Application-Based Bandwidth attacks
A good strategy for executing Denial of Service attack is to intrigue the target to run resource consuming operations for example a Web site engage itself to resource consuming operations like searches in response to a single request. Application-based bandwidth attacks attempt to take advantage of the disproportionally large resource consumption at a server.
Voice over IP (VoIP) is widely deployed over the internet. The standard protocol used for call setup in Voice over IP is the (SIP) Standard Initiation Protocol. It has the same syntax as used for HTTP. Two types of messages: request and response used in this protocol. In the fig there is a simple illustration of operation of the SIP invite message, used to establish a media session between user agents. In this case, Alice’s user agent runs on a computer, and Bob’s user agent runs on a cell phone. Alice’s user agent is configured to communicate with a proxy server (the outbound server) in its domain and begins by sending an INVITE SIP request to the proxy server that indicates its desire to invite Bob’s user agent into a session. The proxy server uses a DNS server to get the address of Bob’s proxy server, and then forwards the INVITE request to that server.
A SIP flood attack exploits the fact that a single INVITE requests triggers considerable resource consumption. The attacker can flood a SIP proxy with numerous INVITE requests with spoofed IP addresses. The attack puts load on SIP proxy server by consuming the network capacity.
HTTP Flood is also refers to Application-Based DDoS attack in which attacker bombard web server with HTTP requests. Typically it is a DDoS attacks in which HTTP requests coming from different Botnets. The purpose of this attack is to consume considerable resources. For example, an HTTP request to download a large file from the target causes the Web server to read the file from hard disk, store it in memory, convert it into a packet stream, and then transmit the packets. This process consumes memory, processing, and transmission resources.
No comments:
Post a Comment