拒绝服务攻击发展及其防御技术.pptVIP

2. INCIDENTS, TYPES AND MOTIVES INTRODUCTION Denial of Service (DoS) is a prevalent threat in todays networks. We start our survey with a historical timeline of DoS incidents. We then provide an extensive literature review on the existing research on denial of service protection. These include traceback, detection, classification of incoming traffic, response in the presence of an attack, and mathematical modelling of attack and defence mechanisms. Our discussion aims to identify the trends in DoS attacks, the weaknesses of protection approaches and the qualities that modern ones should exhibit, so as to suggest new directions that DoS research can follow. 2. INCIDENTS, TYPES AND MOTIVES The early years: before the year 2000 September 1996, SYN Flood attack The attacking system sends SYN messages to the victim server system that appear to be legitimate but in fact reference a client system that is unable to respond to the SYN/ACK messages. January 1997, ping attack “ping attack” is one of the simplest DoS attacks, where the victim is flooded with more TCP/ICMP packets than it can handle. The early years: before the year 2000 January 1998, smurfing attack The attacker uses ICMP echo request packets directed to IP broadcast addresses from remote locations to generate DoS attacks. January 1998, Teardrop and Bonk attack The hacker exploited known vulnerabilities of the Microsoft Windows operating systems, and succeeded against those computers that were not up to date with the latest security patches. The period of highest known frequency of DoS attacks: from 2000 to 2004 The period of highest known frequency of DoS attacks: from 2000 to 2004 February 2000, July 2000, January 2001 Distributed Reflector DoS attack 2001, a computer worm of Chinese origin, known as “Code Red”, which swept through 250,000 computers in nine hours, with the infected computers being programmed to simultaneously launch a DoS attack against the website of