Аналіз поширених типів мережевих атак та чинники, що уможливлюють їх успішне здійснення

О.Б. Годлевський; М.К. Мороховець; Н.М. Щоголева

doi:10.15407/intechsys.2025.02.055

Автор(и)

О.Б. Годлевський Інститут кібернетики імені В.М. Глушкова НАН України https://orcid.org/0009-0005-8067-077X
М.К. Мороховець Інститут кібернетики імені В.М. Глушкова НАН України https://orcid.org/0009-0008-2191-8677
Н.М. Щоголева Інститут кібернетики імені В.М. Глушкова НАН України

DOI:

https://doi.org/10.15407/intechsys.2025.02.055

Ключові слова:

комп’ютерна мережа, кібератака, інформаційна безпека, протоколи Інтернету

Анотація

Подано огляд поширених типів мережевих атак. Для кожного типу атак описано джерела та об’єкти атаки, мету та результати атаки, дії, що виконуються для досягнення мети атаки. Для кожного типу атак зазначено, що уможливлює здійснення атак. На базі знайдених відомостей зібрано та класифіковано чинники, що уможливлюють успішне здійснення атак. Окреслено напрями посилення стійкості до мережевих атак.

Посилання

Shirey, R. Internet Security Glossary. URL: https://www.rfc-editor.org/info/rfc2828 [Accessed May. 2000]

Information Security. URL: https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-30r1.pdf

r1.pdf

NIST Special Publication 1800-26A. URL: https://www.nccoe.nist.gov/publication/1800-26/VolA/index.html

Understanding Denial-of-Service Attacks. URL: https://www.cisa.gov/news-events/news/understanding-denial-service-attacks

Computer networks / Andrew S. Tanenbaum, David J. Wetherall. – 5th ed.. URL: https://csc-knu.github.io/sys-prog/books/Andrew%20S.%20Tanenbaum%20-%20Computer%20Networks.pdf

Distributed Denial of Service Attacks. The Internet Protocol Journal, Vol. 7 (4). URL: https://web.archive.org/web/20190826143507/https:/www.cisco.com/c/en/us/about/press/internet-protocol-journal/back-issues/table-contents-30/dos-attacks.html

DDoS Mitigation using Cumulus Linux. URL:

https://www.hyperscalers.com/how-to-implement-DDoS-mitigation-cumulus-linux-bare-metal-switches-BMS-100G-networking

Mor Sides, Anat Bremler-Barr, Elisha Rosensweig. Yo-yo attack: vulnerability in auto-scaling mechanism. SIGCOMM – 15: Proceedings of the 2015 ACM Conference on Special Interest Group on Data Communication, 103–104. https://doi.org/10.1145/2785956.2790017

Amazon 'thwarts largest ever DDoS cyber-attack' 18 June 2020. BBC News, Jun 18, 2020. URL: https://www.bbc.com/news/technology-53093611

AWS Security Blog. AWS Shield Threat Landscape report is now available. By Mário Pinho, 29 May. 2020. URL: https://aws.amazon.com/blogs/security/aws-shield-threat-landscape-report-now-available

The Cloudflare Blog. Cloudflare mitigates record-breaking 71 million request-per-second DDoS attack 2023-02-13. By Omer Yoachimik, Julien Desgats, Alex Forster. URL: https://blog.cloudflare.com/cloudflare-mitigates-record-breaking-71-million-request-per-second-ddos-attack

The Cloudflare Blog. The New DDoS Landscape 2017-11-23 By Junade Ali. URL: https://blog.cloudflare.com/the-new-ddos-landscape

Kubernetes Autoscaling: YoYo Attack Vulnerability and Mitigation. Ronen Ben David, Anat Bremler Barr. URL: https://arxiv.org/abs/2105.00542

Xiaoqiong Xu, Jin Li, Hongfang Yu, Long Luo, Xuetao Wei, Gang Sun. Digital Towards Yo-Yo attack mitigation in cloud auto-scaling mechanism. Communications and Networks, 2020, Vol. 6 (3), 369–376. https://doi.org/10.1016/j.dcan.2019.07.002

Video games company hit by 38-day DDoS attack. Gold, Steve (21 August 2014).SC Magazine UK. URL: https://web.archive.org/web/20170201181833/https:/www.scmagazineuk.com/video-games-company-hit-by-38-day-ddos-attack/article/541275

38-Day Long DDoS Siege Amounts to Over 50 Petabits in Bad Traffic. URL: https://news.softpedia.com/news/38-Day-Long-DDoS-Siege-Amounts-to-Over-50-Petabits-in-Bad-Traffic-455722.shtml

Slow Read DDoS Attacks. URL: https://www.netscout.com/what-is-ddos/slow-read-attacks

Slow Post Attacks. URL: https://www.netscout.com/what-is-ddos/slow-post-attacks

TTL Expiry Attack Identification and Mitigation. URL: https://sec.cloudapps.cisco.com/security/center/resources/ttl_expiry_attack.html

UDP-Based Amplification Attacks. URL: https://www.cisa.gov/news-events/alerts/2014/01/17/udp-based-amplification-attacks

What Is a CC Attack? URL: https://support.huaweicloud.com/en-us/antiddos_faq/antiddos_01_0020.html

The method of defence CC attack, Apparatus and system. URL: https://patents.google.com/patent/CN106161451A/en

CC (Challenge Collapsar) attack protection method and device. URL: https://patents.google.com/patent/CN106330911A/en

Voice over IP. URL: https://www.cse.wustl.edu/~jain/cis788-99/h_8voip.htm

Voice over IP: Protocols and Standards, Rakesh Arora. URL: https://www.cse.wustl.edu/~jain/cis788-99/ftp/voip_protocols

[Review] MyDoom Virus: The Most Destructive & Fastest Email Worm. URL: https://www.minitool.com/backup-tips/mydoom-virus.html?amp

Geoffrey Cheng. Analysis on DDOS tool Stacheldraht v1.666. URL: https://www.giac.org/paper/gcih/229/analysis-ddos-tool-stacheldraht-v1666/102150

Fork bomb. URL: http://catb.org/~esr/jargon/html/F/fork-bomb.html

The Jargon File, Version 4.2.2, 20 Aug 2000. Editor: Eric S. Raymond, Guy L. Steele . URL: https://www.gutenberg.org/cache/epub/3008/pg3008-images.html

Slowloris DDoS attack. URL: https://www.cloudflare.com/learning/ddos/ddos-attack-tools/slowloris

Slowloris attack. URL: https://www.invicti.com/learn/slowloris-attack

Degradation of Service Attack. By Editorial Staff. URL: https://www.devx.com/terms/degradation-of-service-attack/#:~:text=A%20Degradation%20of%20Service%20Attack%20is%20a%20type%20of%20cyber,to%20access%20for%20legitimate%20users

Constantinos Kolias, Georgios Kambourakis, Angelos Stavrou, Jeffrey Voas. DDoS in the IoT: Mirai and Other Botnets. Computer, 2017, Vol. 50 (7), 80–84. https://doi.org/10.1109/MC.2017.201

LAND Attacks. URL: https://www.imperva.com/learn/ddos/land-attacks/#:~:text=A%20LAND%20Attack%20is%20a,processed%20by%20the%20TCP%20stack

Understanding LAND Attacks: Risks and Mitigation . URL: https://www.indusface.com/learning/land-attacks

Tfreak. URL: https://hackepedia.org/?title=Tfreak

What is a Smurf DDoS attack? By Martin Pramatarov. URL: https://www.cloudns.net/blog/what-is-smurf-ddos-attack

Permanent Denial-of-Service Attack Sabotages Hardware. By Kelly Jackson Higgins. URL: https://web.archive.org/web/20081208002732/http:/www.darkreading.com/security/management/showArticle.jhtml?articleID=211201088

“BrickerBot” Results In Permanent Denial-of-Service. URL: https://www.radware.com/security/ddos-threats-attacks/brickerbot-pdos-permanent-denial-of-service

Prolexic Distributed Denial of Service Attack Alert. URL: https://web.archive.org/web/20070803175513/http:/www.prolexic.com/news/20070514-alert.php

Peer-to-peer networks co-opted for DOS attacks. Robert Lemos. URL: https://www.theregister.com/2007/05/30/p2p_dos_attacks

Denying distributed attacks. Fredrik Ullner . URL: https://dcpp.wordpress.com/2007/05/22/denying-distributed-attacks

SACK Panic and Other TCP Denial of Service Issues. URL: https://web.archive.org/web/20190619100453/https:/wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SACKPanic

CVE-2019-11479. URL: https://web.archive.org/web/20190621224631/https:/cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11479

Yu Chen, Kai Hwang and Yu-Kwong Kwok, "Filtering of shrew DDoS attacks in frequency domain," The IEEE Conference on Local Computer Networks 30th Anniversary (LCN'05)l, Sydney, NSW, Australia, 2005, 8–793. https://doi.org/10.1109/LCN.2005.70

Vinicius de Miranda Rios, Pedro R M Inacio, Damien Magoni, Mario M Freire. Detection and Mitigation of Low-Rate Denial-of-Service Attacks: A Survey. IEEE Access, 2022, Vol. 10, 76648–76668. https://doi.org/10.1109/ACCESS.2022.3191430

Kuzmanovic, Aleksandar, Knightly, Edward W. Low-rate TCP-targeted denial of service attacks: the shrew vs. the mice and elephants. ACM. Conference on Applications, technologies, architectures, and protocols for computer communications SIGCOMM’03, August 25–29, 2003, Karlsruhe, Germany, 75–86. https://doi.org/10.1145/863955.863966

CERT Advisory CA-1997-28 IP Denial-of-Service Attacks. URL: https://vuls.cert.org/confluence/display/historical/CERT+Advisory+CA-1997-28+IP+Denial-of-Service+Attacks

UPnP Forum. UPnP Specifications Named International Standard for Device Interoperability for IP-based Network Devices. URL: https://web.archive.org/web/20140401035712/http://upnp.org/news/documents/UPnPForum_02052009.pdf

New DDoS Attack Method Demands a Fresh Approach to Amplification Assault Mitigation by Avishay Zawoznik, Johnathan Azaria, Igal Zeifman. URL: https://www.imperva.com/blog/archive/new-ddos-attack-method-demands-a-fresh-approach-to-amplification-assault-mitigation

Stupidly Simple DDoS Protocol (SSDP) generates 100 Gbps DDoS. By Marek Majkowski. URL: https://blog.cloudflare.com/ssdp-100gbps

How does a SSDP Attack work? URL: https://www.cloudflare.com/learning/ddos/ssdp-ddos-attack

Stress-Testing the Booter Services, Financially. URL: https://krebsonsecurity.com/2015/08/stress-testing-the-booter-services-financially/

ARP Cache Poisoning (Gibson Research Corporation). URL: https://www.grc.com/nat/arp.htm

David C. Plummer. An Ethernet Address Resolution Protocol – or – Converting Network Protocol Addresses to 48.bit Ethernet Address for Transmission on Ethernet Hardware. URL: https://datatracker.ietf.org/doc/html/rfc826

ARP Vulnerabilities: The Complete Documentation. URL: https://web.archive.org/web/20110305160956/http:/www.l0t3k.org/security/tools/arp/

APE – The ARP Poisoning Engine. URL: https://web.archive.org/web/20120709235815/http:/www.megapanzer.com/2012/04/11/ape-the-arp-poisoning-engine/

Windows 10 ARP Spoofing with Ettercap and Wireshark. URL: https://cybr.com/cybersecurity-fundamentals-archives/windows-10-arp-spoofing-with-ettercap-and-wireshark/

Richard Dezso. How to Perform an ARP Poisoning Attack. May 13, 2024. URL: https://www.stationx.net/how-to-perform-an-arp-poisoning-attack/

Fact Sheet: Machine-in-the-Middle Attacks . URL: https://www.internetsociety.org/resources/doc/2020/fact-sheet-machine-in-the-middle-attacks/

SQL Injection. URL: https://learn.microsoft.com/en-us/previous-versions/sql/sql-server-2008-r2/ms161953(v=sql.105)?redirectedfrom=MSDN

Michael Kerner. How Was SQL Injection Discovered? URL: https://www.esecurityplanet.com/networks/how-was-sql-injection-discovered/

OWASP. Blind SQL Injection . URL: https://owasp.org/www-community/attacks/Blind_SQL_Injection

Kirsten S. OWASP. Cross Site Scripting (XSS). URL: https://owasp.org/www-community/attacks/xss/

Happy 10th birthday Cross-Site Scripting! URL: https://learn.microsoft.com/en-ca/archive/blogs/dross/happy-10th-birthday-cross-site-scripting

2000 CERT Advisories. URL: https://insights.sei.cmu.edu/documents/507/2000_019_001_496188.pdf

Leyden John. Facebook poked by XSS flaw. URL: https://www.theregister.com/2008/05/23/facebook_xss_flaw/

Cross Site Scripting. URL: http://projects.webappsec.org/w/page/13246920/Cross%20Site%20Scripting

XSS Attack Examples (Cross-Site Scripting Attacks) by Lakshmanan Ganapathy on February 16, 2012. URL: https://www.thegeekstuff.com/2012/02/xss-attack-examples/

What is Mutation XSS (mXSS)? URL:

https://kpmg.co.il/technologyconsulting/blog/what-is-mutation-xss-mxss

Types of XSS. URL: https://owasp.org/www-community/Types_of_Cross-Site_Scripting

Symantec Internet Security Threat Report Trends for July–December 06 Vol. 11, 2007. URL: https://docs.broadcom.com/doc/istr-07-march-en