Student Name:
Write a minimum of 3-5 page research paper describing two of the following cyber-attacks:
Number one is mandatory. You can select any one of the remaining two available choices.
[1] DDoS Attack
[2] Buffer Overflow Attack
[3] ICMP Attack

You are expected to respond to each of the following requirements:
– What are the main attributes of these attacks?
– How do these cyberattacks affect the victims’ infrastructure or devices once they penetrate to the victims’ devices or infrastructures?
– Describe the countermeasure (Detection or Prevention) for these attacks if available.
– Give an example of each attack (Company name, when it happened, how it affects the organization, and how it has been resolved
– How do you prepare and approach these attacks if you are assigned as a cybersecurity manager for an organization?
– Please list all your reference that you referred and cite them on your paper appropriately.
Cyber-attacks
Computer and network systems are prone to different forms of cyber-related attacks such as DDoS and buffer overflow attacks that need to be understood in line with adopting the appropriate countermeasures. The attacks are directed towards compromising the computer and network system in the interest of the attacker and at the user’s expense. The attacks have negative impacts, and thus they should be prevented, eliminated and handled (manage) to control and reduce the losses. The different cyber-attacks such as DDoS and buffer overflow need to be understood in terms of their attributes, impact on devices and infrastructure to develop effective countermeasures and approach them effectively when they occur.
DDoS Attack
Main attributes
The Distributed Denial-of-Service (DDoS) attack takes the malicious move to disrupt normal operations of a computer or network system normal traffic of a targeted server, network and service by overwhelming target or the surrounding infrastructures a flood of internet traffic (Yan et al., 603). This approach compromises computer systems, denying people from receiving services they intend to get from the system. In this regard, the system and its surroundings are flooded with incoming messages, malformed packers, or connection requests to the target system, forcing it to shut down, slow down, or crash, thus denying service to legitimate systems or users.
DDoS impact on devices and infrastructure
The DDoS attacks have negative impacts on the devices and infrastructure that they affect. The DDoS attacks overwhelm the infrastructure and devices, making them slow or ineffective in delivering services or meeting the needs they were intended for (Yan et al., 603). The devices and infrastructure are overwhelmed with the traffic of command to perform different functions, making them ineffective. Consequently, DDoS attacks make the infrastructure and devices vulnerable to more powerful attacks since computing power and network bandwidth multiply, enabling attackers to leverage on the increased resources to attack the system and network.
DDoS countermeasures
DDoS attacks have negative impacts on the system, and thus the responsible parties and professionals need to develop effective countermeasures in the form of detection and prevention measures. Detection is a vital aspect of preventing DDoS attacks (Joshi, Vijayan and Joshi, 4). The detection is implemented by installing systems that monitor network traffic for small scale and volumetric attacks. In this case, packets that access the network are automatically classified as good or bad traffic. This approach ensures that there is an uninterrupted flow of good traffic. On the other hand, DDoS can be effectively prevented through different techniques such as black hole Routing, Rate limiting, web Application firewall and anycast network diffusion.
DDoS examples of company attacks
In 2015 BBC experienced a DDoS attack from a group called New World Hacking. The group launched a 600Gbps attack on the BangStresser application tool. The attack affected BBC sites such as iPlayer on-demand service for three hours. The tools used to attack BBC sites used the cloud computing resources from the Amazon AWS servers. The attack was resolved by leveraging the bandwidth of the public computing service.
Preparing approaches for attacks
In preparation to mitigate future DDoS attacks, one needs to adopt the relevant prevention and mitigation countermeasures. In this regard, one needs to install system monitors to evaluate and classify data packets before accessing the system. On the other hand, a firewall can be installed to detect and prevent attacks. There are different types of buffer overflow attacks include stack-based buffer overflows and heap-based attacks.
Buffer Overflow attack
The buffer overflow attacks occur when data is placed into a fixed-length buffer that can handle, thus overwriting memories adjacent to the buffer (Nashimoto et al., 37). In this regard, the excess information fed in the buffer overflows in the adjacent memory spaces, thus compromising data held in those spaces through overwriting and corrupting it.
Impacts of buffer overflow attacks
Buffer overflow attacks adversely affect the infrastructure and devices subjected to the attacks. In this case, the attack affects the memory space for the devices and the infrastructure (Nashimoto et al., 37). Extra data overflow in other memory spaces within the device and infrastructure, thus corrupting and overwriting the existing data.
Buffer Overflow Attack countermeasures
The buffer overflow attacks arise from the overflow vulnerabilities using security measures in their codes and using languages with built-in protection. First, the affected parties need to address space randomization (ASLR) security measures (Fu and Shi, 91). This approach takes the handling of space locations in the data regions. The ASLR evaluates the space locations in the system and randomizes them that preventing their interference. Consequently, data execution prevention is a countermeasure that flags specific areas of memory as executable or non-executable, thus stopping codes from running in non-executable regions. Additionally, Butter overflow attacks can be prevented through web application firewalls, Bot management, account takeover, protection, API security and attack analytics.
Examples of Buffer overflow attacks
Microsoft Windows systems experienced a buffer overflow attack in 2003. The buffer overflow attack was implemented through a Blaster worm to re remote procedures of the call facilities. The blaster finds vulnerabilities in the computer and network system, thus enhancing the attack. The attack compromised the data storage center. The attack was addressed by installing a web application firewall and replacing the compromised data with data from the backup resources.
Preparations for approaches
As a cyber-security professional, one needs to be prepared from the attacks by eliminating the computer and network vulnerabilities, thus preventing the attackers from implementing attacks. The vulnerabilities need to be eliminated through regular patching of the software involved while observing security measures on the operating system and codes.
Conclusion
Cybersecurity attacks of DDoS and buffer overflow attacks can be effectively managed to prevent damage to the network and computer systems. The attacks cause damages at the users’ expense, and thus the relevant security measures need to be taken to prevent the attacks.

Work Cited
Fu, Desheng, and Feiyue Shi. “Buffer overflow exploit and defensive techniques.” 2012 Fourth International Conference on Multimedia Information Networking and Security. IEEE, 2012.
Joshi, Bansidhar, A. Santhana Vijayan, and Bineet Kumar Joshi. “Securing cloud computing environment against DDoS attacks.” 2012 International Conference on Computer Communication and Informatics. IEEE, 2012.
Nashimoto, Shoei, et al. “Buffer overflow attack with multiple fault injection and a proven countermeasure.” Journal of Cryptographic Engineering 7.1 (2017): 35-46.
Yan, Qiao, et al. “Software-defined networking (SDN) and distributed denial of service (DDoS) attacks in cloud computing environments: A survey, some research issues, and challenges.” IEEE communications surveys & tutorials 18.1 (2015): 602-622.

Published by
Essays
View all posts