design of a ddos attack resistant distributed spam
play

Design of a DDoS Attack-Resistant Distributed Spam Blocklist Jem E. - PowerPoint PPT Presentation

Oct 15, 2022 •215 likes •381 views

Design of a DDoS Attack-Resistant Distributed Spam Blocklist Jem E. Berkes Dept. Electrical and Computer Engineering University of Manitoba Winnipeg, Canada Introduction Anti-spam blocklists are vital for the Internet Blocklists are

  1. Design of a DDoS Attack-Resistant Distributed Spam Blocklist Jem E. Berkes Dept. Electrical and Computer Engineering University of Manitoba Winnipeg, Canada

  2. Introduction ● Anti-spam blocklists are vital for the Internet ● Blocklists are targets of DDoS attacks  Making operation impractical, costly ● How to make blocklists resistant to attacks?

  3. Presentation outline ● Background  Spam blocklists  DNSBL technology  DDoS attacks  Design motivation ● Proposed solution  Structure  Security  Implementation ● Conclusion ● Questions

  4. Background: Spam blocklists ● Primary anti-spam measure for ISPs ● Simple, efficient, effective ● Third party database ● IPs or domain names meeting criteria, e.g.  Insecure hosts/open relays/open proxies  Hosts that sent spam  Hosts belonging to networks that send spam ● Many databases available, nearly all are free and maintained by volunteer organizations

  5. Background: DNSBL technology ● DNSBL: DNS Blocklist (“RBL”, “blacklist”) ● First used for Paul Vixie's MAPS/RBL, 1997

  6. Background: DNSBL technology

  7. Background: DNSBL technology ● DNSBLs save bandwidth! ● Front line of spam defence ● Vital for ISPs

  8. Background: DDoS attacks ● DDoS: Distributed Denial of Service  Continuous TCP/ICMP traffic from many hosts ● Blocklists are popular attack targets ● Permanently shut down due to DDoS attacks:  Osirusoft, Monkeys ● Current targets of ongoing attacks:  SPEWS, Spamhaus, SpamCop ● Withstanding attacks is costly

  9. Background: Design motivation ● DNSBLs are easy to attack ● Central servers  Can add more servers, but there is high cost  Almost all blocklists run by volunteers ● Can blocklists be made resistant to attacks,  while maintaining data integrity  without requiring costly resources?

  10. Proposed solution: Structure ● Distributed blocklist ● Peer-to-Peer system ● Pooling resources ● No central server ● Publisher in control

  11. Proposed solution: Structure ● Who are the Nodes?  Small, medium, large ISPs  Anyone with resources ● Who is Publisher?  Authority on blocklist data  Likely, anonymous ● The point: there is no vital entity to attack

  12. Proposed solution: Security ● All Nodes serve blocklist data ● No central server ● How can we trust blocklist contents?  What enforces Publisher's control? ● Digital signatures (PGP/OpenPGP)

  13. Proposed solution: Security ● Nodes (and users) can verify data integrity ● All Packages must be signed by Publisher ● Guarantees propagation of authentic data

  14. Proposed solution: Implementation ● Required protocols already exist  OpenPGP data signatures  HTTP data transfers, or  Gnutella for P2P structure ● Users could run local DNSBL  i.e. No changes required to mail server software

  15. Conclusion ● Current spam blocklists are threatened ● A distributed (Peer-to-Peer) system  Eliminates central servers  Allows pooling of resources ● Enforcing digital signatures  Maintains data integrity and reliability  Gives a Publisher sole control of data ● Distributed spam blocklist can be built using existing protocols

  16. Questions Any questions?

Recommend

.tr DDoS Attack December 2015 Attila zgit .tr ccTLD Manager Dec, 2015 .tr DDoS Attack A

.tr DDoS Attack December 2015 Attila zgit .tr ccTLD Manager Dec, 2015 .tr DDoS Attack A

.tr DDoS Attack December 2015 Attila zgit .tr ccTLD Manager Dec, 2015 .tr DDoS Attack A Summary of a 3 weeks long experience 2016-03-07 Dec 2015 DDoS Attack on .TR 2 Before DDoS q Infrequent Small scale DoS and DDos Attacks Few

606 views • 14 slides
DDoS Last Class Fault tolerance Concurrency Naming This Class Networking How

DDoS Last Class Fault tolerance Concurrency Naming This Class Networking How

DDoS Last Class Fault tolerance Concurrency Naming This Class Networking How DDoS works UDP Data Client Server Response TCP DDoS Distributed denial-of-service attack Attacker targets a victim from a number of

356 views • 22 slides
Network Security CIA +Availability By Jinjian Ma Topics DOS/DDoS Detection & Defense

Network Security CIA +Availability By Jinjian Ma Topics DOS/DDoS Detection & Defense

Network Security CIA +Availability By Jinjian Ma Topics DOS/DDoS Detection & Defense Prevention DOS/DDoS Types Vulnerability attack Flooding attack DoS vs DDoS DoS: Attack is launched from single host Less

614 views • 26 slides
Spam, Spam, Spam Why is spam interesting? Everyone can observe spam. Spam / Anti-spam is a

Spam, Spam, Spam Why is spam interesting? Everyone can observe spam. Spam / Anti-spam is a

Spam, Spam, Spam Why is spam interesting? Everyone can observe spam. Spam / Anti-spam is a highly evolved form of information warfare. Fascinating socioeconomic study with many players - users, ISPs, spammers, technologists, legal

322 views • 17 slides
Adaptive Distributed Distributed Traffic Traffic Adaptive Adaptive Distributed Traffic Control

Adaptive Distributed Distributed Traffic Traffic Adaptive Adaptive Distributed Traffic Control

Adaptive Distributed Distributed Traffic Traffic Adaptive Adaptive Distributed Traffic Control Service Service for for DDoS DDoS Attack Attack Control Control Service for DDoS Attack Mitigation Mitigation Mitigation Bernhard Plattner,

474 views • 24 slides
DDoS Attack Landscapes Introduction General opinion AKA DDoS skeptics Denial of Service

DDoS Attack Landscapes Introduction General opinion AKA DDoS skeptics Denial of Service

DDoS Attack Landscapes Introduction General opinion AKA DDoS skeptics Denial of Service attacks are a fact of life on the Internet Service disruption Sometimes employed as a smoke screen What this talk is and

799 views • 23 slides
On the Feasibility of Rerouting-based DDoS Defenses Muoi Tran , Min Suk Kang, Hsu-Chun Hsiao,

On the Feasibility of Rerouting-based DDoS Defenses Muoi Tran , Min Suk Kang, Hsu-Chun Hsiao,

On the Feasibility of Rerouting-based DDoS Defenses Muoi Tran , Min Suk Kang, Hsu-Chun Hsiao, Wei-Hsuan Chiang, Shu-Po Tung, Yu-Su Wang May 2019 | San Francisco, CA Transit-link DDoS attack: a powerful type of volumetric DDoS attack

438 views • 25 slides
Discriminating reflective DDoS attack tools at the reflector Fons Mijnen Max Grim

Discriminating reflective DDoS attack tools at the reflector Fons Mijnen Max Grim

Discriminating reflective DDoS attack tools at the reflector Fons Mijnen Max Grim fons.mijnen@os3.nl max.grim@os3.nl 2 DDoS attacks DDoS attacks are a problem internet users have faced for many years, and is still relevant today. 3 DDoS

531 views • 52 slides
Overview Distributed Services for Distributed VPNs Objectives for Robust Time

Overview Distributed Services for Distributed VPNs Objectives for Robust Time

Michael Rossberg, Rene Golembewski, Guenter Schaefer Ilmenau University of Technology, Germany ICCCN 2012 Attack-Resistant Distributed Time Synchronization for Virtual Private Networks Overview Distributed Services for Distributed VPNs

212 views • 9 slides
Optimized or Balanced Mix Design Crack Resistant Rut Resistant Resistant to Moisture

Optimized or Balanced Mix Design Crack Resistant Rut Resistant Resistant to Moisture

Optimized or Balanced Mix Design Crack Resistant Rut Resistant Resistant to Moisture Damage 1 Balanced Mix Design: ETG Definition Asphalt mix design using performance tests on appropriately conditioned specimens that address

480 views • 46 slides
Analysis Group 5 Mohammad Ahmad Ryadh Almuaili Outline Introduction Previous Work

Analysis Group 5 Mohammad Ahmad Ryadh Almuaili Outline Introduction Previous Work

Analysis Group 5 Mohammad Ahmad Ryadh Almuaili Outline Introduction Previous Work Approaches Design & Implementation Results Conclusion References WHAT IS DDoS ? DDoS: Distributed denial of service attack

255 views • 21 slides
DDOS: DDos and DDonts DrupalCon 2016 Agenda What is DDoS Detecting DDoS Attacks

DDOS: DDos and DDonts DrupalCon 2016 Agenda What is DDoS Detecting DDoS Attacks

DDOS: DDos and DDonts DrupalCon 2016 Agenda What is DDoS Detecting DDoS Attacks DDoS Prevention Improving Performance Questions Glossary DDoS - Attempt to make a server or network resource unavailable to Internet

549 views • 30 slides
Catch me if you can A cloud based DdoS defense Mikal Fourrier DDoS attacks Goal: prevent

Catch me if you can A cloud based DdoS defense Mikal Fourrier DDoS attacks Goal: prevent

Catch me if you can A cloud based DdoS defense Mikal Fourrier DDoS attacks Goal: prevent the access to a computer system to it's legitimate users. DDoS: DoS attack on the network using a lot of different source IP Why:

327 views • 16 slides
Filtering Based Techniques DDOS Attacks: Target CPU / Bandwidth for DDOS Mitigation

Filtering Based Techniques DDOS Attacks: Target CPU / Bandwidth for DDOS Mitigation

Introduction: Filtering Based Techniques DDOS Attacks: Target CPU / Bandwidth for DDOS Mitigation Attacker signals slaves to launch an attack on a specific target address (victim). Slaves then respond by Comp290: Network

275 views • 9 slides
A Taxonomy of DDoS Attacks and DDoS Defense Mechanisms Jelena Mirkovic, Janice Martin & Peter

A Taxonomy of DDoS Attacks and DDoS Defense Mechanisms Jelena Mirkovic, Janice Martin & Peter

A Taxonomy of DDoS Attacks and DDoS Defense Mechanisms Jelena Mirkovic, Janice Martin & Peter Reiher Manu Shantharam & David Hadka What is DoS? DoS A type of attack wherein access to computer resource / service is denied or

380 views • 18 slides
DDoS Security Testing MIKE BERKELAAR & AZAD KAMALI (UVA) SUPERVISOR: PIETER WESTEIN

DDoS Security Testing MIKE BERKELAAR & AZAD KAMALI (UVA) SUPERVISOR: PIETER WESTEIN

DDoS Security Testing MIKE BERKELAAR & AZAD KAMALI (UVA) SUPERVISOR: PIETER WESTEIN (DELOITTE) SUMMER 2014 A (D)DoS Attack Is an attempt to make a service/resource unable to operate as intended Called Distributed , when more

559 views • 21 slides
COLOSSAL DDoS ATTACKS ARE THE NEW REALITY Defeating DDoS Needs a Precision Strategy Your Secure

COLOSSAL DDoS ATTACKS ARE THE NEW REALITY Defeating DDoS Needs a Precision Strategy Your Secure

COLOSSAL DDoS ATTACKS ARE THE NEW REALITY Defeating DDoS Needs a Precision Strategy Your Secure Application Services CONFIDENTIAL | DO NOT DISTRIBUTE Company 1. CONFIDENTIAL | DO NOT DISTRIBUTE Attack Tools over Time - Evolved Binary

385 views • 12 slides
Denial of Service Last Class Fault tolerance Concurrency Naming This Class

Denial of Service Last Class Fault tolerance Concurrency Naming This Class

Denial of Service Last Class Fault tolerance Concurrency Naming This Class Networking How DDoS works UDP Data Client Server Response TCP DDoS Distributed denial-of-service attack Attacker targets a victim from a

436 views • 28 slides
Our My first DDoS attack Velocity Europe 2011 Berlin Cosimo Streppone Operations Lead

Our My first DDoS attack Velocity Europe 2011 Berlin Cosimo Streppone Operations Lead

Our My first DDoS attack Velocity Europe 2011 Berlin Cosimo Streppone Operations Lead <video of Mr. Wolf going to Jimmy's house in Pulp Fiction> this couldn't fit in the PDF... sorry. http://www.youtube.com/watch?v=hsKv5d0sIlU

702 views • 44 slides
Spam Fighting at CERN 28 April 2004 Emmanuel Ormancey 1 What is Spam ? What is Spam ? Spam

Spam Fighting at CERN 28 April 2004 Emmanuel Ormancey 1 What is Spam ? What is Spam ? Spam

Spam Fighting at CERN 28 April 2004 Emmanuel Ormancey 1 What is Spam ? What is Spam ? Spam is the friendly name given to unsolicited mail everyone receives in the mailbox. Comes from a Monty Python sketch, where in a caf everything

505 views • 13 slides
Distributed Measurements for Attack Detection Distributed Measurements for Attack Detection Prof.

Distributed Measurements for Attack Detection Distributed Measurements for Attack Detection Prof.

Universitt Tbingen Computer Networks and Internet Distributed Measurements for Attack Detection Distributed Measurements for Attack Detection Prof. Dr. Georg Carle Chair for Computer Networks and Internet University of Tbingen Germany

291 views • 8 slides
Robot Attack! Repelling Bots, DDOS, and other Fiends Stanford Drupal Camp 2015 MEET YOUR GUIDES

Robot Attack! Repelling Bots, DDOS, and other Fiends Stanford Drupal Camp 2015 MEET YOUR GUIDES

Robot Attack! Repelling Bots, DDOS, and other Fiends Stanford Drupal Camp 2015 MEET YOUR GUIDES Suzanne Aldrich Martijn Gonlag Senior Customer Success Engineer - Pantheon Technical Support Engineer - CloudFlare AGENDA Surveying Robots

247 views • 13 slides
Opinion Spam and Analysis NITIN JINDAL & BING LIU, WSDM 08 UIUC Opinion/Review Spam All

Opinion Spam and Analysis NITIN JINDAL & BING LIU, WSDM 08 UIUC Opinion/Review Spam All

Opinion Spam and Analysis NITIN JINDAL & BING LIU, WSDM 08 UIUC Opinion/Review Spam All spam is spam but some spam is more spam than others Opinion spam similar to web spam or email spam in intent, but different in form / content Web

912 views • 38 slides
Large-scale Evaluation of Distributed Attack Detection Thomas Gamer, Christoph P. Mayer Institut

Large-scale Evaluation of Distributed Attack Detection Thomas Gamer, Christoph P. Mayer Institut

Large-scale Evaluation of Distributed Attack Detection Thomas Gamer, Christoph P. Mayer Institut fr Telematik, Universitt Karlsruhe (TH), Germany Why Attack Detection still is important Distributed Denial-of-Service problem persists Attack

366 views • 19 slides

More recommend