DOC PREVIEW
UT CS 361 - Lecture 71- Availability

This preview shows page 1-2-3 out of 9 pages.

Save
View full document
View full document
Premium Document
Do you want full access? Go Premium and unlock all 9 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 9 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 9 pages.
Access to all documents
Download any document
Ad free experience
Premium Document
Do you want full access? Go Premium and unlock all 9 pages.
Access to all documents
Download any document
Ad free experience

Unformatted text preview:

Foundations of Computer SecurityLecture 71: AvailabilityDr. Bill YoungDepartment of Computer SciencesUniversity of Texas at AustinLecture 71: 1 AvailabilityAspects of Computer SecurityRecall that historically computer security has been defined toencompass:Confidentiality: (also called secrecy/privacy) who can readinformation;Integrity: who can write or modify information;Availability: are resources available when needed.Lecture 71: 2 AvailabilityAvailability AttacksAttacks on availability are called denial of service or DoS attacks.An attacker prevents a user from accessing or utilizing availablesystem resources.A particular class of DoS attacks are labeled Distributed Denial ofService or DDoS attacks. These typically involve co-opting theservices of many other machines to participate in the attack, abotnet.Lecture 71: 3 AvailabilityGresty’s FrameworkDavid Gresty at Liverpool John Moore’s University classifies DoSattacks into two groups:1the consumer problem: (also called “man-in-the-middle”attack) the attacker gets logically between the client andservice and somehow disrupts the communication.2the producer problem: the attacker produces, offers orrequests so many services that the server is overwhelmed.Lecture 71: 4 AvailabilityTypical ScenariosIn a typical producer attack:the volume of requests may overwhelm the server.the transaction may involve some handshake (protocol); theattacker does not respond and the server ties up resourceswaiting for a response.A classic example of the second is so-called syn flooding.Lecture 71: 5 AvailabilityTCP HandshakeVia this three-way handshake a client establishes a TCPconnection with a server.ClientServerSynSyn/AckAckServer receives the SYN packet, allocates space in an internal tableand sends SYN/ACK back to the caller. The connection remains“half-open” until the ACK is received by the server or theconnection times out.Lecture 71: 6 AvailabilitySYN Flooding AttackA SYN Flooding attack happens when an attacker forges thereturn address on a number of SYN packets. The server fills itstable with these half-open connections.ServerSynSyn/AckAttackerAll legitimate accesses are denied until the connections time-out.Lecture 71: 7 AvailabilitySYN Flooding SolutionsIs the SYN flooding problem inherent in the way TCP connectionsare established? How could you close the vulnerability?1Increase the server’s queue size: typically only 8 connectionsare allowed; could consume considerable resources.2Shorten the time-out period: might disallow connections byslower clients.3Filter suspicious packets: if the return address does not matchthe apparent source, discard the packet. May be hard todetermine.4Change the algorithm: instead of storing the record in thequeue, send the information encrypted along with theSYN/ACK. A legitimate client will send it back with the ACK.Lecture 71: 8 AvailabilityLessonsAvailability attacks are called “denial of service” attacks.An attacker can either block traffic from clients (the consumerproblem) or flood the server (the producer problem).Syn flooding is a classic DoS attack.Next lecture: Availability IILecture 71: 9


View Full Document

UT CS 361 - Lecture 71- Availability

Documents in this Course
Load more
Download Lecture 71- Availability
Our administrator received your request to download this document. We will send you the file to your email shortly.
Loading Unlocking...
Login

Join to view Lecture 71- Availability and access 3M+ class-specific study document.

or
We will never post anything without your permission.
Don't have an account?
Sign Up

Join to view Lecture 71- Availability 2 2 and access 3M+ class-specific study document.

or

By creating an account you agree to our Privacy Policy and Terms Of Use

Already a member?