Intro to Computer Security Homework 4: Denial of Service
Concisely answer the following questions. (Limit yourself to at most 80 words per subquestion.)
1. Client puzzles. Denial-of-service (DoS) attacks attempt to overwhelm a server with a huge
volume of requests. Researchers have proposed a defense against DoS attacks called client
puzzles: For each request, the server sends the client a freshly generated random challenge r
and a difficulty parameter n, and the client has to produce a solution s such that HMACr(s)
ends in n zero bits. Clients must present a valid solution to receive service.
(a) What is the expected number of HMAC computations for the client to compute the
solution? How many HMAC computations does it take for the server to check the
(b) Suppose a “unit of work” is equivalent to the difficulty of computing one HMAC. If an
attacker enjoys an amplification factor of 64 (i.e., the attacker can cause the server to
do 64 units of work by expending one unit of work), what should n be to negate this
advantage using client puzzles?
(c) Some denial-of-service attacks employ a large number of malicious clients to overwhelm the server. Briefly, how can the system adjust the puzzles to ensure that legitimate clients receive service during such attacks without requiring them to do excessive
work solving puzzles when the system is not under attack? Hint: think about the scenario in terms of supply and demand.
2. Distributed denial-of-service. A popular attack tool among novice hackers recently has
been the Low Orbit Ion Cannon (LOIC), which features a user-friendly GUI as well as an
option to voluntarily add yourself to a botnet controlled via an IRC channel. We do not
recommend installing or using LOIC!
(a) LOIC is a fairly simple program. The source file at http://goo.gl/iFeHk2 contains the
primary attack mechanism. Briefly, how does this mechanism work?
(b) The LOIC command and control system (“Hive Mind mode”) is also fairly simple.
It is described in the README file at http://goo.gl/mpu9ZU. Briefly, how does this
(c) Other than client puzzles, what are some things a website could do to defend itself
against a LOIC Hive Mind attack? If the attack involves thousands of bots, how can
the server distinguish them from legitimate clients?
(d) Briefly, what was Operation Payback?
(e) Who is Christopher Wayne Cooper? What was he charged with when he was indicted?
(f) Briefly, compare and contrast LOIC Hive Mind mode to a typical botnet.
(g) Briefly, compare and contrast LOIC Hive Mind mode to a political protest.
Make sure each answer is formatted as a single line, and that the file you submit is in plain text
format. You may use LaTeX-style math syntax if you wish.
# Problem 1
1a. [Answer …]
1b. [Answer …]
1c. [Answer …]
# Problem 2
2a. [Answer …]
2b. [Answer …]
2c. [Answer …]
2d. [Answer …]
2e. [Answer …]
2f. [Answer …]
2g. [Answer …]