Internet - Tracing the Source of Denial of Service Attacks :: Exploratory Essays Research Papers

Tracing the Source of Denial of Service Attacks      Ã‚  Ã‚  Ã‚   Abstract:   Denial of service attacks are becoming increasingly prevalent and serious, yet the anonymity that these attacks affords the hacker provides no means for a victim to trace the attack.   The weakness of the TCP/IP protocol allows for this anonymity, yet it would be very difficult to change this protocol.   Savage, Wetherall, Karlin, and Anderson present a method for tracing back the source IP address and network path of denial of service attacks.    As the internet becomes increasingly vital to the everyday life of millions of people around the world, it also becomes increasingly vulnerable to hackers.   Through forcing servers or web sites to shut down, hackers have the ability to affect almost every aspect of modern society; finances, safety, education, and many others.   One common method used by hackers to maliciously affect these servers is the denial of service attack.   Savage, Wetherall, Karlin, and Anderson define a denial of service attacks as those that "consume the resources of a remote host or network, thereby denying or degrading service to legitimate users.   Such attacks are among the hardest security problems to address because they are simple to implement, difficult to prevent, and very difficult to trace."1   Denial of service attacks, and the means for servers to deal with and trace such attacks, present numerous ethical issues.    The Computer Emergency Response Team, CERT, is a group based at Carnegie Mellon University.   CERT describes their goal as "[to] study Internet security vulnerabilities, provide incident response services to sites that have been the victims of attack, publish a variety of security alerts, do research in wide-area-networked computing, and develop information and training to help you improve security at your site." 2   This simple description presents an ethical dilemma;   should this team publish information about new vulnerabilities that will provide hackers with the sources from which to create new DOS attacks?   As new software packages are developed at an increasing rate, there will inevitably be more bugs that will provide vulnerabilities to DOS attacks.   If hackers have equal access to information about these vulnerabilities as do system administrators, can the system administrators "keep up" with the hackers?    A fairly simple observation seems to answers this question.   In modern society, it is increasingly difficult to keep secrets.   For example, a few years ago, Intel encountered a bug in the Pentium chip, but did not release information about this bug.