ABSTRACT
This paper presents an interactive exercise based on offensive denial of service techniques used by hackers. The goals of the exercise are to teach how a large class of denial of service (DoS) attacks work. Students will see that it is not necessary to use distributed DoS. Moreover, using virtualization, we created an exercise that was easy for faculty to use. We tested it on a class of computer science undergraduates, and while it was well-received by the students and easy for the faculty member, we learned some important lessons about designing hands-on exercises. In addition to teaching students about DoS attacks and how to defend against them, this exercise also requires students to look carefully at the HTTP protocol.
In the following laboratory exercise, students learn offensive techniques in a context that prompts them to think critically about what makes networks secure and how they can be made more secure. The exercise involves the use of two newer but well-known denial of service attacks: 'SlowLoris' and 'R-U-Dead-Yet?' (RUDY). The students perform these attacks through a Java-based graphical interface, to make the lab more accessible. While carrying out the attacks, the students answer questions designed to improve their analytical skills and to better their understanding of TCP, HTTP, and application-layer security considerations.
- Anpilova, N., Das, S., Goodhart, B., Marsh, S, 2011. The HTTP POST Distributed Denial of Service Exploit. INFS 612 Summer 2011 PGN#1Google Scholar
- Bowne, S., 2009. Slowloris - stopping Apache Web servers. DEFCON '09. http://samsclass.info/seminars/DEFCON09_Bowne_Slowloris.docGoogle Scholar
- Caltagirone, S., Ortman, P., Melton, S., Manz, D., King, K., Oman, P. 2006. Design and implementation of a multi-use attack-defend computer security lab. In Proceedings of the 39th Hawaii International Conference on System Sciences. HICSS USA. Google ScholarDigital Library
- Du, W. 2011. SEED Project. Syracuse University. http://www.cis.syr.edu/~wedu/seed/Google Scholar
- Mink, M., and Freiling, F. C. 2006. Is attack better than defense? Teaching information security the right way. In Proceedings of the 3rd Annual Conference on Information Security Curriculum Development, InfoSecCD '06, pp 44--48, Kennesaw, Georgia. Google ScholarDigital Library
- Mirkovic, J., Wei, S., Hussain, A., Wilson, B., Thomas, R., Schwab, Fahmy, S., Chertov, R., and Reiher, P., 2007. DDoS benchmarks and experimenter's workbench for the DETER testbed. In Proceedings of the Tridentcom 2007, May. http://www.eecis.udel.edu/~sunshine/publications/tric.pdfGoogle Scholar
- Nance, K., Hay, B., Dodge, R., Wrubel, J., Burd, S., Seazzu, A. 2009. Replicating and sharing computer security laboratory environments, In Proceedings of the 42nd Hawaii International Conference on System Sciences. HICSS. http://www.hicss.hawaii.edu/hicss_46/Virtualization.pdf Google ScholarDigital Library
- Nestler, V., White, G., Conklin, W., Hirsch, M., Schou, C. 2011. Principles of Computer Security CompTIA Security+ and Beyond Lab Manual, Second Edition. Google ScholarDigital Library
- Tavani, H. 2010. Ethics and Technology: Controversies, Questions, and Strategies for Ethical Computing, Wiley. Google ScholarDigital Library
- Taylor, B., Azadegan, S., Kaza, S., O'Leary, M., Turner, C. 2012. Security Injections. Towson University.Google Scholar
- Trabelsi, Z. 2011. Hands-on lab exercises implementation of DoS and MiM attacks using ARP cache poisoning. In Information Security Curriculum Development Conference, InfoSecCD '11, Kennesaw, Georgia. pp 74--83. Google ScholarDigital Library
- Walfish, M., Vutukuru, M., Balakrishnan, H., Karger, D., Shenker, S. 2010. DDoS defense by offense. In ACM TOCS: Volume 28: Issue 1; Article No. 3. Google ScholarDigital Library
- Zalewski, M; Ciobanu, A. I. 2007. Re: a cheesy Apache / IIS DoS vulnerability (and a question). Bugtraq. Retrieved July 6, 2012 http://www.securityfocus.com/archive/1/455833/30/0/threadedGoogle Scholar
Index Terms
- Hands-on denial of service lab exercises using SlowLoris and RUDY
Recommendations
Surviving Distributed Denial-of-Service Attacks
A series of distributed denial-of-service (DDoS) attacks were launched against computer systems and services in the US and South Korea beginning July 4th. A DDoS attack is an attempt to make a computer service unavailable to its intended users. The ...
Hands-on lab exercises implementation of DoS and MiM attacks using ARP cache poisoning
InfoSecCD '11: Proceedings of the 2011 Information Security Curriculum Development ConferenceThe field of academic security education today is dominated by defensive techniques. However, recently, offensive techniques which were originally developed by hackers, are gaining widespread approval. Many information security educators believe that ...
A Survey on Denial of Service Attacks and Preclusions
ICIA-16: Proceedings of the International Conference on Informatics and AnalyticsSecurity is concerned with protecting assets. The aspects of security can be applied to any situation- defense, detection and deterrence. Network security plays important role of protecting information, hardware and software on a computer network. ...
Comments