Denial of Service - IT Library : ZDNet Asia

White Papers

Case Studies

Vendor Webcast

Show all content

Title Date Added Company

Why Your Standard IPS Leaves You Open to DDoS Attacks 2009-09-15 Radware

Off late Distributed Denial of Service (DDoS) attacks are specifically designed to leverage the weaknesses of a standard Intrusion Prevention System (IPS), which is not able to defend against a bombardment of high packet-per-second (PPS) traffic. Innovated by Radware, real-time signatures can overcome this vulnerability, especially when accelerated by the APSolute Immunity Booster Shot.

Tags: Security Administration, Intrusion - Tampering

The dirty dozen: preventing common application-level hack attacks 2009-08-03 IBM

As organizations have grown increasingly dependent on online software, the risk of malicious attacks has also become far more serious. Such attacks can bring a business to a standstill, cost a company millions of dollars in lost transactions and potentially tarnish its brand image.

Tags: Intrusion - Tampering, Security Administration, Intrusion - Tampering, Intrusion - Tampering

Using NetFlow Auditor to Assist in Identifying Distributed Denial-of-Service (DDoS) Attacks and Other Network Behavior Anomalies 2009-08-01 IdeaData

This Paper covers how Denial of Service Attacks (DoS) and Distributed Denial of Service Attacks (DDos) can be identified early to mitigate and attack. The paper will reflect a method to alert when changes occur outside of learnt baselines and how new patterns can be recognized when security analysts have access to technology that provides high visibility of traffic from utilization, conversation, packet analysis, packet size distribution analysis and byte usage and standard deviation methods. A game-changing Network Auditing technology called NetFlow Auditor has the potential to enhance the security, reliability, resilience, and trustworthiness of the digital infrastructure which can be used to assist in identifying a DDoS flood or a slow Denial of Service attacks and other network behavior anomalies including Peer-to-Peer (P2P) usage.

Tags: Intrusion - Tampering

DDoS Defense Mechanism by Applying Stamps 2009-08-01 Bharathiar University

In current trend, internet plays a vital role in the life and distributed computing structure grows dramatically in size, functionality and complexity and has become the integral part of the life. In distributed network computing there are lot of vulnerabilities such as Dos, DDos (Distributed Denial of service),virus, worms, etc. Distributed Denial of Service Attacks has recently emerged as one of the most newsworthy. Denial of Service (DoS) attacks have continued to evolve and impact Internet Infrastructure. The control mechanisms for DDoS attack networks are changing to make greater use of Internet Relay Chat (IRC) technology. The impacts of DDos attacks are causing greater collateral damage, and widespread automated propagation itself has become a vehicle for causing denial of service.

Tags: Intrusion - Tampering

Empirical Study of Tolerating Denial-of-Service Attacks With the Fosel Architecture 2009-07-14 Institute of Electrical and Electronics Engineers

Filtering techniques are one of the main approaches to protect applications from Denial of Service Attacks (DoS). However filtering techniques suffer from two main challenges: the accuracy detection of DoS traffic and processing time. Fosel (Filtering with the help of an Overlay Security Layer) has been proposed to protect application sites from Denial-of-Service attacks. The Fosel architecture addresses how an efficient and well-suited filter can be designed to improve the filtering challenges. This paper explores the effectiveness of the Fosel architecture by implementing an experimental testbed. Experimental study shows that by employing the Fosel architecture, DoS attacks have a negligible chance to saturate the target by malicious packets.

Scraping, Denial of Service, and Brute Force Attacks! Oh My!: Identifying and Controlling Automated Clients 2009-07-01 Breach Security

Anti-Automation defenses are critical in today's web application security landscape. Breach Security's product line is uniquely positioned to help organizations address these automated types of attacks. Only through the combination of all of these capabilities can organizations gain true protections against these threats. Many systems will allow the use of weak passwords or cryptographic keys, and users will often choose easy to guess passwords, possibly found in a dictionary. Given this scenario, an attacker would cycle though the dictionary word by word, generating thousands or potentially millions of incorrect guesses search for the valid password. When a guessed password allows access to the system, the brute force attack has been successful and the attacker is able access the account.

Tags: Security Administration, Intrusion - Tampering

Vulnerability Analysis of Extensible Authentication Protocol (EAP) DoS Attack Over Wireless Networks 2009-07-01 Universiti Putra Malaysia

IEEE 802.11 supports 802.1x to provide strong authentication mechanism for Wireless networks. 802.1x utilizes Extensible Authentication Protocol (EAP) as a framework for authentication, allowing for a number of authentication methods to be used. Unfortunately, 802.1x includes some unprotected EAP packets during authentication process which can be easily exploited by an attacker to start different types of Denial of Service (DoS) attacks over wireless networks. This paper developed an experimental framework to demonstrate and quantify possible flooding attacks using unprotected EAP frames against wireless communications. First the author setups a testbed wireless network in order to demonstrate how EAP flooding attacks take very little effort to bring a protected wireless network to a complete halt.

Tags: Security Administration, Intrusion - Tampering

Laying the IT Security Foundation - Corralling Conficker and Other Threats in an Evolved Environment 2009-06-01 Lumension

The traditional security approach addresses each individual attack as it crops up through a detect and blocking schema. However in today's ever-changing IT environment, sophisticated threats such as Conficker worm continue to evolve and keep security professionals in an unending game of cat and mouse. Read this paper to learn how to:

Regain control of your environment and address the root cause of attacks
Automate the detection and remediation of OS and application vulnerabilities and mis-configurations
Prevent threats such as Conficker from wreaking havoc on your business
Enforce a trusted application environment

Tags: Intrusion - Tampering, Security Administration, Security Administration, Intrusion - Tampering

Defense Against DoS, Flooding Attacks 2009-05-25 Linkopings Universitet

The following paper concentrates on the means of defense against denial of service attacks. First, some possible and common denial of service attacks are described to give the reader a basic understanding of what is this type of the attacks. The main part of the project is the mechanism, tools and methods used to prevent the denial of service attacks. At the end a short case study along with the description of the small company network is given. When conducting the experiment the author noticed that a successful attack on the networked system is relatively easy as the needed tools are free to download but at the same time the simple means of defense can be applied to make most of the attacks impossible.

Tags: Security Administration, Intrusion - Tampering

Q1 2009 Distributed Denial of Service (DDoS) Report 2009-05-12 Verisign

Contained within the Distributed Denial of Service (DDoS) report for the first Quarter (Q1) of 2009 are news items regarding noteworthy cyber attacks and botnets, the individuals or organizations responsible for their perpetration, arrests and legal developments stemming from these particular incidents, vulnerabilities and exploits that may enable future Denial of Service (DoS) and DDoS activity to occur, and intelligence that such attacks are becoming increasingly more sophisticated.

Jump to [1] 2 3 4 5 6 7 8 9 10

Title	Date Added	Company
Why Your Standard IPS Leaves You Open to DDoS Attacks	2009-09-15	Radware
Off late Distributed Denial of Service (DDoS) attacks are specifically designed to leverage the weaknesses of a standard Intrusion Prevention System (IPS), which is not able to defend against a bombardment of high packet-per-second (PPS) traffic. Innovated by Radware, real-time signatures can overcome this vulnerability, especially when accelerated by the APSolute Immunity Booster Shot. Tags: Security Administration, Intrusion - Tampering
The dirty dozen: preventing common application-level hack attacks	2009-08-03	IBM
As organizations have grown increasingly dependent on online software, the risk of malicious attacks has also become far more serious. Such attacks can bring a business to a standstill, cost a company millions of dollars in lost transactions and potentially tarnish its brand image. Tags: Intrusion - Tampering, Security Administration, Intrusion - Tampering, Intrusion - Tampering
Using NetFlow Auditor to Assist in Identifying Distributed Denial-of-Service (DDoS) Attacks and Other Network Behavior Anomalies	2009-08-01	IdeaData
This Paper covers how Denial of Service Attacks (DoS) and Distributed Denial of Service Attacks (DDos) can be identified early to mitigate and attack. The paper will reflect a method to alert when changes occur outside of learnt baselines and how new patterns can be recognized when security analysts have access to technology that provides high visibility of traffic from utilization, conversation, packet analysis, packet size distribution analysis and byte usage and standard deviation methods. A game-changing Network Auditing technology called NetFlow Auditor has the potential to enhance the security, reliability, resilience, and trustworthiness of the digital infrastructure which can be used to assist in identifying a DDoS flood or a slow Denial of Service attacks and other network behavior anomalies including Peer-to-Peer (P2P) usage. Tags: Intrusion - Tampering
DDoS Defense Mechanism by Applying Stamps	2009-08-01	Bharathiar University
In current trend, internet plays a vital role in the life and distributed computing structure grows dramatically in size, functionality and complexity and has become the integral part of the life. In distributed network computing there are lot of vulnerabilities such as Dos, DDos (Distributed Denial of service),virus, worms, etc. Distributed Denial of Service Attacks has recently emerged as one of the most newsworthy. Denial of Service (DoS) attacks have continued to evolve and impact Internet Infrastructure. The control mechanisms for DDoS attack networks are changing to make greater use of Internet Relay Chat (IRC) technology. The impacts of DDos attacks are causing greater collateral damage, and widespread automated propagation itself has become a vehicle for causing denial of service. Tags: Intrusion - Tampering
Empirical Study of Tolerating Denial-of-Service Attacks With the Fosel Architecture	2009-07-14	Institute of Electrical and Electronics Engineers
Filtering techniques are one of the main approaches to protect applications from Denial of Service Attacks (DoS). However filtering techniques suffer from two main challenges: the accuracy detection of DoS traffic and processing time. Fosel (Filtering with the help of an Overlay Security Layer) has been proposed to protect application sites from Denial-of-Service attacks. The Fosel architecture addresses how an efficient and well-suited filter can be designed to improve the filtering challenges. This paper explores the effectiveness of the Fosel architecture by implementing an experimental testbed. Experimental study shows that by employing the Fosel architecture, DoS attacks have a negligible chance to saturate the target by malicious packets.
Scraping, Denial of Service, and Brute Force Attacks! Oh My!: Identifying and Controlling Automated Clients	2009-07-01	Breach Security
Anti-Automation defenses are critical in today's web application security landscape. Breach Security's product line is uniquely positioned to help organizations address these automated types of attacks. Only through the combination of all of these capabilities can organizations gain true protections against these threats. Many systems will allow the use of weak passwords or cryptographic keys, and users will often choose easy to guess passwords, possibly found in a dictionary. Given this scenario, an attacker would cycle though the dictionary word by word, generating thousands or potentially millions of incorrect guesses search for the valid password. When a guessed password allows access to the system, the brute force attack has been successful and the attacker is able access the account. Tags: Security Administration, Intrusion - Tampering
Vulnerability Analysis of Extensible Authentication Protocol (EAP) DoS Attack Over Wireless Networks	2009-07-01	Universiti Putra Malaysia
IEEE 802.11 supports 802.1x to provide strong authentication mechanism for Wireless networks. 802.1x utilizes Extensible Authentication Protocol (EAP) as a framework for authentication, allowing for a number of authentication methods to be used. Unfortunately, 802.1x includes some unprotected EAP packets during authentication process which can be easily exploited by an attacker to start different types of Denial of Service (DoS) attacks over wireless networks. This paper developed an experimental framework to demonstrate and quantify possible flooding attacks using unprotected EAP frames against wireless communications. First the author setups a testbed wireless network in order to demonstrate how EAP flooding attacks take very little effort to bring a protected wireless network to a complete halt. Tags: Security Administration, Intrusion - Tampering
Laying the IT Security Foundation - Corralling Conficker and Other Threats in an Evolved Environment	2009-06-01	Lumension
The traditional security approach addresses each individual attack as it crops up through a detect and blocking schema. However in today's ever-changing IT environment, sophisticated threats such as Conficker worm continue to evolve and keep security professionals in an unending game of cat and mouse. Read this paper to learn how to: Regain control of your environment and address the root cause of attacks Automate the detection and remediation of OS and application vulnerabilities and mis-configurations Prevent threats such as Conficker from wreaking havoc on your business Enforce a trusted application environment Tags: Intrusion - Tampering, Security Administration, Security Administration, Intrusion - Tampering
Defense Against DoS, Flooding Attacks	2009-05-25	Linkopings Universitet
The following paper concentrates on the means of defense against denial of service attacks. First, some possible and common denial of service attacks are described to give the reader a basic understanding of what is this type of the attacks. The main part of the project is the mechanism, tools and methods used to prevent the denial of service attacks. At the end a short case study along with the description of the small company network is given. When conducting the experiment the author noticed that a successful attack on the networked system is relatively easy as the needed tools are free to download but at the same time the simple means of defense can be applied to make most of the attacks impossible. Tags: Security Administration, Intrusion - Tampering
Q1 2009 Distributed Denial of Service (DDoS) Report	2009-05-12	Verisign
Contained within the Distributed Denial of Service (DDoS) report for the first Quarter (Q1) of 2009 are news items regarding noteworthy cyber attacks and botnets, the individuals or organizations responsible for their perpetration, arrests and legal developments stemming from these particular incidents, vulnerabilities and exploits that may enable future Denial of Service (DoS) and DDoS activity to occur, and intelligence that such attacks are becoming increasingly more sophisticated.

Cutting-edge technology from premium sponsors

Adaptive Threat Management
High Performance Security for your Distributed Enterprise

Achieve lower TCO, agility, risk mitigation, compliance, and productivity

Webcast series: Cybercrime is a growth industry - is your organisation prepared?
More resources to optimize the security of your enterprise »

Brought to you by:

More Tech Showcases:

Juniper Networks
Hitachi Eco-Products

IDC's Powering the Enterprise Cloud Event 2009

12 Nov - 17 Dec 2009

Grand Copthorne Waterfront Hotel, Singapore

Cloud Computing Summit 2009

9 Dec 2009

Hong Kong Convention and Exhibition Center

4th Annual GovTech 2010

27 - 28 Jan 2010

Amara Hotel, Singapore

ZDNet Asia Top Tech 50 Index

AT&T

Asustek

Canon

Convergys

Ericsson

Hewlett-Packard

Infosys

LogicaCMG

NTT

Samsung

SingTel Group

Toshiba

Xerox

Accenture

Atos Origin

Capgemini

Dell

France Telecom

Hitachi

Intel

Microsoft

Nokia

Satyam Computer Services

Sony

Verizon Communications

ZTE

Alcatel-Lucent

British Telecom

China Mobile

Deutsche Telekom

Fujitsu

Huawei Technologies

LG Electronics

Motorola

Oracle

Seagate Technology

Sun Microsystems

Western Digital

Apple

CSC

Cisco Systems

EMC

Google

IBM

Lenovo Group

NEC

SAP

Siemens IT Solutions & Services

Tata Consultancy Services

Wipro

ZDNet Asia's Top Tech Index will be next updated in 2010.

Overwhelmed by consolidation? Take it in steps.
Learn the 5 steps to data center consolidation - download the whitepaper now.

Choose a career with Accenture in Singapore
A dynamic job opportunity where technology and business intersect

Choose a career with Accenture in Malaysia
A dynamic job opportunity where technology and business intersect

Improving the Security & Management of Active Directory:
See a live demonstration of NetIQ DRA now

The Roots for a Greener World
Discover Hitachi's Environmental Vision 2025 and featured Eco-Products

The Desktop Virtualization Revolution is here!
Find our more with Citrix Simplicity is Power

Master in Organisational Leadership
Part-time masters program from Monash University. Find out more.

Lack of visibility into network issues and performance?
Find out today. Download SolarWinds FREE 30-Day Trial Software here.

IT Salary & Skills Report 2009
Join activeTechPros for free access to the report

More from CBS Interactive

CBS Interactive Inc Sites

About ZDNet Asia |

About CBS Interactive |

ZDNet Asia editorial calendar |

Advertise with us |

Jobs |

Partnership |

Contact Us |

CNET Direct |

CNET Asia |

CNET Asia mobile |

Sitemap

ZDNet.com |

ZDNet Japan |

ZDNet.de |

CNET UK |

CNET.de |

Tech Republic |

BNET |

MP3.com |

activeTechPros |

ZDNet UK |

ZDNet Korea |

ZDNet France |

CNET Australia |

CNET France |

Download.com |

Builder |

GameSpot

ZDNet Australia |

ZDNet Taiwan |

CNET |

CNET Taiwan |

News.com |

Silicon.com |

TV.com |

GameSpot Korea

News | Insight | Reviews | TechGuides | Jobs | Blogs | Videos | Community | Downloads | IT Library |

Get RSS feeds

Security

Featured Whitepapers

Member Login

Adaptive Threat Management

ZDNet Asia Top Tech 50 Index