Search /
Docfinder:
Advanced search  |  Help  |  Site map
RESEARCH CENTERS
SITE RESOURCES
Click for Layer 8! No, really, click NOW!
Networking for Small Business
TODAY'S NEWS
The botnet world is booming
What’s driving this university to IPv6? Going green
IT pros continue to lose jobs
How ending exclusivity agreements would change the telecom industry
How to use electrical outlets and cheap lasers to steal data
EMC distances rival NetApp
Crime lab saves energy costs by turning up heat in the data center
IBM security software masks confidential info
Google Native Client provides hints on Chrome OS gambit
Ericsson signs deal to run Sprint wireless, wireline networks
Verizon helping companies assess application vulnerabilities
Internet's biggest issue? IPv6 transition, new ARIN CEO says
Gmail, other Google apps, out of beta
Microsoft may have known about critical IE bug for months
Symantec de-duplication strategy targets data growth, virtual machines
Windows 7 ramp-up will be sharp
/

Study: DoS attacks frequent, hit personal PCs

Related linksToday's breaking news
Send to a friendFeedback

By Sam Costello
IDG News Service, 05/23/01

Denial-of -service attacks are launched against commercial Web sites, but also against Internet infrastructure, small countries and home PCs at the rate of nearly 4,000 per week, according to a new study by researchers at the University of California, San Diego.

The study comes as the result of a partnership between UCSD's Cooperative Association for Internet Data Analysis (CAIDA) and the Jacobs School of Engineering, also at UCSD. The study team, made up of CAIDA's David Moore, along with Geoffrey M. Volker and Stephen Savage, both of UCSD's Computer Science and Engineering Department, studied denial-of-service attacks across the Internet for three one-week periods centering on the number, duration and focus of the attacks. They found that more than 12,000 DoS attacks were launched in the period studied, with a small percentage targeting devices crucial to the operation of the Internet, including routers and name servers.

Denial-of-service attacks involve flooding target computers with false requests for information, overloading the machines' capacity to respond and leading to denial of service to legitimate users. Many such attacks use multiple computers spread throughout the world that have been taken over through hacking. In early 2000, Denial of Service attacks brought offline for days a number of high-profile sites, including Yahoo.com, Amazon.com and eBay.com.

Between 2% and 3% of all denial-of-service attacks studied targeted name servers, the computers used to route Internet traffic to the proper domain name, such as www.idg.com, instead of its numerical address equivalent, according to the study. Also, routers, which are devices directing traffic to its appropriate locations in networks, received 1% to 3% of the attacks.

Targeting routers and similar devices for attack is particularly troublesome because taking them offline could result in a service outage to a much greater cross-section of users, rather than just those of a specific Web site.

As was expected, high-profile sites such as Amazon.com, AOL.com and Hotmail.com were popular targets for denial-of-service attacks, the study said. However, Romanian computers were attacked almost as much as .com and .net sites and Brazilian machines were hit more than .edu and .org sites combined. The vast majority of victims, 95%, were attacked fewer than five times, with the bulk of that group, 65%, experiencing only one attack.

Also of note, the researchers found that a number of attacks were directed against home users connecting to the Internet using dial-up or cable modems, indicating that denial-of-service attacks are used in personal disputes.

The study tracked an effect called a backscatter, which follows the spread of information requests across the Internet generated by denial-of-service attacks. In many denial-of-service attacks, addresses from which the attacks are launched are faked, or "spoofed," and thus, when requests for service are answered by the server under attack, the data is sent all across the Internet, rather than to the computer where the attack originates. This spread of information is the backscatter, which provides an estimate of worldwide denial-of-service activity, according to the report.

CAIDA, at UC San Diego, is at www.caida.org

The study is available here

The IDG News Service is a Network World affiliate.

Related Links

 
NWFusion offers more than 40 FREE technology-specific email newsletters in key network technology areas such as NSM, VPNs, Convergence, Security and more.
Click here to sign up!
New Event - WANs: Optimizing Your Network Now.
Hear from the experts about the innovations that are already starting to shake up the WAN world. Free Network World Technology Tour and Expo in Dallas, San Francisco, Washington DC, and New York.
Attend FREE
Your FREE Network World subscription will also include breaking news and information on wireless, storage, infrastructure, carriers and SPs, enterprise applications, videoconferencing, plus product reviews, technology insiders, management surveys and technology updates - GET IT NOW.
* HOME    * RESEARCH CENTERS     * NEWS     * EVENTS

Contact us | Terms of Service/Privacy | How to Advertise
Reprints and links | Partnerships | Subscribe to NW
About Network World, Inc.

Copyright, 1994-2006 Network World, Inc. All rights reserved.