Abstract
Denial of service (DoS) attacks recently pose great threat to cloud services since it can be able to cause serious damages to others virtual machines (VM) that are on the same physical server with the victim. This opens a new strategy of DoS attack, which is the attacker attempt to be co-resident with the victim server and execute a cross-VM DoS attack inside the cloud. Among DoS attack techniques, recent studies show that TCP retransmission can be abused for reflective amplification attacks. In a virtual environment, the virtual switch system itself can retransmit TCP packets and therefore it can be abused for amplification attack by an internal attacker. In this paper, we leverage the attack by using both virtual switch’s internal TCP retransmission feature and Man-in-the-middle attack model.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Somani, G., Gaur, M.S., Sanghi, D., Conti, M.: DDoS attacks in cloud computing: collateral damage to non-targets. Comput. Netw. 109, 157–171 (2016). http://www.sciencedirect.com/science/article/pii/S1389128616300901. Accessed 25 July 2017
Ristenpart, T., Tromer, E., Shacham, H., Savage, S.: Hey, You, get off of my cloud: exploring information leakage in third-party compute clouds. In: ACM Conference on Computer and Communications Security 2009 (CCS 2009), November 2009. https://cseweb.ucsd.edu/hovav/dist/cloudsec.pdf. Accessed 25 July 2017
Abramov, R., Herzberg, A.: TCP ack storm DoS attacks. In: Camenisch, J., Fischer-Hübner, S., Murayama, Y., Portmann, A., Rieder, C. (eds.) SEC 2011. IFIP AICT, vol. 354, pp. 29–40. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-21424-0_3. Accessed 25 July 2017
Kührer, M., Hupperich, T., Rossow, C., Holz, T.: Hell of a handshake: abusing TCP for reflective amplification DDoS attacks. In: 8th USENIX Workshop on Offensive Technologies (WOOT 14), August 2014. https://www.usenix.org/conference/woot14/workshop-program/presentation/kuhrer. Accessed 30 May 2017
Kührer, M., Hupperich, T., Rossow, C., Holz, T.: Exit from hell? Reducing the impact of amplification DDoS attacks. In: 23rd USENIX Security Symposium (USENIX Security 14), August 2014. https://www.usenix.org/node/184412. Accessed 30 May 2017
Rossow, C.: Amplification hell: revisiting network protocols for DDoS abuse. In: Symposium on Network and Distributed System Security (NDSS), February 2014. https://www.internetsociety.org/sites/default/files/01_5.pdf. Accessed 30 May 2017
IBM: Reviewing a year of serious data breaches, major attacks and new vulnerabilities, April 2016. https://www-01.ibm.com/common/ssi/cgi-bin/ssialias?htmlfid=SEP03394USEN. Access 30 May 2017
IETF: Transmission Control Protocol, DARPA Internet Program Protocol Specification RFC793 (1981). https://tools.ietf.org/html/rfc793. Accessed 30 May 2017
Wireshark: Network protocol analyzer, Wireshark v2.2.6. https://www.wireshark.org/
VMWare: Workstation for Windows, VMWare Workstation Pro 12. https://www.vmware.com/products/workstation.html
FSN: The economy is flat so why are financials Cloud vendors growing at more than 90 percent per annum? March 2013. http://www.fsn.co.uk/channel_outsourcing/. Accessed 30 May 2017
Acknowledgment
This work was supported by JSPS KAKENHI Grant Number 17K06455.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Nguyen, S.D., Mimura, M., Tanaka, H. (2017). Leveraging Man-in-the-middle DoS Attack with Internal TCP Retransmissions in Virtual Network. In: Shyamasundar, R., Singh, V., Vaidya, J. (eds) Information Systems Security. ICISS 2017. Lecture Notes in Computer Science(), vol 10717. Springer, Cham. https://doi.org/10.1007/978-3-319-72598-7_23
Download citation
DOI: https://doi.org/10.1007/978-3-319-72598-7_23
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-72597-0
Online ISBN: 978-3-319-72598-7
eBook Packages: Computer ScienceComputer Science (R0)