Memcached: An Experimental Study of DDoS Attacks for the Wellbeing of IoT Applications

Distributed denial-of-service (DDoS) attacks are significant threats to the cyber world because of their potential to quickly bring down victims. Memcached vulnerabilities have been targeted by attackers using DDoS amplification attacks. GitHub and Arbor Networks were the victims of Memcached DDoS a...

Descripción completa

Detalles Bibliográficos
Autores principales: Mishra, Nivedita, Pandya, Sharnil, Patel, Chirag, Cholli, Nagaraj, Modi, Kirit, Shah, Pooja, Chopade, Madhuri, Patel, Sudha, Kotecha, Ketan
Formato: Online Artículo Texto
Lenguaje:English
Publicado: MDPI 2021
Materias:
Article
Acceso en línea:https://www.ncbi.nlm.nih.gov/pmc/articles/PMC8659833/
https://www.ncbi.nlm.nih.gov/pubmed/34884075
http://dx.doi.org/10.3390/s21238071
_version_ 1784613058585296896
author Mishra, Nivedita
Pandya, Sharnil
Patel, Chirag
Cholli, Nagaraj
Modi, Kirit
Shah, Pooja
Chopade, Madhuri
Patel, Sudha
Kotecha, Ketan
author_facet Mishra, Nivedita
Pandya, Sharnil
Patel, Chirag
Cholli, Nagaraj
Modi, Kirit
Shah, Pooja
Chopade, Madhuri
Patel, Sudha
Kotecha, Ketan
author_sort Mishra, Nivedita
collection PubMed
description Distributed denial-of-service (DDoS) attacks are significant threats to the cyber world because of their potential to quickly bring down victims. Memcached vulnerabilities have been targeted by attackers using DDoS amplification attacks. GitHub and Arbor Networks were the victims of Memcached DDoS attacks with 1.3 Tbps and 1.8 Tbps attack strengths, respectively. The bandwidth amplification factor of nearly 50,000 makes Memcached the deadliest DDoS attack vector to date. In recent times, fellow researchers have made specific efforts to analyze and evaluate Memcached vulnerabilities; however, the solutions provided for security are based on best practices by users and service providers. This study is the first attempt at modifying the architecture of Memcached servers in the context of improving security against DDoS attacks. This study discusses the Memcached protocol, the vulnerabilities associated with it, the future challenges for different IoT applications associated with caches, and the solutions for detecting Memcached DDoS attacks. The proposed solution is a novel identification-pattern mechanism using a threshold scheme for detecting volume-based DDoS attacks. In the undertaken study, the solution acts as a pre-emptive measure for detecting DDoS attacks while maintaining low latency and high throughput.
format Online
Article
Text
id pubmed-8659833
institution National Center for Biotechnology Information
language English
publishDate 2021
publisher MDPI
record_format MEDLINE/PubMed
spelling pubmed-86598332021-12-10 Memcached: An Experimental Study of DDoS Attacks for the Wellbeing of IoT Applications Mishra, Nivedita Pandya, Sharnil Patel, Chirag Cholli, Nagaraj Modi, Kirit Shah, Pooja Chopade, Madhuri Patel, Sudha Kotecha, Ketan Sensors (Basel) Article Distributed denial-of-service (DDoS) attacks are significant threats to the cyber world because of their potential to quickly bring down victims. Memcached vulnerabilities have been targeted by attackers using DDoS amplification attacks. GitHub and Arbor Networks were the victims of Memcached DDoS attacks with 1.3 Tbps and 1.8 Tbps attack strengths, respectively. The bandwidth amplification factor of nearly 50,000 makes Memcached the deadliest DDoS attack vector to date. In recent times, fellow researchers have made specific efforts to analyze and evaluate Memcached vulnerabilities; however, the solutions provided for security are based on best practices by users and service providers. This study is the first attempt at modifying the architecture of Memcached servers in the context of improving security against DDoS attacks. This study discusses the Memcached protocol, the vulnerabilities associated with it, the future challenges for different IoT applications associated with caches, and the solutions for detecting Memcached DDoS attacks. The proposed solution is a novel identification-pattern mechanism using a threshold scheme for detecting volume-based DDoS attacks. In the undertaken study, the solution acts as a pre-emptive measure for detecting DDoS attacks while maintaining low latency and high throughput. MDPI 2021-12-02 /pmc/articles/PMC8659833/ /pubmed/34884075 http://dx.doi.org/10.3390/s21238071 Text en © 2021 by the authors. https://creativecommons.org/licenses/by/4.0/Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
spellingShingle Article
Mishra, Nivedita
Pandya, Sharnil
Patel, Chirag
Cholli, Nagaraj
Modi, Kirit
Shah, Pooja
Chopade, Madhuri
Patel, Sudha
Kotecha, Ketan
Memcached: An Experimental Study of DDoS Attacks for the Wellbeing of IoT Applications
title Memcached: An Experimental Study of DDoS Attacks for the Wellbeing of IoT Applications
title_full Memcached: An Experimental Study of DDoS Attacks for the Wellbeing of IoT Applications
title_fullStr Memcached: An Experimental Study of DDoS Attacks for the Wellbeing of IoT Applications
title_full_unstemmed Memcached: An Experimental Study of DDoS Attacks for the Wellbeing of IoT Applications
title_short Memcached: An Experimental Study of DDoS Attacks for the Wellbeing of IoT Applications
title_sort memcached: an experimental study of ddos attacks for the wellbeing of iot applications
topic Article
url https://www.ncbi.nlm.nih.gov/pmc/articles/PMC8659833/
https://www.ncbi.nlm.nih.gov/pubmed/34884075
http://dx.doi.org/10.3390/s21238071
work_keys_str_mv AT mishranivedita memcachedanexperimentalstudyofddosattacksforthewellbeingofiotapplications
AT pandyasharnil memcachedanexperimentalstudyofddosattacksforthewellbeingofiotapplications
AT patelchirag memcachedanexperimentalstudyofddosattacksforthewellbeingofiotapplications
AT chollinagaraj memcachedanexperimentalstudyofddosattacksforthewellbeingofiotapplications
AT modikirit memcachedanexperimentalstudyofddosattacksforthewellbeingofiotapplications
AT shahpooja memcachedanexperimentalstudyofddosattacksforthewellbeingofiotapplications
AT chopademadhuri memcachedanexperimentalstudyofddosattacksforthewellbeingofiotapplications
AT patelsudha memcachedanexperimentalstudyofddosattacksforthewellbeingofiotapplications
AT kotechaketan memcachedanexperimentalstudyofddosattacksforthewellbeingofiotapplications

Ejemplares similares