preview

A Report On The Attack Automation Strategy

Decent Essays
http://www.eecis.udel.edu/~sunshine/publications/ccr.pdf
1a) An DDoS(Distributed Denial of Service) Attack consists of several phases – firstly the attacker recruits multiple agent machines which will be later on infected with the attack code and further exploited. The infected machines can be used to further recruit new agents. We can outline those phases as Recruit, Exploit, Infect and Use.

ATTACK AUTOMATION STRATEGY
The attack automation strategy stands for how much of the DDoS attack does an attacker want to make automatic and how much to leave for manual control. The strategy depends on the degree of automation of the phases of the attack. There are three general automation degrees - Manual, Automated and Semi-Automated- which are explained as follows:

o Manual
In that case, the hacker manually recruits machines by scanning remote ones for vulnerabilities, breaks their security mechanisms, installs the prepared attack code and then directs the attack. This type of a DDoS Attack has become really outdated since lately all the recruitment phase has been automated.
Weak design consideration in terms of functionality and productivity.

o Semi-Automated
In the Semi-Automated DDoS attacks the DDoS “network” is made of a handler and an agent machine. There is automation present for the Recruit, Exploit and Infect phases. Through the communication between the handler and the agent, the attacker specifies the attack type, the onset, the duration and the victims ID. The
Get Access