Showing papers on "Denial-of-service attack published in 1996"

An introduction to intrusion detection

Abstract: A computer system should provide confidentiality, integrity and assurance against denial of service. However, due to increased connectivity (especially on the Internet), and the vast spectrum of financial possibilities that are opening up, more and more systems are subject to attack by intruders. These subversion attempts try to exploit flaws in the operating system as well as in application programs and have resulted in spectacular incidents like the Internet Worm incident of 1988 [12].

A network pump

Abstract: A designer of reliable multi level secure (MLS) networks must consider covert channels and denial of service attacks in addition to traditional network performance measures such as throughput, fairness, and reliability. We show how to extend the NRL data Pump to a certain MLS network architecture in order to balance the requirements of congestion control, fairness, good performance, and reliability against those of minimal threats from covert channels and denial of service attacks. We back up our claims with simulation results.

TCP/IP spoofing fundamentals

Abstract: On January 22, 1995, in an article entitled, "New form of attack on computers linked to Internet is uncovered", John Markoff of the New York Times reported on the TCP/IP protocol suite's security weakness known as IP spoofing. The IP spoofing security weakness was published by S. M. Bellovin (1989). However, not much attention has been paid to the security weaknesses of the TCP/IP protocol by the general public. This is changing as more people and companies are connecting to the Internet to conduct business. This paper will explore the fundamental weaknesses of the TCP/IP protocol suite used in IP spoofing. A demonstration of exploiting the weaknesses to create unauthorized connections to a network host system is presented by reviewing the software tools developed. This is used to execute an IP spoofing attack. Finally, the paper discusses ways to defend against the IP spoofing attack and their effectiveness.

Network security via reverse engineering of TCP code: vulnerability analysis and proposed solutions

Abstract: The transmission control protocol/Internet protocol (TCP/IP) suite is widely used to interconnect computing facilities in modern network environments. However, there exist several security vulnerabilities in the TCP specification and additional weaknesses in a number of its implementations. These vulnerabilities may enable an intruder to "attack" TCP-based systems, allowing him/her to "hijack" a TCP connection or cause denial of service to legitimate users. We analyze TCP code via a "reverse engineering" technique called "slicing" to identify several of these vulnerabilities, especially those that are related to the TCP state-transition diagram. We discuss many of the flaws present in the TCP implementation of many widely used operating systems, such as SUNOS 4.1.3, SVR4, and ULTRIX 4.3. We describe the corresponding TCP attack "signatures" (including the well-known 1994 Christmas Day Mitnick Attack) and provide recommendations to improve the security state of a TCP-based system, e.g., incorporation of a "timer escape route" from every TCP state.

Internet holes - Part 10: UDP viruses

Abstract: UDP viruses are a denial of service threat to anyone using the IP protocol, but they are a threat that can be managed with relative ease given proper technology and knowledge.