Ddos attacks evolution detection prevention reaction and tolerance

Problem Statement- Identification And Prevention Of DDoS Attacks

Problem statement- Identification and prevention of DDoS Attacks

DoS attack prevents legitimate users from accessing the required resources from a network such as a website and computer systems. The attack occurs when a malicious user tries to consume all resources available to server hence blocking all services that legitimate users would like to access. The attack apart from consuming bandwidth, it also in some occasions consumes file space, memory as well as CPU. The server is overwhelmed by overloaded traffic making it unable to respond to the legitimate users till countermeasures are taken. On the other hand, Distributed Denial of Service attack is launched indirectly through compromised computing systems that facilitate coordinated attack on network or system. A Distributed Denial of Service (DDoS) can be considered to be a subset of a Denial of Service (DoS) and arises due to various principles of the internet which include resource sharing and accessibility. The DDoS attack, for instance, overwhelms web servers by consistently sending it data beyond its handling capabilities This attack attempts to disrupt the targeted system using the internet principles thus overwhelming legitimate users by denying them access to the system resources. The hacker ensures that there is a production of more traffic than the victim is in a position to handle by accumulating as many computers as possible thus the origin of the Distributed attack. There is need to identify these attacks, manage them as well as prevent them and look into ways of differentiating between malicious and legitimate users as it is a common persistent problem faced up to date.

DDoS attack network is of two types, the Agent- Handler model as well as Internet Relay Chat model. The former type comprises of clients where the attacker makes communication with other DDoS attack system, agents software which exists in the comprised system which is to carry the attack and handlers, which are located throughout the network where agent and clients communicate. The attacker usually communicates with handlers so as to identify the running agents, when the attacks should be scheduled and the best time to upgrade the agents. Internet Relay chat model, however, connect clients to agents via a form of communication instead of using a handler. DDoS attacks can be divided into two classes, that is, resource depletion attacks and bandwidth depletion attacks. Bandwidth depletion is projected to prevent legitimate users access primary resources by flooding uncontrolled traffic to the network while resource depletion is designed in a way that it ties up victim’s resources, hindering the network from accessing the legitimate users. The DDoS attack can easily consume computing resources without prior notice and within a very short period of time (Shannon, 2015). According to recent studies, DDoS attacks are likely to attack a network resource and majorly results from internet’s inability to manage bandwidth consumption attacks. In addition, they are likely to occur when hosts can send and receive resources from each other. The DDoS attack is regarded to be simple attacks since their installation is not complicated and are capable of compromising a server very fast and forestall users from accessing it. Subsequently, difficulties in designing effective control measures due to the indistinguishable nature of normal traffic and attacks. Past researchers show that the best way to manage the DDoS attack is by using preventive techniques as well as avoidance techniques, (Bhattacharyya & Kalita, 2016). In order to defend against DDoS attack, researchers have mostly focused on analytical studies. It is clear from the current DDoS attack around the world that these attacks are outgrowing based on the scale of attacks and sophistication level too. while the attacks targeting medium-sized firms peak at around 50 Gbps, large sized enterprises attacks are in a position to peak to 300 Gbps, for instance, the April 2013 largest historical DDoS attack that peaked at 300 Gbps slowing down internet worldwide. Therefore DDoS attack is major issues affecting the security of both public and private networks.

The approach to solving the networks and computers from being attacked is applying preventive measures and by using network simulation which simulates server system and network performance. DDoS can be prevented by configuring routers at the network layer when possible. In addition, administrative techniques can be used when configuring the routers is inappropriate. Another way of solving this problem is by blocking internet attacks from websites and can be done in various ways including blocking attacks with packet filers on a router. This is necessary when a close examination of attacks has been done. Likewise, the attacks can be blocked by configuring the firewalls. Considering a simple communication model established in this project, packet filtering is an effective way to block the DDoS attack as ingress filtering and egress filtering would be effective. Ingress filtering technique is used to ensure that incoming packets are free of manipulated IP address sources in their headers so that the computer is unable to trace the source of the attack. Incoming packets are usually filtered based on the prior information regarding unauthorized sending of packets to specific IP address. The idea based on ingress filtering is to prevent computer in the network from acting as another computer. Although this is the best way of solving the attack on the small network, it is rarely used by ISPs since filtering degrades the ISP network performance significantly. In addition, in ISP, filtering does not eliminate the DDoS attack but reduces spoofing. Despite this, it is an effective way considering the small-sized framework and has superseded the traditional old styles.

The approach outlined above will be sufficient in blocking attacks from computers and networks. using network simulation it is possible to design and produce safe, reliable, fast and cost-effective results unlike the traditional ways of focusing on analytical studies. an algorithm to categorize clients who send the attacks with the help of a database is possible in network simulation. The database categorizes the clients based on whether they are registered or not. Unregistered clients are blocked for a while until the completion of the peak season and are later unblocked and a response sent to them. In case of a registered client, they are provided with responses whether it is during the peak season or not or not using two types of methodologies, that is, access count and Warning count. This methodology prohibits access of non-registered users as well as to unregistered users who send multiple requests.

The DDoS attacks need faster control since they do not have a prior notice thus timing and scheduling of the action items is so essential. Sometimes a website may become inaccessible to many users leading to overloading of the server caused by maximum utilization resulting in severe performance and slow processing time, (Shannon, 2017). The DDoS attacks are sophisticated and eventually lead to catastrophic service failure. The attacks involve sending packets to the victims in high quantities such that vital resources in the network, memory and CPU time are exhausted. Eventually, the victim crashes or spends much of its time handling them and eventually fails to attend to its real work.

The aggressiveness to having the required mitigation skills to counter-attack DDoS attacks is an essential thing. Skills related to networking and application layers in the OSI model is a key thing given that attacks often occur around this areas. System administration skills are also vital by the virtue that they are covered in the web infrastructure.

There are many benefits of completing a project other than the satisfaction experienced by individuals and teams involved in the project. It is however of more benefits when the project concludes at the required time and within the budget confines. Project completion means that the desired results have been met and that project customers and shareholders benefit since they can access the resources without the interruptions of the attacks

Deliverable, defined as tangible or intangible results are the effective output of this project simulation. for instance, in a case where no attackers are placed in a network and two users are sending packets at a varying time, the incoming packets get served quickly hence active TCP connection counts. In a case where the huge amount of attack traffic occurs on the targeted server, the server is unable to handle the request demand and becomes overwhelmed since the server's resources are completely employed reducing memory size to 0 bytes. Blocking the attacks minutes into the DDoS attack lowers active TCP connection counts at the server and hence the network starts to recover faster. After the attack, however, CPU utilization of the server remains high for a given period of time due to the huge traffic waiting to be processed by the CPU and it generally has to take some time to drain the fully overwhelmed server. Thereafter, when the necessary mitigating approaches are taken, the server resumes its resources and is accessible by legitimate users. The simulation project can be characterized by the following vulnerabilities; one is distributed defense rather than a centralized defense of the DDoS attacks due to the high volume and rate of attack packets. Secondly, ensuring less collateral damage is a prime deliverable in this project, therefore, guarantying High Normal Packet Survival Ratio will be necessary. Third, the project will ensure confidentiality, secure exchange of information between defense nodes as well as the credibility of sources by ascertaining provision of secure information for controlled messages. Moreover, the project will successfully deliver a defense model which does not require centralized control. Lastly, the defensive project will take into account future characteristic issues like interfering with other systems. The above-advanced mitigation techniques or deliverables are expected at the end of the project since they protect the network system and computers from DDoS attacks.

References

Shannon, M. (2015). IINS: DDoS Attacks.

Bhattacharyya, D. K., & Kalita, J. K. (2016). DDoS attacks: Evolution, detection, prevention, reaction, and tolerance

Shannon, M. (2017). Security+: DoS and DDoS Attacks.

Problem Statement-Analyzing financial status using credit Score Rating

Financial institutions use credit scores of the consumers as a basis for issuing them loans and may have poor, fair, good or excellent credit scores and rating. Credit scores matters since it helps lenders anticipate on the likelihood of lending an individual a loan at any time. They are as well referred to as risk scores because they assist financial lenders to assess the risk of a customer failing to pay the issued debts or loans. The main problem experienced in financial analysis on basis of credit scores and rating is that customers are not in a position to realize there credit scores as the information is only available to the lenders or financial situation.

A credit score of 700 and above is considered generally good, while that of 800 and above is taken to be excellent but most of customer credit scores lie between 600 and 750. According to past research, there are two main types of credit scores including FICO Scores and Vantage Score although there exist industry-specific score rates. FICO score ranges between 300 and850, whereby 350-579, 580-669,670-739, 740-799, 670-800 and >800 are considered very poor, Fair, Good, Very Good and excellent/ exceptional respectively. 17%, 20.2%, 21.5%, 18.2% and 19.9% represent the percentages of people with the respective credit scores aligned above. A good Vantage Score, on the other hand, has the following credit scores. 350-549, 550-649, 650-699, 700-749, 750-850. Vantage percentage includes 16.7%, 34.1%, 18.3%, 12.6%, 30.3% while rating is very poor, poor, Fair, Good and Excellent. The United States. (2012)

There is need to come up with a comprehensive web-based application that keeps a record of customer’s ratings and credit scores including poor, fair, good or excellent. The system will be helpful to customers since they will access the credit scores and ratings at their convenience. It requires customers to register to the web application by adding personal details together with credit credentials as well as a credit card which they will use in order to access the system. the system will calculate and display the scores and rating based on parameters such as the year of acquiring first credit card, number of loan lend, expense as well as income among others.. this approach will lead to superior results as it will convenience all the stakeholders of credit information, who are lending institutions as well as customers who require loans.

Proper timeline when working on the system is appropriate. This can be well managed by subdividing the project into small parts or components and allocating each component to the specific time frame. According to (Weisman, 2013), scheduling each of the components will be easier to finish the project in phases and thereafter yield to successful completion of the whole project. In addition, working on this problem using the system will be of great benefits to customers as they can easily access what they require at any time provided they can access the system which is user-friendly.

Finally, considering the definition of deliverables according to (Kendrick, 2016), the deliverables in this project will be to provide sufficient and reliable credit scores and ratings on a web application. The project’s end results will be to ensure that consumers are in a position to know their credit scores. Another deliverable of the project is that the system will display the status of the credit scores in four categories that are poor, fair, good or excellent. The project will also deliver efficiency since it will ensure that consumers do not have to visit the company nor to the creditors for inquiries. This is because they will access any assistance they require through the web portal, thus saving time and money. Moreover, it will automate the calculation of the credit score regularly thus benefitting the company as it will save on resources and efforts. Since the software system is online based, it will be designed using PHP and HTML languages. The PHP language will be essential as it will be used in calculating the credit scores of individuals.

References

The United States. (2012). To get and keep a good credit score, pay attention to your credit report.

Weisman, S. (2013). A guide to elder planning: Everything you need to know to protect your loved ones and yourself.

Kendrick, T. (2016). How to Manage Complex Programs: High-Impact Techniques for Handling Project Workflow, Deliverables, and Teams. New York: Amacom.