When GitHub was Down: A Case Study

Cyber attacks have become common scenario these days. Denial of service (DoS) and distributed denial of service (DDoS) are common types of those that—as the name implies—renders websites and other online resources unavailable to intended users. The speciality of these types of attacks is that unlike other cyber attacks which attempt to breach data and useful information of businesses, these render the website absolutely useless for use by its users.

The differences between DoS and DDoS are important. In a DoS attack, a single Internet connection is made use of to either exploit a software vulnerability or flood a target with fake requests—usually in an attempt to exhaust server resources. On the other hand, multiple connected devices across the internet are used to launch the DDoS attacks.These multi-person attacks are generally harder to deflect, mostly due to the sheer volume of devices involved. DDOs attacks target the host network to flood it with volumes of traffic and render it completely useless.

A denial of service assault often lasts for days, weeks and even months at a time, making them extremely destructive to any online organization. They affect revenues, company reputation and also consumer trust.

On 28th February 2018, GitHub 'Memcrashed'. Hit with what is dubbed to be the biggest attack of its kind till date. A Distributed Denial of Service (DDoS) attack peaking at the rate of 1.35 Tbps without using a single botnet network. 

So what does ' Memcrashed ' mean?

It is an amplification DDoS attack made using weaponised Memcached servers, a popular, open-source and easily deployable distributed caching system. These servers allow data to be cached so that the strain on heavier data stores such as a disk or a database can be eased. This server, which is installed by default on many Linux versions, has been designed to work with a large number of open connections. It communicates using UDP (normally port 11211), meaning it allows communication with no authentication.These servers are typically found in cloud server environments on systems not directly exposed to the internet. But because of the use of UDP, these Memcached instances are "inadvertently accessible on the public internet", as said by GitHub in their official report. 

The attackers can exploit this 'inadvertent access' to spoof the IP address of the origin of the request to the server so that the Memcached servers responding to these requests all respond to this spoofed address. The worse thing about a Memcached attack is that it can amplify the attack traffic up to 51000 times of the original attack strength. Because of this amplification effect, even a few bytes of requests, sent results tens of times larger, against the victim's IP address. 

The graph shows a distribution of the data flow that happened during the DDoS attack. The data servers were flooded with the data and the data rate shot up to 51k times than the usual.

GitHub says, "The attack originated from over a thousand different autonomous systems (ASNs) across tens of thousands of unique endpoints. It was an amplification attack using the Memcached-based approach described above that peaked at 1.35Tbps via 126.9 million packets per second."

Solutions

One immediate remedy to this problem was proposed by Prolexic. All the traffic that was being pushed on Github was routed to a different path and distributed. This helped to reduce the data content on one particular link and thus the attack was prevented within 8 minutes. The DDOS mitigation service jumped in the meantime. The situation took a brief amount of time for settlement after the attack, but one drawback was that Github served several intermediary issues. The entire Github server was offline for several minutes which lead to loss of several million users operating on the Github for their projects. For fool-proof solutions to such problems, one must ensure that Memcache, DNS and other potential reflectors are not exposed to the public and kept secured. Also, port 11211 must be blocked by the user for prevention of any attacks. The Mirai botnet served with a similar problem. The methods to prevent these attacks are:

1. Making use of firewalls  - Blocking senders IP Address via default packet handling on the device.

The malicious data must be checked for and prevented as per security issues.

2. Making use of specialised equipment/load balancers - Load balancing solutions for your ISP Connections so that the traffic is handled in a round-robin or overflow scenario. 

3. ISP Mitigation. (Internet Service Provider must interfere in these situations and help with the prevention of attack.)

4. 3rd Party Mitigation. (several other 3rd parties may also mitigate in these issues for proper rectification and help )

Steps 3 and 4 are usually combined, for large attacks, you will need to depend on the co-ordination of your ISP and a 3rd Party cloud mitigation service.

Mobile Communication before 3G

We all know what 3G is. And 4G of course, thanks to Jio. But how was mobile communication since its inception and how did we come to the stage we are in? The stage of high speed data access, video calls and instant messaging!

Watch this video to find out more.

When IP Addresses Get Over

With the advent if IoT, the number of devices that need to connect to the internet is increasing every day. When a device connects to the internet, it is assigned a specific IP address. This address is unique to each device. The system widely in use today, the Internet Protocol Version 4 (IPv4), uses a 32bit number for the address. The 32 bits mean that the number of available addresses is 2^32 (4,294,967,296). But, the number of connected devices is increasing today at an average rate of 5.44 billion per year. This means that the number of available addresses will soon get exhausted! Does that mean the end of the internet and a promising technology like the IoT?

Definitely not! Internet Protocol Version 6 (IPv6) is your knight in the shining armour. IPv6 will prevent the annihilation of the internet! The IPv6 redesigns the internet protocol itself. First major change is the number of addressing bits. It uses 128 bits instead of 64 (giving us around 3.403×10³⁸ addresses).

But what exactly is IP? The full form is obviously well known, but what is the necessity of IP in using the internet? The internet consists of 4 layers. At the top, is the application layer. This has the applications you use every day like Facebook, Whatsapp and such. Next is the transport layer. TCP is a popular transport layer and it’s implemented along with the IP layer. The third is the network layer, which is the Internet Protocol. The last one, the link layer can be Ethernet or WiFi. The network encapsulates the data into packets called datagrams. A datagram has data and a header. The header has a fixed structure and so some specific duties to perform. So, when I said IPv6 redesigns the internet protocol, I meant that the header is changed. The rest of the datagram is the payload or the data.

IPv4 has a fixed payload length field of 16 bits in the header. This gives us the ability to specify 65535 octets or bytes. But in IPv6, we can use a jumbogram which allows us to specify payload sizes of up to one byte less than 4 GB. Further, in this new version of IP, has network layer security. Normally, the network layer just forwards the packets along the network on a hop by hop basis. But the Internet Protocol Security (IPSec) is a mandatory specification for IPv6. For IPv4, it was optional. The packet header and the process of forwarding have also been simplified, although the headers in v6 are longer.

These are the differences. So how do we go about changing over from IPv4 to IPv6? The Internet Engineering Task Force (IETF) has recommended certain deployment models and migration tools for the transition. Temporary goals of the transition are to enable parts of the internet to employ IPv6 and disable v4. The end goal is a network-wide IPv6 deployment which will result in IPv4 becoming obsolete. The simplest model is to use a dual stack and allow both the versions to run simultaneously. In such a network, it is up to the peers connected to each other to decide which version to use. But, the peers should be reachable by an IPv6 address and should advertise their using a naming service like DNS. This is the recommended approach wherein IPv4 can then be phased out once all peers on the network have an IPv6 address. Other approaches include tunnelling through IPv4 networks and creating IPv6 only networks.

The government of India too, has created its own deployment model in accordance with the e-governance plan. Thus, IPv6 is about to kill IPv4 and open up a whole new world to us.

Sources: www.statistica.com; Wikipedia; Stanford Lagunita, Introduction to Computer Networks course; docs.oracle.com, IPv6 administration guide; tools.ietf.org, Guidelines for using IPv6 Transition Mechanisms; 

How to dual boot your PC

So, you want Linux on your PC which is currently running Windows. 10 maybe? But you don't want to let Windows go. It's too familiar and comfortable. In this case, the best option is to dual boot.

Here are the steps to dual boot a Windows PC with Ubuntu Linux. The first two are independent steps. You can follow them in any order. But once they're done, the rest should be in order.

Step 1
There's a high chance that your PC will be in UEFI Boot mode. You will need to disable secure boot to boot from a flash drive and might also require enabling legacy support. Pressing either of F2, F12, F10 or esc during start-up will do the trick. Most likely you'll see an instruction saying something like 'Press esc for startup options' right when you press the power button. Some manufacturers also include a dedicated button for start-up options. Using the arrow keys, navigate to 'Boot Options' under 'System Configuration' and press Enter. Now go to 'Secure Boot' and disable it. Similarly, go to Legacy Support and enable it. Select Save and Exit (F10 for HP, might be the same for others too). Your PC will now start normally in Windows.

Step 2
Make a bootable USB drive. For this part, I'm assuming you already have an ISO file of Ubuntu. If not, you can download it from their official website.

Here, you'll need an application, Rufus.

Download and run the .exe file (no installation required)

You'll see a window like this:

Select 'ISO image' as circled in the picture and then select your .iso file by clicking on the icon beside it. Device should show the name of the USB device currently connected. Keep the rest as it is.

Note: clicking on start will erase all the data presently on your device, so be sure to take a backup.

Once this is done, you're set to start the actual installation!

Step 3

Restart your PC and go start boot manager. It's the same screen you went to for enabling legacy support.

But now, instead of BIOS options, go to Boot device options or something similar. You'll be asked the device from which to boot. The flash drive with Ubuntu ought to be visible here. Select that.

Note: Select the drive in the BIOS you have Windows. Or else you'll be losing it. Normally it'll be UEFI. 

This point does make me feel installation might work without even enabling Legacy support. But everyone suggested doing it and it doesn't really hurt. 

Step 4

You'll now be seeing a screen with several options like 'try Ubuntu without installing' and 'install Ubuntu'. Choose try 'Try Ubuntu without installing'. The Ubuntu desktop will open. You familiarise yourself with the OS. Setup a Wi-Fi connection. There will be an option to install on the desktop. Select that when you're ready. 

Step 5

So you've selected to install now. First, you'll be asked your choice of language. After that, you'll see a window with check boxes for 'download updates while installing' and 'install third party software'. I suggest you check both. Next, it will check for installed operating systems. You will get a message saying something like Windows was detected, select action. It will ask whether you want to erase Windows and install Ubuntu or install Ubuntu alongside Windows. Choose the second option. 

Step 6

You'll be asked to partition your hard disk. A visual representation of the partitions will be visible. It will show some arbitrary space assigned to Ubuntu. You just have to drag the separator between the two partitions on your screen to change the size. Once you're done click on install now. This step takes some patience as it takes quite a lot of time to partition your hard disk. After that, it's a cake walk. Go watch a movie. Ubuntu will be ready for you by the time you're back!

Electronics Under Radiation!

Radiation! Everyone knows the effects of radiation on human health. But is living tissue the only thing it harms?

No. Ionising radiation can weaken materials, embrittle them or cause an electric breakdown. Semiconductors are particularly affected by such radiations. There are two incidents. What will happen if you use a semiconductor device in a radiation environment for a long period of time? What will happen if the device experiences a short burst of radiation energy?

In the first case, the device characteristics deteriorate. There is an increase in leakage current, change in the threshold and many such long-term effects. In the second, there may be bitflips in memory or transient pulses in logic circuitry. The first effect is termed as Total Ionisation Dose (TID) effect. The second, Single Event Effects (SEE). As these names suggest, TID is due to prolonged exposure and SEE, the result of a sudden, single energetic particle.

Change in device characteristics

So, what really happens?

At the core, both effects occur because of generation of free charges. The high-energy particles hit the device and liberate additional free charges. In TID, a fraction of the generated holes gets trapped in the oxide regions of the device. This happens because electrons having a high mobility are quickly swept away leaving holes behind. This situation is somewhat like a place with a skewed sex ratio resulting in not enough partners for marriage. These holes that are left behind, affect the electrical characteristics of the device.

A major factor affecting the degradation is, of course, the total dose of radiation received. The popularly used unit for measuring it is rad where 100 rad = 1 J/kg. Another important factor is the dose rate, measured in rad/sec. Higher the dose rate, greater will be the degradation. Then, there are factors like the geometry of the device, method of fabrication, its bias conditions and temperature among others. TID however, affects at the device level. It will cause degradation in the individual device parameters.

Trapped charges, red indicating more charge

SEE, on the other hand, affects at the circuit level. In memory cells, it may cause a bit to flip. In digital circuits, it may cause a pulse to propagate through the circuit. These, however, are not permanently damaging. Strong bursts of energetic particles can cause severe effects like generating shorts in the circuit (called latch-ups) or damage the gate oxide.

Single Event Effects

But where will devices experience radiation?

It’s not as if we expose our phones to high energy radiations on a daily basis. The circuits that are actually exposed to such high doses are those meant for special purpose applications. Beyond the atmosphere, there’s always an incoming barrage of high energy particles of all sorts. So, all devices meant for space applications are at risk. Further, circuits used in high energy physics experiments such as particle accelerators also are under threat from radiation.

Is there any solution?

Yes. The process is called radiation hardening. Literally, it means making the devices ‘hard’ or resistant to radiation. One of the methods is to use Silicon-On-Insulator technology. But that brings with it, its own set of problems. Shielding is a good option. There are also various fabrication methods and layouts on the chip which are used and which give a better performance when attacked by radiation.

What if the device is damaged?

TID can be mitigated by annealing at a specific temperature. This causes the traps to escape as they gain energy from the high temperature. As for SEE, an entire reboot of the system might be helpful. But imagine the losses if an entire system on a space station needs to be rebooted!

So, the best we can do is use proper radiation hardening techniques and avoid radiation related side-effects. But of course, we can never be sure!

FIR Filter Design: Frequency Sampling Method

This method is another way of designing linear phase FIR filters. The process of obtaining the desired frequency response is same. The difference starts from then on. The desired frequency response is sampled in the frequency domain and then its inverse is calculated, which gives the filter response. For practical design, we again used Scilab. The formulae for DFT and IDFT were incorporated into the code and the filter parameters were taken as user input. Plot function helped us verify the accurateness of the designed filter.

Basic Operations on DSP Processor

The theoretical aspects of DSP technology are not too difficult. We just have different algorithms for different operations. But, the real world doesn't work on just mathematics and algorithms. We need to have some physical hardware that will implement these operations. This is where the DSP processor comes in.
We used a custom board of the popular C2000 processor. The coding platform used was Code Composer Studio. Using the implementations of DSP algorithms in C language developed previously, the code was tweaked to work on-chip in embedded C. Basic operations were performed on the board such as addition and subtraction among others. We also implemented FFT algorithms. The difference in implementing on hardware is that we have to reference the registers too while writing the code while a simple C language implementation does not require this.