Question

In: Computer Science

Mischievous hackers have employed ‘Theft of Service Attack’ on your IT infrastructure. How would you explain...

Mischievous hackers have employed ‘Theft of Service Attack’ on your IT infrastructure. How would you explain (with a suitable diagram) this type of attack to your apprentice who has just started working for you?

Solutions

Expert Solution

Theft on service attack is also called as 'Denial of service attack'(DOS). A Denial of Service (DoS) attack is an attack meant to shut down a machine or network, making it inavailable to its intended users. DoS attacks attain this by flooding the target with traffic, or sending it information that triggers or activate a crash. In both instances, the DoS attack brokes legitimate users such as, employees, members, or account holders of the service or resource they anticipated.

Victims or attackers of Denial of Service attacks frequently target web servers of high ranking organizations such as banking, commerce, and media companies, or government and trade organizations. Though DoS attacks do not typically result in the theft or loss of sensitive information or other assets, they can cost the victim a great deal of time and money to handle.

There are two general methods of DoS attacks: They are flooding services or crashing services. Flood attacks occur when the system receives too much traffic for the server to buffer, causing them to slow down and finally stop. Popular flood attacks include:

  • Buffer overflow attacks: The most common DoS attack. The idea is to send more traffic to a network address than the programmers have built the system to handle. It contains the attacks shown below, in addition to others that are planned to use bugs definite to certain applications or networks
  • ICMP flood: Influences misconfigured network devices by sending spoofed packets that knock every computer on the targeted network, instead of just one specific machine. The network is then triggered to expand the traffic. This attack is also known as the smurf attack or ping of death attack.
  • SYN flood: Sends a request to connect to a server, but never accomplishes the handshake. Continues until all open ports are saturated with requests and none are available for legal users to connect to.

Other DoS attacks simply use vulnerabilities that cause the target system or service to crash. In these attacks, input is sent that takes advantage of bugs in the target that appropriately crash or severely damage the system, so that it can’t be accessed or used.

An additional type of Denial of Service attack is the Distributed Denial of Service (DDoS) attack. A DDoS attack occurs when multiple systems manage a synchronized DoS attack to a single target. The important difference is that instead of being attacked from one location, the target is attacked from many locations at once. The distribution of hosts that defines a DDoS provide the attacker various advantages:

  • He can influence the greater volume of machine to execute a seriously disruptive attack
  • The location of the attack is very difficult to detect due to the random distribution of attacking systems.
  • It is more hard to shut down multiple machines than one
  • The true attacking party is very hard to identify, as they are hide behind many (mostly compromised) systems

Diagram for DOS attack:


Related Solutions

INTERNET OF THINGS (IOT) 28. Hackers have employed ‘Man in the Middle Attack (MITM)’ on your...
INTERNET OF THINGS (IOT) 28. Hackers have employed ‘Man in the Middle Attack (MITM)’ on your IT infrastrucutre. How would you explain (with a suitable diagram) this type of attack to your apprentice who has just started working for you?
How should the U.S. government respond to a hacking attack by China in which the hackers...
How should the U.S. government respond to a hacking attack by China in which the hackers shut down critical military communications for several hours?* *This is hypothetical; such an attack has not occurred.
Explain Service Supply Chain and how would you offer services with the product to your customers....
Explain Service Supply Chain and how would you offer services with the product to your customers. Your answer must include one of these 3 product groups (not the product that your use in your team project) as example (canned food or snacks from the Philippines: organic tea or coffee from India; fresh produce from Mexico) in your answer.
Explain how timestamping would be used in a protocol to mitigate replay attack.
Explain how timestamping would be used in a protocol to mitigate replay attack.
You have just been appointed to be a U.S. Foreign Service Officer (FSO), employed by the...
You have just been appointed to be a U.S. Foreign Service Officer (FSO), employed by the United States Agency for International Development (USAID). Your first assignment is working overseas in an embassy where you may give out millions of dollars in foreign aid loans to an important nation. This nation has two types of loans from the United States government. Type I loans for $2,000,000,000 and Type II loans for $34,000,000,000. Type I loans are listed by country in congressional...
You have just been appointed to be a U.S. Foreign Service Officer (FSO), employed by the...
You have just been appointed to be a U.S. Foreign Service Officer (FSO), employed by the United States Agency for International Development (USAID). Your first assignment is working overseas in an embassy where you may give out millions of dollars in foreign aid loans to an important nation. This nation has two types of loans from the United States government. Type I loans for $2,000,000,000 and Type II loans for $34,000,000,000. Type I loans are listed by country in congressional...
1.) In your own words, explain the how IP addressing is implemented in a network infrastructure....
1.) In your own words, explain the how IP addressing is implemented in a network infrastructure. Why is it important to know Subnetting and VLSM? 2.) Explain Functions at the OSI and TCP/IP Model Layers.
How would you describe the overall IT infrastructure, and indicate what parts, if any, will run...
How would you describe the overall IT infrastructure, and indicate what parts, if any, will run on premises and what will be outsourced to the AWS cloud? Specify required administrative functions, the cloud virtual network infrastructure needed operationally, data backup requirements, and, if applicable, long-term data storage needs. A suitable AWS VPC network diagram as part of the output is needed.
Case study You have just been appointed to be a U.S. Foreign Service Officer (FSO), employed...
Case study You have just been appointed to be a U.S. Foreign Service Officer (FSO), employed by the United States Agency for International Development (USAID). Your first assignment is working overseas in an embassy where you may give out millions of dollars in foreign aid loans to an important nation. This nation has two types of loans from the United States government. Type I loans for $2,000,000,000 and Type II loans for $34,000,000,000. Type I loans are listed by country...
Situation (Data Structures and Sorting C++) You have been employed at BmoCel, an internet service provider....
Situation (Data Structures and Sorting C++) You have been employed at BmoCel, an internet service provider. Data is sent as packets from their server to their clients. Each packet has a fixed size of 16 alphanumeric characters. However, they are currently having problems with managing their data transmissions. Your bosses have asked you to rectify the problems, in the following order: 1. The data at the server is to be stored as packets, in a First‐In, Last‐Out manner. If there...
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT