NTP DRDoS Attack Vulnerability and Mitigation

2014 ◽  
Vol 644-650 ◽  
pp. 2875-2880
Author(s):  
A. Alfraih Abdulaziz Nasser ◽  
Wen Bo Chen
Keyword(s):  
Amplification Factor ◽  
Denial Of Service ◽  
Personal Computers ◽  
Distributed Network ◽  
Network Time ◽  
Hands On ◽  
Time Zones ◽  
Network Time Protocol ◽  
The Way

The Network Time Protocol (NTP) is used to synchronize clocks of various computer devices such as personal computers, tablets, and phones based their set time zones. The network of devices that use these NTP servers form a huge distributed network that attracted a number of attacks from late 2013 towards early 2014. This paper presents a hands-on test of the Distributed Reflection Denial of Service (DRDoS) attack by the monlist command, provides more vulnerability in the protocol, and offers mitigation to these vulnerabilities. A Kali Linux server was used to test the monlist command on its localhost. The results showed that a request with a size of 234 bytes got a response of 4,680 bytes. A busy NTP server can return up to 600 addresses which were theoretically calculated to return approximately 48 kilobytes in 100 packets. Consequently, this results in an amplification factor of 206×. The knowledge of the way the attack can be propagated was an important step in thwarting the attack and mitigating more such threats in the same protocol.

An efficient algorithm to detect DDoS amplification attacks

2020 ◽  
Vol 39 (6) ◽  
pp. 8565-8572
Author(s):  
Md Abdul Quadir ◽  
J. Christy Jackson ◽  
J. Prassanna ◽  
K. Sathyarajasekaran ◽  
K. Kumar ◽  
...  
Keyword(s):  
Intelligent System ◽  
Denial Of Service ◽  
The Internet ◽  
Distributed Denial Of Service ◽  
Domain Name System ◽  
Ip Address ◽  
Critical Part ◽  
Access Control List ◽  
Network Time ◽  
Network Time Protocol

Domain name system (DNS) plays a critical part in the functioning of the Internet. But since DNS queries are sent using UDP, it is vulnerable to Distributed Denial of Service (DDoS) attacks. The attacker can take advantage of this and spoof the source IP address and direct the response towards the victim network. And since the network does not keep track of the number of requests going out and responses coming in, the attacker can flood the network with these unwanted DNS responses. Along with DNS, other protocols are also exploited to perform DDoS. Usage of Network Time Protocol (NTP) is to synchronize clocks on systems. Its monlist command replies with 600 entries of previous traffic records. This response is enormous compared to the request. This functionality is used by the attacker in DDoS. Since these attacks can cause colossal congestion, it is crucial to prevent or mitigate these types of attacks. It is obligatory to discover a way to drop the spoofed packets while entering the network to mitigate this type of attack. Intelligent cybersecurity systems are designed for the detection of these attacks. An Intelligent system has AI and ML algorithms to achieve its function. This paper discusses such intelligent method to detect the attack server from legitimate traffic. This method uses an algorithm that gets activated by excess traffic in the network. The excess traffic is determined by the speed or rate of the requests and responses and their ratio. The algorithm extracts the IP addresses of servers and detects which server is sending more packets than requested or which are not requested. This server can be later blocked using a firewall or Access Control List (ACL).

scholarly journals Security Vulnerability Assessment of Google Home Connection with an Internet of Things Device

Proceedings ◽  
2021 ◽  
Vol 74 (1) ◽  
pp. 1
Author(s):  
Hilal Çepik ◽  
Ömer Aydın ◽  
Gökhan Dalkılıç
Keyword(s):  
Internet Of Things ◽  
Vulnerability Assessment ◽  
Smart Home ◽  
Human Life ◽  
Computer Systems ◽  
Security Vulnerability ◽  
Network Time ◽  
Network Time Protocol ◽  
Home Systems

With virtual assistants, both changes and serious conveniences are provided in human life. For this reason, the use of virtual assistants is increasing. The virtual assistant software has started to be produced as separate devices as well as working on phones, tablets, and computer systems. Google Home is one of these devices. Google Home can work integrated with smart home systems and various Internet of Things devices. The security of these systems is an important issue. As a result of attackers taking over these systems, very serious problems may occur. It is very important to take the necessary actions to detect these problems and to take the necessary measures to prevent possible attacks. The purpose of this study is to test whether an attack that attackers can make to these systems via network time protocol will be successful or not. Accordingly, it has been tried to attack the wireless connection established between Google Home and an Internet of Things device over the network time protocol. Attack results have been shared.

The Merging of Computers and Business Communication

1987 ◽  
Vol 15 (4) ◽  
pp. 383-389 ◽  
Author(s):  
Joan C. Roderick ◽  
Karen A. Forcht
Keyword(s):  
College Students ◽  
Organizational Communication ◽  
Teaching Strategies ◽  
Educational Experience ◽  
Business Communication ◽  
Computer Applications ◽  
Hard Copy ◽  
Hands On ◽  
User Friendly ◽  
The Way

Because of the availability of user-friendly software and the affordability of hardware, computers have become a common means of organizational communication. Users have had to change the way they process thoughts and ideas and to transfer them into hard-copy documentation. The integration of the computer into the business communication curriculum allows the instructor to provide a relevant and practical educational experience for college students. This article examines the importance of incorporating hands-on usage of a microcomputer in the business communication class and discusses computer applications and teaching strategies for text editing, punctuation review, and grammar assistance.

First measurement service applied to event dating for reliable business transactions: metrology for digital transformation using Colombian legal time.

2021 ◽  
Author(s):  
Claudia Fernanda Rodriguez ◽  
Keyword(s):  
Digital Transformation ◽  
National Standards ◽  
National Standard ◽  
National Metrology Institute ◽  
Remote Measurement ◽  
Time Service ◽  
Network Time ◽  
Network Time Protocol ◽  
National Comparison ◽  
The Difference

Diffusing the legal time in Colombia is one missional assessment of INM (National Metrology Institute of Colombia). This is done via a public IP through an NTP server (Network Time Protocol Server) disciplined to the National Standard of Time and Frequency. So, the companies can synchronize their servers, but they do not have certainty about the difference that exists between the time of the client-server and the legal time of the INM server because there is not a constant verification implemented by themselves. In Colombia, the demand for the legal time service has increased because it is used by many companies due to the rise of innovative applications such as time-stamp, digital signature, electronic invoice, and economic transactions. This has an impact on the economic environment of a country for world trade. For this reason, the INM of Colombia implemented a new service to measure the synchronization offset with the legal time, which allows the companies to have a new service that generates reliability respecting the time they use to provide their services. Inspired by the INM contribution to the international comparison Universal Time Coordinated (UTC) and the intercomparison of the National Standards of Time and Frequency implemented through the SIM time scale (SIMT) using GPS (Global Positioning System), the INM developed a customized application for national comparison using NTP. As a result, this is the first remote measurement service as evidence of metrology for digital transformation in Colombia in the field of time and frequency.

Does an Open Source Development Environment Facilitate Conventional Project Management Approaches and Collaborative Work?

2021 ◽  
pp. 239-256
Author(s):  
Richard Garling
Keyword(s):  
Project Management ◽  
Open Source ◽  
Collaborative Work ◽  
The United States ◽  
Free Access ◽  
Development Environment ◽  
Network Time ◽  
Network Time Protocol ◽  
Management Approaches ◽  
Open Source Development

Open source software (OSS) is very well known for allowing free access to the source code of the application. The idea is to allow for the creation of a better product. The more people working to make each aspect of an application better, more minds create more ideas, create a better project. OSS runs the internet since all of the protocols—network time protocol (NTP), HTTP, amongst many others—are OSS projects with many years of use. These projects are run by volunteers worldwide. But, none of these projects are run using the traditional methodologies of project management: Waterfall and Agile. This chapter asks: How does an open source development environment facilitate conventional Waterfall project management approaches? and How does an open source development environment facilitate Agile project collaborative work? The method used to determine the answers used surveys and questionnaires involving actual participants in a variety of OSS projects from across the United States (US). The questions asked concerned the organization OSS projects, did they use a particular traditional methodology or some other non-defined method of organization? The answers received by this study centered on non-defined methods of organization; traditional methodologies were considered too restrictive and not agile enough to allow for the freedom cherished by their volunteers.

Instructional Use of Personal Computers in Human Factors Labs

1988 ◽  
Vol 32 (7) ◽  
pp. 468-472
Author(s):  
Andris Freivalds ◽  
Joseph H. Goldberg
Keyword(s):  
Data Collection ◽  
Human Factors ◽  
Research Data ◽  
The Other ◽  
Personal Computers ◽  
Educational Tool ◽  
Hands On ◽  
Instructional Use

With the ubiquitousness of personal computers (PCs), it is only natural that they should be utilized in human factors laboratories not only for research data collection but also as an educational tool. With large engineering classes, most labs cannot afford to have multiple meters and instruments to service several identical laboratory stations simultaneously. Instead, it is extremely helpful to have several PCs with programs depicting basic human factors principles running simultaneously with the other stations. Thus, the PC programs are not intended to eliminate hands-on experimentation, but to help alleviate loading problems and provide useful educational principles.

Sign in / Sign up

Export Citation Format

Share Document