Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Nearly 4,000 DoS attacks occur per week

Nearly 4,000 DoS attacks occur per week

by ivy on May 28th, 2001 Denial of service (DoS) attacks are launched against commercial Web sites, but also against Internet infrastructure equipment, small countries, and home PCs, at the rate of nearly 4,000 per week, according to a new study by researchers at the University of California, San Diego (UCSD).




The study comes as the result of a partnership between UCSD's Cooperative Association for Internet Data Analysis (CAIDA) and the Jacobs School of Engineering, also at UCSD.



The study team, made up of CAIDA's David Moore, along with Geoffrey M. Volker and Stephen Savage, both of UCSD's Computer Science and Engineering Department, studied DoS attacks across the Internet for three one-week periods, centering on the number, duration, and focus of the attacks.



They found that more than 12,000 DoS attacks were launched in the period studied, with a small percentage targeting devices crucial to the operation of the Internet, including routers and name servers.



DoS attacks involve flooding target computers with false requests for information, overloading the machines' capacity to respond, and leading to denial of service to legitimate users. Many such attacks use multiple computers spread throughout the world that have been taken over through hacking. In early 2000, DoS attacks brought offline for days a number of high-profile sites, including Yahoo.com, Amazon.com, and eBay.com.



Between 2 percent and 3 percent of all DoS attacks studied targeted name servers, the computers used to route Internet traffic to the proper domain name, instead of its numerical address equivalent, according to the study. Routers, which are devices directing traffic to its appropriate locations in networks, received 1 percent to 3 percent of the attacks.



Targeting routers and similar devices for attack is particularly troublesome because taking them offline could result in a service outage to a much greater cross-section of users, rather than just those of a specific Web site.



As was expected, high-profile sites such as Amazon.com, AOL.com, and Hotmail.com were popular targets for DoS attacks, the study said. However, Romanian computers were attacked almost as much as .com and .net sites and Brazilian machines were hit more than .edu and .org sites combined. The vast majority of victims, 95 percent, were attacked fewer than five times, with the bulk of that group, 65 percent, experiencing only one attack.



Also of note, the researchers found that a number of attacks were directed against home users connecting to the Internet using dial-up or cable modems, indicating that DoS attacks are used in personal disputes.



The study tracked an effect called a backscatter, which follows the spread of information requests across the Internet generated by DoS attacks. In many DoS attacks, addresses from which the attacks are launched are faked, or "spoofed," and thus, when requests for service are answered by the server under attack, the data is sent all across the Internet, rather than to the computer where the attack originates. This spread of information is the backscatter, which provides an estimate of worldwide DoS activity, according to the report.




Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »