Moreover, DoS may include execution of malicious software. Attackers frequently use compromised systems to form botnet. These compromised systems (bots) are then used as the launch pad for attacking other systems. This kind of attack is known as distributed denial-of-service (DDoS) attack.
Often intruders install ‘agent’ on several compromised systems awaiting command from the intruder. A single ‘handler’ instructs all such compromised systems to launch the attack on another system. If such attack is conducted on a sufficiently large scale, it may cause a serious network security event that may be problematic for users, service providers and law enforcement agencies.
Variants of DoS include smurf attack, ping flood, ping of death, SYN flood, teardrop, spoofed/reflected attack and unintentional attack (Fig. 2).
In smurf attack, a misconfigured network component allows packets to be sent to all systems on a particular network via the broadcast address of the network.
In ping flood attack, a large number of ping packets are sent to the targeted system, usually using ‘ping’ command.
In ping-of-death attack, a deformed ping packet is sent to the victim that can crash the system.
In SYN flood, the attacker sends a flood of TCP/SYN packets with a forged source address. In such a case, due to forged source address, the victim’s computer keeps waiting for a response from the source address and ultimately remains unavailable to its intended users.
Teardrop attack sends IP fragments with overlapping and over-sized payloads.
Spoofed or reflected attack involves setting of source address to that of the targeted system. This results in a large number of replies from several computers to the targeted system. Sometimes, due to a sudden enormous spike in the popularity of a website, denial-of-service event on such a less-equipped website occurs due to access requests from a huge number of people.
To sum up
Defending against cyber threats typically involves the use of a combination of attack detection, traffic classification, prevention and recovery from a security attack. There are a lot of techniques for defence. Keeping all the application software and operating system updated, changing passwords frequently, using firewall, antivirus and antispyware software, cryptographic tools, intrusion detection system and software/hardware/physical controls, and above all educating people on security solves many problems.
The author is working with Bharat Sanchar Nigam Limited as a junior telecom officer and is currently posted at Ludhiana, Punjab. He holds PhD degree in electronics engineering from Indian Institute of Technology-BHU, Varanasi, and has authored and co-authored more than 25 research papers in peer-reviewed national/international journals including IEEE and conference proceedings