Lecture 8: 9th October 2019 Flashcards
Wang's research
What is a DOS attack?
A denial-of-service attack is an attempt to make the work done for or resources given to users of a company or entity on the Internet unavailable. They are generally executed by flooding or crashing services.
What is a DDoS attack?
A denial-of-service attack is an attempt to make the work done for or resources given to users of a company or entity on the Internet unavailable. They are generally executed by flooding or crashing services.
A distributed denial of service attack is a variant of a denial-of-service attack in which the attack is executed on a network of controlled hosts rather than on 1 machine.
What is a SYN flood?
An attack in which the attacker repeatedly sends a request to connect to a server, but never completes the full handshake process. Eventually all open ports are saturated with requests and none are available for legitimate users to connect to.
What is ICMP?
Internet Control Message Protocol (ICMP) is an error reporting and diagnostic utility which is used to detect the connectivity of transmissions. Therefore, ICMP is a tool that diagnoses the reason of transmission failures.
What is an ICMP flood?
An attack in which the attacker uses ICMP diagnostic messages to send massive packets to flood and overwhelm the target network by consuming as much of the target bandwidth as possible.
What is an HTTP flood?
An attack in which the attacker makes many seemingly legitimate HTTP GET or POST request packets to consume the resources of the target network or web servers. The GET requests are used to retrieve static contents, such as images. The POST requests are used to access dynamically generated resources. They are usually executed by botnets. The target’s bandwidth is drained until its system completely crashes.
What is an SQL injection?
Placing SQL statements into input elements on web pages to have them execute on the server side.
What is phishing?
The fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers
How can you mitigate phishing?
Usually with email address/domain blacklists and heuristics that detect fake emails.
How did Wang’s research use ML to protect against phishing?
extract the logo of the site led to from the email from its source code; perform OCR to find the name of the company or entity; find the legitimate domain for the company; compare that domain to the one in the email to see if legitimate.