Worked examples — Network security — DDoS, man-in-the-middle, replay attacks, countermeasures
See the parent: (Hinglish version).
The scenario matrix
Each row is a case class — a distinct kind of situation the maths of this topic can hand you. Every example below is tagged with the cell(s) it covers.
| # | Case class | What makes it distinct | Worked in |
|---|---|---|---|
| C1 | DDoS below threshold | — server survives | Ex 1 |
| C2 | DDoS at/above threshold | — service collapses | Ex 2 |
| C3 | Amplification factor | ratio , reflection maths | Ex 3 |
| C4 | Degenerate input | (instant timeout) or | Ex 4 |
| C5 | Limiting behaviour | what happens as or | Ex 4 |
| C6 | Replay caught | nonce already in "seen" set | Ex 5 |
| C7 | Replay slips through | timestamp window too wide | Ex 6 |
| C8 | MITM key mix-up | two DH keys , detect via auth | Ex 7 |
| C9 | Real-world word problem | CDN sizing / cost of proof-of-work | Ex 8 |
| C10 | Exam-style twist | combined defence, "which fix and why" | Ex 9 |
Before we start, one symbol we reuse everywhere:
Ex 1 — DDoS below threshold (Cell C1)
-
Compute steady-state occupancy using Little's Law . Why this step? Little's Law (Little's Law) says the average number of items sitting in a system equals arrival-rate time-in-system. Here items = half-open connections. We use it because we care about how many slots are occupied on average, not about any one connection.
-
Compare to capacity . Why this step? The collapse condition from the parent is . Equivalently . Since , the queue never fills — there is always a free slot for a real user.
Ex 2 — DDoS at/above threshold (Cell C2)

-
Find would-be occupancy slots. Why this step? This is how many slots the flood wants to hold — it can exceed .
-
Cap it at . Real occupancy . Why this step? You physically cannot hold more than slots. Look at the red line in the figure hitting the ceiling.
-
Rejection fraction. Once full, a slot only frees at rate /s, but demand (attacker + legit) arrives far faster. Fraction of attacker SYNs that find room ; the rest, and virtually all legit users arriving to a full queue, are dropped. Legit rejection . Why this step? We turn "queue full" into a number: the server can only admit new connections per second, so any excess arrival rate is lost.
Ex 3 — Amplification factor (Cell C3)
-
Amplification factor where = bytes the victim receives, = bytes the attacker sends. Why this step? Reflection attacks make the resolver pay the outbound cost. measures how much bigger the reflected reply is than the trigger — this is the whole point of picking
ANY. -
Attacker's own outbound rate. queries/s bytes bytes/s MB/s. Why this step? We need the attacker's cost to then multiply by .
-
Victim-bound flood. MB/s Mbps. Why this step? Every attacker byte becomes victim bytes. Multiply by to convert MB/s to Mbps (bandwidth is quoted in bits).
Ex 4 — Degenerate & limiting inputs (Cells C4, C5)
-
(a) — instant timeout (this is essentially SYN cookies). . Why this step? If no state is ever held (freed instantly / never allocated), no flood can accumulate. Occupancy is regardless of . Immune. This is exactly why SYN cookies work — they push effectively to .
-
(b) — infinite queue. , finite for finite . Why this step? You "never reject" — but memory is a resource too, so slots of RAM still get consumed. The parent's "bigger " mistake lives here: you traded a full-queue failure for an out-of-memory failure.
-
(c) . ; the queue saturates instantly and stays pinned. Why this step? The limit shows the worst case is bounded by — occupancy can't exceed the ceiling — but every legit user is rejected. Doomed unless is small.
-
(d) . for any , so ; the queue fills at any attack rate given enough time. Why this step? A server that never times out half-open connections is defeated by even a trickle. This is why timeout exists at all.
Ex 5 — Replay caught by a nonce (Cell C6)
-
Server checks the seen-set. → reject, before even recomputing the MAC. Why this step? Freshness is the first gate. A replayed nonce is definitionally not fresh; see Message Authentication Codes (MAC) & HMAC for how the tag is formed.
-
Eve tries (a value not yet seen), keeping the old . Why this step? She's attacking the freshness check by supplying a "new" nonce.
-
MAC verification fails. The server recomputes and compares to Eve's , which was . Since the inputs differ, so the tags differ (except with negligible probability for an -bit MAC). Reject. Why this step? The MAC binds to under secret key . Eve can't forge a tag for without . This is why the nonce lives inside the MAC, not beside it.
Ex 6 — Replay slips through a loose window (Cell C7)
-
First replay at s. → accepted (replay succeeds!). Why this step? Within the window, a timestamp alone cannot distinguish a fresh message from a replay — it only checks age, not uniqueness.
-
Second replay at s. → rejected (too old). Why this step? The window is the only defence; once the message ages past it expires.
-
The fix. Add a seen-set (nonce) inside the window, or shrink . With a nonce, even the s replay is caught, as in Ex 5. Why this step? This is the parent's core lesson: a timestamp bounds the attack window but a nonce closes it. Wide = wide replay window.
Ex 7 — MITM key mix-up in Diffie–Hellman (Cell C8)

-
Public values. , , Eve's . Why this step? DH exchanges in the open; the secret exponent stays private. Eve substitutes her for both sides — that's the man-in-the-middle.
-
Alice's key (she thinks she shares with Bob, actually with Eve): . Compute: , , . So . Why this step? Alice raises the value she received (Eve's ) to her own secret — the standard DH combine.
-
Bob's key (with Eve): . , , . So . Why this step? Same combine, Bob's secret. Note : Eve holds one key with each side, exactly the parent's picture.
-
The fix — authentication. If Alice signed her (via Public Key Infrastructure & Certificates / TLS handshake), Eve could not replace with without breaking the signature. The mismatch is invisible to secrecy but fatal to authenticity. Why this step? DH gives a shared secret but never proves whose secret. Signing the public value binds identity to key.
Ex 8 — Real-world word problem: proof-of-work as a defence (Cell C9)
-
Work per token. Finding leading zero bits needs on average hashes. Why this step? Each hash output is uniform, so the chance of leading zeros is ; expected trials to succeed is . This is the attacker's new — we deliberately raised it.
-
Hashes needed per second. hashes/s. Why this step? tokens/s each costing hashes.
-
Cores required. cores. Why this step? Divide total hash demand by one core's throughput; round up (you can't rent a fraction of a core).
-
Effect on . Before PoW the attacker paid one cheap packet ( small, huge). Now jumped by , so collapses toward or below — the asymmetry that made DDoS worthwhile is gone. Why this step? Recall : raising is a direct lever on , exactly the parent's "CAPTCHA / proof-of-work" countermeasure.
Ex 9 — Exam-style twist: which single fix, and why? (Cell C10)
-
Screen the DDoS. ? Yes — , so this would collapse. Why this step? Apply the threshold test first, because if the server is already down, nothing else matters.
-
But re-read: the flood is hypothetical spoofed SYNs — the immediate, guaranteed exploits are the constant MAC (trivially replayable, Cell C6/C7) and plain HTTP (MITM + credential theft, Cell C8). SYN cookies fix only (iii). Why this step? Ranking by exploitability: a constant auth tag is a guaranteed replay any attacker can perform today; DDoS needs a botnet.
-
Pick [B] TLS with certificates — it authenticates the server (kills MITM on HTTP) and wraps traffic so the credential can't be sniffed. But TLS alone does not fix the constant MAC at the application layer. Why this step? TLS closes the widest hole (eavesdrop + MITM + downgrade via HSTS). It's the highest-value single control here.
-
What remains exposed: the constant MAC (needs a nonce — [C]) and the SYN flood (needs [A]). One control can't cover three independent broken assumptions — that is the whole point of the parent's comparison table. Why this step? Each attack breaks a different assumption (freshness / identity / resources), so no single fix is complete.
Recall Self-test
A server has s. Below what SYN rate is it safe? ::: SYN/s. A -byte query yields a -byte reply. What is ? ::: . Timestamp window s, message stamped , replayed at . Accepted? ::: Yes — (that's the replay hole). Raising to defend a SYN flood — good idea? ::: No; attacker just raises since still holds. Use SYN cookies ().