Exercises — Network security — DDoS, man-in-the-middle, replay attacks, countermeasures
4.3.31 · D4· Coding › Computer Networks › Network security — DDoS, man-in-the-middle, replay attacks,
Symbols jo milenge, pehle plain words mein:
- — server ke paas ek finite resource (memory slots, CPU cycles, bandwidth). Socho ek car park jisme fixed number of spaces hain. SYN flood ke liye specific hai half-open connections ka backlog, jo neeche se measure hota hai.
- — backlog size: kitne adhe-adhoore TCP connections server ek saath yaad rakh sakta hai (parking spaces jo abhi aa rahe cars ke liye reserved hain). Yahi concrete hai jo yahan har SYN-flood exercise mein use hota hai.
- — timeout: ek reserved slot kitni der tak hold hota hai jab tak server give up karke use free nahi kar deta.
- (lambda) — arrival rate: attack packets per second kitne arrive karte hain.
- — time-in-system: ek item system ke andar kitni der tak rehta hai jab tak bahar na nikle (SYN flood ke liye, yahi exactly hold time hai). Ise alag se sirf isliye name kiya hai kyunki general Little's Law ke saath likha jaata hai; yahan .
- — kisi bhi instant par occupied slots ki average number.
- — ek attack packet ki cost attacker vs server ke liye. Ek hi metric per problem choose karo aur consistent raho: amplification/reflection ke liye metric hai bytes on the wire (bandwidth); state-exhaustion (SYN flood) ke liye metric hai memory held × time. Ek single mein dono ko kabhi mix mat karo.
- — amplification factor (server ka dard attacker ki effort se kitna bada hai), jis bhi single metric ka problem use kare.
Level 1 — Recognition
L1.1 — Attack ka naam batao
Har scenario ke liye, attack ka naam batao (DDoS / MITM / Replay) aur broken assumption.
- (a) Ek attacker tumhara encrypted "pay ₹1000" message record karta hai aur exactly wohi bytes ek ghante baad bank ko bhejta hai.
- (b) 40,000 hijacked home routers ek hi second mein webpage request karte hain, aur site gir jaati hai.
- (c) Café Wi-Fi par, koi ARP replies forge karta hai taaki tumhara traffic router tak pahunchne se pehle unke laptop se guzre.
Recall Solution
- (a) Replay. Broken assumption: ek valid message sirf ek baar valid hota hai. Note karo ki attacker ne kuch bhi decrypt nahi kiya — genuine bytes, faked freshness.
- (b) DDoS (distributed). Broken assumption: server ke paas sabke liye enough resources hain. "Many machines" = distributed.
- (c) MITM (ARP spoofing ke zariye). Broken assumption: main seedha real party se baat kar raha hoon.
L1.2 — Fix ko match karo
Har fix ko us attack se match karo jise woh primarily defeat karta hai: SYN cookies · CA-signed certificate · nonce in the message.
Recall Solution
- SYN cookies → DDoS (specifically SYN floods: jab tak client prove nahi karta ki woh real hai, state allocate mat karo).
- CA-signed certificate → MITM (authentication: public key ko domain name se bind karo).
- Nonce → Replay (freshness: ek repeated nonce reject kar diya jaata hai).
Level 2 — Application
L2.1 — SYN-flood threshold
Ek server har half-open connection ko s ke liye hold karta hai aur uska backlog slots hai (yeh is attack ke liye concrete finite resource hai). (Little's Law) aur collapse condition use karke, minimum attack rate (SYNs/sec) nikalo jo queue fill kar de.
Recall Solution
KYA: hum chahte hain sabse chhota jo occupied slots ko ceiling tak pahuncha de. Little's Law kyun: Little's Law kehta hai kisi system ke andar items ki average number hai, jahan arrival rate hai aur har item ka time-inside hai (dono symbol list mein defined hain). Yahan ek "item" ek half-open connection hai, uski arrival rate SYN rate hai, aur uska time-inside exactly hold time hai, isliye . Substitute karne par milta hai . Yeh rate × time-inside se "system mein average kitni cheezein hain" answer karta hai — koi simulation nahi chahiye. Toh ~18 spoofed SYNs per second ki ek trickle already ek naive server ko jam kar deti hai. Woh tiny number exactly isliye hai kyun SYN floods dangerous hain — attacker ko barely paseena aata hai.
L2.2 — Amplification factor
Ek DNS query bytes hai; reply bytes hai. Yahan ke liye metric bytes on the wire (bandwidth) hai, memory nahi. (a) compute karo. (b) Agar attacker Mbit/s queries push kar sakta hai, victim par kitna reflected traffic aayega?
Recall Solution
(a) (ek pure bandwidth ratio — upar aur neeche same unit). (b) Reflected bandwidth . Kyun matter karta hai: victim attacker ke output ka dekhta hai, aur source IPs innocent resolvers ke hain — tum sirf attacker ko blocklist nahi kar sakte.
L2.3 — Timestamp freshness window
Ek server timestamp wala message tabhi accept karta hai jab ho, s ke saath. s par stamped ek message server par s par arrive karta hai. Accept ya reject? Kya hoga agar s par arrive kare?
Recall Solution
- par: → accept.
- par: → reject (message "bahut purana" hai, capture expire ho gaya hai). kyun exist karta hai: yeh ek trade-off dial hai — chhota replays faster block karta hai lekin clock skew/network delay mein toot jaata hai; bada lag tolerate karta hai lekin longer replay window chodta hai.
Level 3 — Analysis
L3.1 — SYN-flood formula kahan apply hona band kar deta hai?
Formula assume karta hai ki har arriving SYN puri timeout ke liye held hota hai. Teen real mechanisms naam batao jo yeh assumption break karte hain aur kaho har ek ko kis direction mein move karta hai aur kyun.
Recall Solution
- SYN cookies: server koi state hold nahi karta, isliye effectively (fill karne ke liye koi queue nahi) → . Direction: bina bound ke rise karta hai. Formula ab apply nahi hota; flood woh memory exhaust nahi kar sakta jo kabhi use hi nahi hui.
- Adaptive/short timeout (SYN-RECV recycling): server purani half-open entries early drop kar deta hai, isliye effective shrink hota hai. Kyunki hai, chhota raise karta hai — attacker ko queue full rakhne ke liye faster bhejna padega, kyunki har slot jaldi free ho jaata hai.
- Rate limiting (per source): treat it as an effective ceiling. Agar limiter sirf SYNs per source admit karta hai, toh ek single source ko queue collapse karne ke liye satisfy karna hoga — jo woh usually nahi kar sakta. Direction: per-source unchanged rehta hai, lekin koi ek source actually deliver kar sakta us se neeche cap hai, isliye akela attacker tak nahi pahunch sakta. Aggregate mein ab bhi hit karne ke liye attacker ko kam se kam distinct sources chahiye — aur spoofing/botnets exactly itne saare IPs supply karte hain, naive per-IP limits ko defeat karte hue. Yahi loophole figure s01 highlight karta hai (green floor = SYN-cookie fix jo entirely remove kar deta hai).
Figure s01 neeche padho: dashed gray line unbounded model hai; solid blue line reality hai, ke saath rise karti hai jab tak red ceiling se nahi takraati aur collapse nahi ho jaati. Orange marker /s par hai — exactly woh rate jahan blue line pehli baar ceiling touch karti hai. Green floor dikhata hai ki SYN cookies kya karte hain: hold karne ke liye koi state nahi hai, isliye occupancy line kabhi zero nahi chodti, toh kisi bhi par hit karne ke liye koi ceiling hi nahi hai.

L3.2 — Plain Diffie–Hellman MITM ko kyun fall karta hai
Alice aur Bob public wire par secret agree karne ke liye Diffie–Hellman (DH) run karte hain. Eve beech mein baith jaati hai. Step by step explain karo ki sirf wire read karne wala koi eavesdropper unhe kyun protect nahi karta, aur kaunsi ek property missing hai.
Recall Solution
Neeche use ki gayi notation (use se pehle defined):
- Ek shared secret woh single number hai jise do parties DH run ke baad dono jaanti hain; koi bhi jo sirf wire read kare us compute nahi kar sakta.
- Double-arrow padhte hain: " aur ne ek DH exchange complete kiya hai aur ab jointly secret hold karte hain." Yeh ek relationship label hai, equation nahi — arrow dono taraf point karta hai kyunki shared secret symmetric hai (dono sides same hold karti hain).
DH kya deta hai: har side wire par ek public value bhejti hai (Alice aur Bob ki DH public values), aur doosri side ki public value plus apna private number se woh shared secret compute karti hai. Ek eavesdropper jo sirf public values read kare woh secret derive nahi kar sakta. Toh passive listener ke against secrecy real hai. Phir bhi kyun fail hota hai: Eve active hai, passive nahi. Woh har public value intercept karti hai aur apni substitute kar deti hai, do alag DH exchanges run karti hai. Neeche, aur do resulting shared secrets hain (public values nahi): woh secret hai jo Alice aur Eve milkar compute karte hain, aur woh secret hai jo Bob aur Eve compute karte hain. Alice sochti hai Bob ke saath shared hai; Bob sochta hai Alice ke saath shared hai — lekin dono secrets actually Eve ke paas hain. Eve har message ko us side ki key se decrypt karti hai aur doosri se re-encrypt karti hai, invisibly relay karti hai. Missing property: authentication. DH kabhi nahi poochta "kya yeh public value really Bob ki hai?" Cure yeh hai ki DH public values ko sign karo (certificate key ko identity se bind karta hai) — exactly wahi jo TLS handshake Public Key Infrastructure & Certificates use karke karta hai.
Figure s02 neeche padho: do orange double-arrows do alag secrets (Alice⟷Eve) aur (Bob⟷Eve) hain jo Eve actually hold karti hai; dashed gray arrow neeche woh single direct channel hai jo Alice aur Bob believe karte hain unke paas hai. Orange reality aur gray belief ke beech ka visual gap hi missing authentication hai.

L3.3 — Nonce vs timestamp: failure mode choose karo
Ek payment API ko replays rokne chahiye. (a) Nonce + "seen" set ke saath, kaun sa resource bina bound ke grow karta hai, aur agar use clear kiya jaaye toh kya hota hai? (b) Timestamp window ke saath, do clocks ke baare mein kaun si silent assumption ko attacker exploit kar sakta hai?
Recall Solution
(a) Used nonces ka "seen" set hamesha ke liye grow karta hai (memory). Agar tum use memory save karne ke liye clear karo, toh ek previously-used nonce phir se acceptable ho jaata hai → purana replay kaam karta hai. Pure nonce = ek session ke andar perfect lekin unbounded state. (b) Timestamps assume karte hain ki client aur server ke clocks agree karte hain ( ke andar). Agar attacker server ka clock push kar sakta hai (e.g. NTP spoof karna) ya agar generous hai, toh ek captured message itna "fresh" rehta hai ki replay kiya ja sake. Timestamps memory bound karte hain (koi set nahi) lekin use clock-trust assumption ke liye trade karte hain. Best practice: dono combine karo — ek short timestamp window plus ek nonce set jise sirf current ke andar dekhe gaye nonces yaad rakhne chahiye, memory bounded rakhte hue.
Level 4 — Synthesis
L4.1 — Ek replay-proof, integrity-checked message design karo
Tumhe ek single message format design karna hai taaki server har request at most once accept kare aur kisi bhi tampering ko reject kare. Tumhare paas ek shared key aur ek MAC function hai. Message aur exact server-side accept rule likho, aur har field justify karo.
Recall Solution
Message: jahan
- = actual request ("transfer ₹1000 to Bob"),
- = ek fresh nonce (kabhi reuse nahi hota),
- = dono request aur nonce par ek tag.
Server accept rule — teeno hold hone chahiye:
- recomputed → proves integrity + authenticity (sirf ka holder ise bana sakta tha; untampered).
- → proves freshness (replay nahi).
- Accept par, ko SeenSet mein insert karo.
MAC bhi kyun cover karta hai: agar tag sirf par hota, toh Eve ek new swap kar sakti, par purana valid tag rakh sakti... lekin tag ab se match nahi karega — good. Iske ulta agar hum sirf MAC karte, woh rakh ke change kar sakti. Dono ko ek tag ke neeche bind karna freshness ko integrity se tie karta hai. Yeh Message Authentication Codes (MAC) & HMAC use karta hai.
L4.2 — L4.1 ko challenge–response mein convert karo (no client-side nonce)
Aise redesign karo ki server freshness value supply kare, client ki "seen set" burden remove karo. Exact 3-step message format aur accept rule do, aur sure karo ki request integrity-protected hai (optional nahi).
Recall Solution
Challenge–response (request bound in, mandatory):
- Server → Client: ek fresh random challenge . Kyun: unpredictable hai, isliye ek stored purana response useless hai; aur server freshness own karta hai, isliye koi unbounded client set nahi chahiye — naturally per session single-use hai.
- Client → Server: pair . Kyun: tag dono fresh challenge aur request cover karta hai, isliye client prove karta hai ki woh jaanta hai abhi, is ke liye, aur tag tod ke tamper nahi kiya ja sakta. ( bind karna required hai, optional nahi — warna ek attacker jo valid dekh chuka hai koi bhi request usse attach kar sakta.)
- Server: recompute karo us se jo usne abhi issue kiya tha; accept karo iff yeh match karta hai aur still outstanding hai, phir discard karo. Agla session ek naya issue karta hai → kal ki reply verify nahi kar sakti.
L4.1 se trade-off: ek extra round-trip lagta hai, lekin server ko sirf currently outstanding challenges yaad rakhne hain, na ki har nonce jo kabhi dekha gaya ho.
Level 5 — Mastery
L5.1 — Full attack-chain defense
Ek online bank ko ek saath teen problems hit kar rahi hain: (1) spoofed IPs se SYN floods, (2) café-Wi-Fi users ko MITM ho raha hai, (3) captured "transfer" requests replay ho rahe hain. Har ek ke liye ek primary countermeasure assign karo aur woh broken assumption batao jo har ek restore karta hai.
Recall Solution
| Problem | Primary fix | Restored assumption |
|---|---|---|
| (1) SYN flood | SYN cookies + [[Firewalls, NAT & Ingress Filtering (BCP 38) | ingress filtering]] |
| (2) MITM on Wi-Fi | TLS with CA-signed certificate (+ HSTS) | tum real bank se baat kar rahe ho (authentication) |
| (3) Replay of transfers | nonce + MAC (ya challenge–response) | ek valid message ek baar valid hai (freshness) |
| Har fix parent note ke teen pillars mein se exactly ek se map karta hai: rate/resource limits, authentication, freshness. |
L5.2 — Prove karo ki ek mitigation actually asymmetry remove karta hai
Recall karo . Cookies ke bina SYN flood mein = ek 60-byte SYN hai aur = s ke liye held ek memory slot → huge . ke terms mein explain karo ki SYN cookies attack ko kyun neutralize karte hain, aur proof-of-work / CAPTCHA application-layer flood ko kyun neutralize karta hai.
Recall Solution
Ek metric dhyan mein rakho: effort per request. ek request ke liye server ki effort ka attacker ki effort se ratio hai; attacker sirf tab jeetta hai jab . SYN cookies lower karke ≈ drive karte hain: server connection state initial sequence number ke andar encode karta hai jo woh wapas bhejta hai, kuch bhi store nahi karta. Toh ek spoofed SYN ab server ko ek cheap SYN-ACK computation aur koi held memory nahi — "30 s of RAM" se collapse hokar "ek hash" ho jaati hai. ab jitni chhoti hone par, milta hai: attacker ko ab leverage nahi milta; server ko hurt karne ke liye use utna spend karna padega jitna server karta hai, jo ek botnet ke liye ab profitable nahi raha. Proof-of-work / CAPTCHA raise karke drive karte hain: woh client ko CPU burn karne (hash puzzle solve karo, PoW) ya human time (CAPTCHA padho) force karte hain server ka expensive kaam karne se pehle. Ab balloon hoti hai — maano puzzle attacker ko utna cost karta hai jitna request serve karna server ko — isliye . Ek akela attacker lazily millions of costly requests generate nahi kar sakta, kyunki ab har ek unhe real CPU ya ek human cost karta hai. Unifying idea: attack poora par jeeta hai. force karne ke exactly do levers hain — shrink karo (cookies: unverified clients ke liye expensive kaam mat karo) ya grow karo (PoW/CAPTCHA: client ko pehle pay up front karwao). Dono woh asymmetry destroy karte hain jisne flood profitable tha.
L5.3 — Numeric: kya fix 10× attack ke neeche hold karta hai?
Cookies se pehle: , s, isliye collapse /s par (L2.1). Attacker ab SYN/s bhejta hai (threshold se over 10×). (a) Pre-fix server apni limit se kitne factor over hai? (b) SYN cookies ke baad, "held slots" model ab apply nahi hota — ek line mein argue karo ki /s ab ek non-event kyun hai.
Recall Solution
(a) Over-limit factor . Pre-fix queue almost barah-guna swamped hai — real users ke liye total collapse. (b) Cookies ke saath koi backlog queue fill karne ke liye nahi hai: state sequence number ke andar rehti hai, automatically free hoti hai kyunki kabhi store hi nahi hui. SYN-ACK computations/sec trivial CPU hai; koi resource exhaust nahi ho raha, isliye collapse condition ka reference karne ke liye koi nahi hai. Attack ka leverage () gone hai.
Recall One-line self-test (answers cover karo)
DDoS ki broken assumption ::: server ke paas sabke liye enough resources hain. MITM ki broken assumption ::: main real party se baat kar raha hoon (authentication missing). Replay ki broken assumption ::: ek valid message sirf ek baar valid hota hai (freshness missing). SYN-flood collapse condition ::: . SYN cookies mein kya change karte hain ::: woh slash karte hain (koi held state nahi) isliye . Proof-of-work mein kya change karta hai ::: woh grow karta hai isliye . Plain DH MITM-vulnerable kyun hai ::: yeh secrecy deta hai lekin public values ka authentication nahi. Do fields jo ek MAC ko replay rokne ke liye cover karne chahiye ::: message aur nonce , ek saath.