributed Denial of Service (DDoS) attacks
using network traffic data.
 Rising Cyber Threats: The rapid expansion of
internet-connected devices has led to an
increase in cyberattacks, particularly
Distributed Denial of Service (DDoS) attacks.
 Impact of DDoS: These attacks overload
network resources, causing service
disruptions, financial losses, and potential
data breaches.
 Need for Automation: Traditional security
systems struggle to keep up with evolving
attack patterns and volumes.
 To understand the patterns and features in
network traffic that signify DDoS attacks.
 To preprocess and clean the dataset for
model readiness.
 To select relevant features that contribute
significantly to attack detection.
 To train and evaluate ML models ( SVM,
Random Forest) on the dataset.
 To compare model performances using key
evaluation metrics.

You might also like