Gwaji: shin zai yiwu a rage mummunan sakamakon harin DoS ta amfani da wakili?

Hoto: Unsplash

Hare-haren DoS na daya daga cikin manyan barazana ga tsaron bayanai a Intanet na zamani. Akwai dimbin botnets da maharan ke haya don kai irin wadannan hare-hare.

Masana kimiyya daga Jami'ar San Diego sun gudanar binciken Yadda amfani da proxies ke taimakawa rage mummunan tasirin harin DoS - muna gabatar muku da mahimman abubuwan wannan aikin.

Gabatarwa: wakili a matsayin kayan aiki don yaƙar DoS

Irin wannan gwaje-gwajen ana gudanar da su lokaci-lokaci daga masu bincike daga kasashe daban-daban, amma matsalarsu ta gama gari ita ce rashin wadatattun kayan aiki don kwaikwayi hare-hare kusa da gaskiya. Gwaje-gwaje a kan ƙananan benci na gwaji ba su ƙyale amsa tambayoyi game da yadda nasarar proxies za su iya tsayayya da hari a cikin hadaddun cibiyoyin sadarwa, waɗanne sigogi ke taka muhimmiyar rawa wajen iya rage lalacewa, da dai sauransu.

Don gwajin, masana kimiyya sun ƙirƙiri samfurin aikace-aikacen gidan yanar gizo na yau da kullun - alal misali, sabis na kasuwancin e-commerce. Yana aiki ta amfani da gungu na sabobin; ana rarraba masu amfani a wurare daban-daban kuma suna amfani da Intanet don samun damar sabis ɗin. A cikin wannan ƙirar, Intanet tana aiki azaman hanyar sadarwa tsakanin sabis da masu amfani - wannan shine yadda ayyukan yanar gizo daga injunan bincike zuwa kayan aikin banki na kan layi ke aiki.

Hare-haren DoS yana sa hulɗar yau da kullun tsakanin sabis ɗin da masu amfani ba zai yiwu ba. Akwai nau'ikan DoS guda biyu: matakin aikace-aikace da hare-haren matakan ababen more rayuwa. A cikin yanayin ƙarshe, maharan kai tsaye suna kai hari kan hanyar sadarwa da runduna waɗanda sabis ɗin ke gudana a kai (alal misali, suna toshe duk bandwidth na cibiyar sadarwa tare da zirga-zirgar ambaliyar ruwa). A cikin yanayin harin matakin aikace-aikacen, makasudin maharin shine mahallin mai amfani - don yin hakan, suna aika buƙatun da yawa don haifar da faɗuwar aikace-aikacen. Gwajin ya bayyana abubuwan da suka shafi hare-haren a matakin samar da ababen more rayuwa.

Hanyoyin sadarwa na wakili ɗaya ne daga cikin kayan aikin rage lalacewa daga hare-haren DoS. Lokacin amfani da wakili, duk buƙatun daga mai amfani zuwa sabis da martanin su ana watsa su ba kai tsaye ba, amma ta hanyar sabar matsakaici. Duk mai amfani da aikace-aikacen ba sa “gani” juna kai tsaye; adiresoshin wakili ne kawai ke samuwa gare su. A sakamakon haka, ba shi yiwuwa a kai farmaki kan aikace-aikacen kai tsaye. A gefen cibiyar sadarwa akwai abin da ake kira masu ba da izini - proxies na waje tare da adiresoshin IP masu samuwa, haɗin yana zuwa gare su da farko.

Don yin nasarar tsayayya da harin DoS, hanyar sadarwar wakili dole ne ta sami damar maɓalli biyu. Da fari dai, irin wannan tsaka-tsakin cibiyar sadarwa dole ne ta taka rawar tsaka-tsaki, wato, aikace-aikacen ba za a iya "isa" kawai ta hanyarsa ba. Wannan zai kawar da yiwuwar kai hari kan sabis ɗin. Na biyu, cibiyar sadarwar wakili dole ne ta iya ba wa masu amfani damar yin hulɗa tare da aikace-aikacen koda lokacin hari.

Gwaji kayayyakin more rayuwa

Binciken ya yi amfani da mahimman abubuwa guda huɗu:

• aiwatar da hanyar sadarwa na wakili;
• Sabar yanar gizo Apache;
• kayan aikin gwajin yanar gizo siege;
• kayan aiki hari Trinoo.

An gudanar da simintin a cikin yanayin MicroGrid - ana iya amfani da shi don kwatankwacin hanyoyin sadarwa tare da masu ba da hanya tsakanin hanyoyin sadarwa dubu 20, wanda yayi daidai da hanyoyin sadarwar Tier-1 masu aiki.

Cibiyar sadarwa ta Trinoo na yau da kullun ta ƙunshi saitin rundunonin da ba su dace ba da ke gudanar da shirin daemon. Akwai kuma software na saka idanu don sa ido kan hanyar sadarwa da jagorantar hare-haren DoS. Bayan karɓar jerin adiresoshin IP, Trinoo daemon yana aika fakitin UDP zuwa maƙasudai a ƙayyadaddun lokuta.

A lokacin gwajin, an yi amfani da gungu biyu. Na'urar kwaikwayo ta MicroGrid tana gudana akan gungu na 16-node Xeon Linux (sabar 2.4GHz tare da 1 gigabyte na ƙwaƙwalwar ajiya akan kowace na'ura) wanda aka haɗa ta hanyar 1 Gbps Ethernet cibiya. Sauran kayan aikin software sun kasance a cikin gungu na nodes 24 (450MHz PII Linux-cthdths tare da 1 GB na ƙwaƙwalwar ajiya akan kowace na'ura), wanda aka haɗa ta hanyar 100Mbps Ethernet cibiya. An haɗa tari biyu ta tashar 1Gbps.

Ana gudanar da hanyar sadarwar wakili a cikin tafki na runduna 1000. Edge proxies ana rarraba daidai da ko'ina cikin tafkin albarkatun. Wakilai don aiki tare da aikace-aikacen suna kan runduna waɗanda ke kusa da kayan aikin sa. Ragowar proxies ana rarraba su daidai-da-wane tsakanin ɓangarorin na gaba da aikace-aikace.

Cibiyar sadarwa na kwaikwayo

Don nazarin tasirin wakili a matsayin kayan aiki don magance harin DoS, masu bincike sun auna yawan aikin aikace-aikacen a ƙarƙashin yanayi daban-daban na tasirin waje. Akwai jimillar wakilai 192 a cikin hanyar sadarwar wakili (64 daga cikinsu gefen). Don kai harin, an ƙirƙiri hanyar sadarwar Trinoo, gami da aljanu 100. Kowane aljanun yana da tashar 100Mbps. Wannan ya dace da botnet na 10 dubu na masu amfani da gida.

An auna tasirin harin DoS akan aikace-aikacen da cibiyar sadarwar wakili. A cikin tsarin gwaji, aikace-aikacen yana da tashar Intanet na 250 Mbps, kuma kowane wakili na gefen yana da tashar 100 Mbps.

Sakamakon gwaji

Dangane da sakamakon binciken, ya nuna cewa harin da aka kai a 250Mbps yana ƙaruwa sosai lokacin amsawar aikace-aikacen (kusan sau goma), wanda sakamakon hakan ya zama ba zai yiwu a yi amfani da shi ba. Koyaya, lokacin amfani da hanyar sadarwar wakili, harin baya da tasiri sosai akan aiki kuma baya lalata ƙwarewar mai amfani. Wannan yana faruwa ne saboda masu ba da izini na gefe suna rage tasirin harin, kuma jimillar albarkatun cibiyar sadarwar wakili sun fi na aikace-aikacen kanta.

Dangane da kididdigar, idan ikon harin bai wuce 6.0Gbps ba (duk da jimillar abubuwan da aka samar na tashoshi na wakili na gefen kasancewa 6.4Gbps kawai), to 95% na masu amfani ba sa samun raguwar aiki mai yiwuwa. Bugu da ƙari, a yanayin harin da ya wuce 6.4Gbps, ko da amfani da hanyar sadarwa na wakili ba zai guje wa lalata matakin sabis ga masu amfani da ƙarshe ba.

A cikin yanayin hare-haren da aka mayar da hankali, lokacin da ikonsu ya ta'allaka ne a kan saiti na bazuwar proxies. A wannan yanayin, harin yana toshe ɓangaren hanyar sadarwar wakili, don haka babban ɓangaren masu amfani zai lura da raguwar aiki.

binciken

Sakamakon gwajin ya nuna cewa cibiyoyin sadarwa na wakili na iya inganta aikin aikace-aikacen TCP da kuma samar da sabis na yau da kullum ga masu amfani, har ma a yayin harin DoS. Dangane da bayanan da aka samu, hanyoyin sadarwar wakili sun zama hanya mai inganci don rage illar hare-hare; fiye da kashi 90% na masu amfani ba su sami raguwar ingancin sabis ɗin ba yayin gwajin. Bugu da ƙari, masu binciken sun gano cewa yayin da girman cibiyar sadarwar wakili ya karu, sikelin hare-haren DoS wanda zai iya jurewa yana ƙaruwa kusan a layi. Sabili da haka, mafi girman hanyar sadarwar, mafi inganci zai yi yaƙi da DoS.

Hanyoyin haɗi masu amfani da kayan aiki daga Infatika:

• Bincike: Ƙirƙirar sabis na wakili mai jurewa ta amfani da ka'idar wasa
• Tarihin yaƙi da ƙididdigewa: yadda hanyar wakili na walƙiya ta hanyar masana kimiyya daga MIT da Stanford ke aiki
• Yadda za a gane lokacin da proxies ke kwance: tabbatar da wuraren zahiri na wakilan cibiyar sadarwa ta amfani da algorithm geolocation mai aiki
• Yadda ake ɓoye kanku akan Intanet: kwatanta uwar garken da wakilai masu zama

Source: www.habr.com