EXPLOITING BUFFER OVERFLOWS FOR AMPLIFIED DDOS
International Journal of Computer Science (IJCS) Published by SK Research Group of Companies (SKRGC)
Download this PDF format
Abstract
Buffer overflows and Distributed Denial of Service (DDoS) attacks are independently among the most potent forms of cyber threats. When combined, they represent a powerful convergence capable of crippling modern networks and systems. This research paper explores in-depth how buffer overflow vulnerabilities can be leveraged to amplify DDoS attacks. The paper begins with a technical background of buffer overflows and DDoS attack types. It continues with an analysis of how exploitation of these vulnerabilities enhances the scope and scale of distributed attacks. Real-world examples, attack modelling, and defense strategies are examined to illustrate and mitigate this cyber threat. Diagrams, tables, and charts support the discussion and underscore the practical impacts.
References
1. Aleph One. "Smashing the Stack for Fun and Profit." Phrack Magazine, 1996.
2. Rossow, C. "Amplification Hell: Revisiting Network Protocols for DDoS Abuse." NDSS, 2014.
3. Kolias, C., Kambourakis, G., Stavrou, A., Gritzalis, S. "DDoS in the IoT: Mirai and Other Botnets." Computer, IEEE, 2017.
4. OWASP Foundation. "Buffer Overflow." https://owasp.org/www- community/vulnerabilities/Buffer_Overflow
5. Scarfone, K., Mell, P. "Guide to Intrusion Detection and Prevention Systems (IDPS)." NIST, 2007.
6. Paxson, V. "An Analysis of Using Reflectors for Distributed Denial-of-Service Attacks." ACM SIGCOMM, 2001.
7. Vadivel Murugan.P, M.Alagarsamy,IJCTT - Averting Buffer Overflow Attack in Networking OS using – BOAT Controller., Volume-4 Issue-7, https://www.ijcttjournal.org/archives/ijctt-v4i7p173
8. Zetter, K. "Everything We Know About the Massive Attack That Knocked Out the Internet." Wired, 2016.
9. Aleph One, “Smashing the stack for fun and profit,” Phrack Magazine, Vol. 7, 1996, http://www.phrack.org/issues.html? issue=49&id=14.,
10. C. Cowan, C. Pu, D. Maier, J. Walpole, P. Bakke, S. Beattie, A. Grier, P. Wagle, Q. Zhang, and H. Hinton. Stack- Guard: Automatic adaptive detection and prevention of buffer-overflow attacks. In Proceedings of the 7th USENIX Security Conference, pages 63-78, San Antonio, Texas, January 1998.
11. Crispin Cowan, Posting to Bugtraq Mailing List, http://geek- girl.com/bugtraq/1999_1/0481.html
12. CERT. CERT/CC statistics. http://www.cert.org/stats/cert stats.html, Feb. 2005.
13. C. Cowan. Software security for open-source systems. IEEE Security & Privacy, 1(1):38–45, 2003.
14. D. Larochelle and D. Evans. Statically detecting likely buffer overflow vulnerabilities. In Proceedings of the 2001 USENIX Security Symposium, Washington DC, USA, August 2001.
15. E. Rescorla. Is finding security holes a good idea? IEEE Security & Privacy, 3(1):14– 19, 2005.
Keywords
Buffer Overflow, DDoS Amplification, Stack-based Overflow, Heap Overflow Remote Code Execution, Network Attacks, Reflective DDoS, Amplification Attack Intrusion Prevention, Network Security
