RealNews

Taking aim at denial-of-service attacks

Graduate students from Carnegie Mellon University on Monday proposed two methods aimed at greatly reducing the effects of Internet attacks. In two papers presented at the IEEE Symposium on Security and Privacy here, the graduate students suggested simple modifications to network software that could defeat denial-of-service attacks and that could be implemented in the current protocol used by the Internet. The symposium, sponsored by the Institute of Electrical and Electronics Engineers, began Sunday and lasts through Wednesday. Steven Bellovin, a research fellow in network security at AT&T Labs, said both proposals are credible attempts at solving for network administrators the sticky problems of denial-of-service attacks. Denial-of-service attacks essentially come in three varieties: those that tie up the intended victim’s Web server by, for example, sending in a flood of valid data; those that consume so much memory that the server essentially freezes; and those that exploit a software flaw and cause the server to freeze or crash. The two proposals address the first two types of denial-of-service attacks. Full Story

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.