TBU Publications
Repository of TBU Publications

Distributed Denial of Service Attacks as Threat Vectors to Economic Infrastructure: Motives, Estimated Losses and Defense Against the HTTP/1.1 GET and SYN Floods Nightmares

DSpace Repository

Show simple item record

dc.title Distributed Denial of Service Attacks as Threat Vectors to Economic Infrastructure: Motives, Estimated Losses and Defense Against the HTTP/1.1 GET and SYN Floods Nightmares en
dc.contributor.author Sarga, Libor
dc.contributor.author Jašek, Roman
dc.relation.ispartof Proceedings of the 10th European Conference on Information Warfare and Security
dc.identifier.isbn 978-1-908272-06-5
dc.date.issued 2011
utb.relation.volume 2011
dc.citation.spage 228
dc.citation.epage 236
dc.event.title 10th European Conference on Information Warfare and Security (ECIW)
dc.event.location Tallinn
utb.event.state-en Estonia
utb.event.state-cs Estonsko
dc.event.sdate 2011-07-07
dc.event.edate 2011-07-08
dc.type conferenceObject
dc.language.iso en
dc.publisher Academic Conferences and Publishing International (ACPI) en
dc.subject distributed denial of service en
dc.subject economic infrastructure en
dc.subject potential losses en
dc.subject distributed attacks en
dc.subject network security en
dc.subject economic hubs en
dc.subject business continuity assurance en
dc.subject attack vectors analysis en
dc.subject botnet recruitment en
dc.description.abstract With the number of nodes in the Internet's backbone networks rising exponentially the possibility of emergence of entities exhibiting outwardly hostile intents has been steadily increasing. The cyberspace is fittingly termed "the no man's land" because of an unprecedented growth pattern and lackluster control mechanisms. Distributed Denial of Service (DDoS) attacks take advantage of the current situation and primarily aim at destabilizing or severely limiting usability of infrastructure to the end-users in part or whole. A typical DDoS incursion exploiting heterogeneous base of personal computers consists of two phases: insertion of predefined set of instructions into the host systems via either self-propagating or non-reproducing malware and simultaneous execution of repeating queries to a destination unit. Generally targeted and deployed to impede functionality of a single or multiple servers with similar properties and utilizing substantial resources with little to no discernible selection criteria, DDoSes poses a significant threat. Moreover, effective and efficient countermeasures require experience, precision, speed, operational awareness, appropriate security protocols summarizing and alleviating potential consequences in case of failure to contain as well as proactive detection algorithms in place. Global response instruments (batch filtering, temporary IP address blacklisting) are only suitable for SYN floods, whereas during GET DDoS the same tools can't be used due to presence of legitimate incoming requests. The article scrutinizes methodology and policies currently in effect as a part of Critical Infrastructure Protection initiatives. The examination allows to outline procedural decision-making trees in the event of a DDoS violation while maintaining predefined and consistent quality of service level. Furthermore, rationale of perpetrators' motives to instigate the attacks are hypothesized with preferential focus on economic infrastructure components. These hubs of virtualized economy are detailed and target selection probabilities in tactical and strategic perspectives are identified based on known facts. Financial losses, worst case scenarios and social repercussions following a successful intrusion are also investigated by means of inference from successful DDoS insurgences. en
utb.faculty Faculty of Management and Economics
utb.faculty Faculty of Applied Informatics
dc.identifier.uri http://hdl.handle.net/10563/1002770
utb.identifier.rivid RIV/70883521:28120/11:10016669!RIV12-MSM-28120___
utb.identifier.rivid RIV/70883521:28140/11:10016669!RIV12-MSM-28140___
utb.identifier.obdid 43863235
utb.identifier.scopus 2-s2.0-84872930480
utb.identifier.wok 000300245200029
utb.source d-wok
dc.date.accessioned 2012-04-03T11:09:34Z
dc.date.available 2012-04-03T11:09:34Z
utb.contributor.internalauthor Sarga, Libor
utb.contributor.internalauthor Jašek, Roman
Find Full text

Files in this item

Show simple item record