Expanded Definition of Distributed Denial of Service

TO: Prof. Ellis

FROM: Alex Cheung

DATE: Oct. 27, 2021

SUBJECT: Expanded Definition of Distributed Denial of Service Attacks, First Half, Rough Draft

Introduction

The purpose of this document is to better our understanding and knowledge about the term Denial of Service Attacks. We will be discussing the history, context, and the different types of Denial of Service Attacks. Denial of Service Attacks is a very known term amongst network security professionals and black hat hackers. 

Definitions

According to the Oxford English Dictionary, the term Distributed Denial of Service means “Computing a form of denial of service in which a web server or other computer system is maliciously overwhelmed by spurious requests from many computers in different locations on the internet, in order to make it inaccessible or unusable” [1]. This definition does a great job of explaining what a Distributed Denial of Service Attack is but, it does not mention how it utilizes malware to add infected computers to its botnet. According to the Britannica Academic, the term Denial of Service means “type of cybercrime in which an Internet site is made unavailable, typically by using multiple computers to repeatedly make requests that tie up the site and prevent it from responding to requests from legitimate users” [2]. Britannica Academic also says that “Distributed DoS (DDoS) attacks are a special kind of hacking. A criminal salts an array of computers with computer programs that can be triggered by an external computer user. These programs are known as Trojan horses since they enter the unknowing users’ computers as something benign, such as a photo or document attached to an e-mail” [2]. Both of these definitions from Britannica Academic do a great job of explaining the definition of a Distributed Denial of Service. It explains clearly that a malware known as a trojan is required to infect other computers and can then be controlled by an external computer and is used for criminal activities.

Context

For anyone who isn’t familiar with network security or other related fields, the term Denial of Service might just mean refusing to serve someone. But to someone who is in the said related fields, Denial of Service is a cybercrime that aims to disrupt service that lives on the internet, like websites, servers, and others. The earliest use of the term Disrupted Denial of Service according to the Oxford English Dictionary is in 1998 in a report about a DDoS attack against NIS / NIS+ based networks [1]. The term Distributed Denial of Service really only has one meaning.

In a New York Times article titled “Hackers Used New Weapons to Disrupt Major Websites Across U.S.”, author Nicole Perlroth talks about how disruptive a DDoS attack can be by citing Dr. Simons: “A DDoS attack could certainly impact these votes and make a big difference in swing states” [3]. The use of the term Disrupted Denial of Service here refers to how harmful DDoS attacks can be to critical processes like the U.S. presidential election if votes were transferred through the internet. A Distributed Denial of Service attack can take down many essential systems that are needed by many people and businesses like Amazon Web Services which hosts many of the websites used by people and businesses for day to day operations and it would be catastrophic if those services were taken down by an attack.

In an article by Imperva, a cyber security software and services company, titled “DDoS Attacks”, talks about DDoS attacks, how an attack can flood a service with malicious traffic, and the types of DDoS attacks. In the article it says “DDoS attacks are quickly becoming the most prevalent type of cyber threat, growing rapidly in the past year in both number and volume according to recent market research” [4]. The use of the term Disrupted Denial of Service here refers to the many different types of DDoS attacks used to take down a site or service. Some of the different DDoS attack types mentioned are: UDP Flood, ICMP Flood, SYN Flood, Ping of Death, Slowloris, NTP Amplification, HTTP Flood, and Zero-day. Each type of attack uses a different method to reach the goal of denying service. For example, a UDP Flood floods a victim server’s ports with UDP packets which uses up all the server’s resources which can slow down the server or even cause it to eventually become unreachable by others.

DDoS attacks are a huge problem in today’s internet. Almost anyone can perform a DDoS attack because of online “booter” services which allow users to pay a subscription to access their botnet to perform the malicious attacks on their unsuspecting victims. This is why many companies spend thousands or even millions of dollars trying to mitigate these attacks to keep their vital services online for their consumers.

Working Definition

Based on the definitions and word history discussed, I would define the term Distributed Denial of Service as: A cybercrime that aims to disrupt internet services like websites and servers by utilizing computers (victims) infected with a trojan which allows the black hat hacker to control the victim’s computer and be used for a massive Denial of Service Attack to take down or disrupt services. 

References

[1] “distributed denial of service, n.”. OED Online. September 2021. Oxford University Press. https://www-oed-com.citytech.ezproxy.cuny.edu/view/Entry/55777#eid233469643 (accessed October 08, 2021).

[2] “Denial of service attack (DoS attack).” Britannica Academic, Encyclopædia Britannica, 2 Feb. 2018. https://academic-eb-com.citytech.ezproxy.cuny.edu/levels/collegiate/article/denial-of-service-attack/471037. Accessed 8 Oct. 2021.

[3] N. Perlroth, “Hackers used new weapons to disrupt major websites across U.S.,” The New York Times, 21-Oct-2016. [Online]. Available: https://www.nytimes.com/2016/10/22/business/internet-problems-attack.html. [Accessed: 18-Oct-2021].

[4] “DDoS attack types & mitigation methods: Imperva,” Imperva, 14-Feb-2021. [Online]. Available: https://www.imperva.com/learn/ddos/ddos-attacks/. [Accessed: 31-Oct-2021].

500-word summary on Persistent URLs and Citations

TO: Prof. Ellis

FROM: Alex Cheung

DATE: Oct. 6, 2021

SUBJECT: 500-Word Summary of Article About Persistent URLs and Citations

Persistent URLs and Citations are one of the most important elements of an article, scholarly paper, or any academic writing. These persistent URLs provide a link to a full-text article that will never change thus always linking to the article that is a part of a database or journal. Without them, it might be hard to find that specific full-text article later down the road and. Nicholas Homenda believes that persistent URLs and citations are a necessity as evident by his thought, “As libraries, archives, and museums make unique digital collections openly available via digital library platforms, they expose these resources to users who may wish to cite them” [1, p. 1].

There are four main methods used for persistent URLs that include: Handle, DOI, ARK, and PURL. As libraries, archives, and museums move more of their collections to digital mediums, having a persistent URL to access these materials are essential to find the said material which is part of certain collections [1, p. 1]. Most of these persistent URL services have been around since the 1990s to the early 2000s [1, p. 2]. Each site uses their own version of persistent URLs thus resulting in many different types of links. This calls for more standards for persistent URLs.

There is a term called “link rot” which means that overtime the link will eventually not point to the page or file that it was meant to point to. There have been several studies done on link rot by tracking the availability of the resource over time [1, p. 3]. In recent works by Koster, he mentions that the persistent URL method that appears the most often in literature is the Digital Object Identifier (DOI) [1, p. 4]. 

For over 20 years, persistent URLs have been providing persistent links to digital objects allowing users worldwide to access the content [1, p. 4]. Persistent URLs are even used to create permanent links to government information. This was an early effort by the Cendi Persistent Identification Task Group to implement the Federal Enterprise Architecture (FEA) and a theoretical Federal Persistent Identification Resolver [1, p. 4].

All persistent links should ideally be accessible via URLs that will outlast the information that it is linking to unless that link is subjected to “link rot” [1, p. 4]. In one investigation into “link rot” on information from Medline abstracts from the years 1994-2006, shows that about 20% of the links were dead in 2008. The topic of “link rot” has been discussed as early as 2003 in a book by Markwell and Brooke named ““Broken Links: Just How Rapidly Do Science Education Hyperlinks Go Extinct”, which is cited by many link rot studies but it looks like this too has suffered from link rot in works that cited this book [1, p.4]. 

In a recent study, they tried to locate digital collections that met the following criteria:

  1. Openly available
  2. Part of a repository service
  3. Gathered as part of a site or service that contains multiple collections
  4. Unique to an institution but not duplicated or licensed content

With these criteria in place, it helps to find unique and publicly available digital collections [1, p. 5]. The study found that the DLF institution had 171 out of 197 member institutions that had accessible digital collections, while only 153 out of the 171 met the criteria for this study [1, p. 6]. 

Reference

[1] Homenda, N. (2021) ‘Persistent URLs and Citations Offered for Digital Objects by Digital Libraries’, Information Technology & Libraries, 40(2), pp. 1–12. doi: 10.6017/ital.v40i2.12987.