<?xml version="1.0" encoding="UTF-8"?><!DOCTYPE article  PUBLIC "-//NLM//DTD Journal Publishing DTD v3.0 20080202//EN" "http://dtd.nlm.nih.gov/publishing/3.0/journalpublishing3.dtd"><article xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink" dtd-version="3.0" xml:lang="en" article-type="research article"><front><journal-meta><journal-id journal-id-type="publisher-id">JIS</journal-id><journal-title-group><journal-title>Journal of Information Security</journal-title></journal-title-group><issn pub-type="epub">2153-1234</issn><publisher><publisher-name>Scientific Research Publishing</publisher-name></publisher></journal-meta><article-meta><article-id pub-id-type="doi">10.4236/jis.2017.83018</article-id><article-id pub-id-type="publisher-id">JIS-77875</article-id><article-categories><subj-group subj-group-type="heading"><subject>Articles</subject></subj-group><subj-group subj-group-type="Discipline-v2"><subject>Computer Science&amp;Communications</subject></subj-group></article-categories><title-group><article-title>
 
 
  Do ICMP Security Attacks Have Same Impact on Servers?
 
</article-title></title-group><contrib-group><contrib contrib-type="author" xlink:type="simple"><name name-style="western"><surname>Ganesh</surname><given-names>Reddy Gunnam</given-names></name><xref ref-type="aff" rid="aff1"><sup>1</sup></xref></contrib><contrib contrib-type="author" xlink:type="simple"><name name-style="western"><surname>Sanjeev</surname><given-names>Kumar</given-names></name><xref ref-type="aff" rid="aff1"><sup>1</sup></xref></contrib></contrib-group><aff id="aff1"><addr-line>Department of Electrical and Computer Engineering, The University of Texas-RGV, Edinburg, USA</addr-line></aff><pub-date pub-type="epub"><day>06</day><month>07</month><year>2017</year></pub-date><volume>08</volume><issue>03</issue><fpage>274</fpage><lpage>283</lpage><history><date date-type="received"><day>May</day>	<month>30,</month>	<year>2017</year></date><date date-type="rev-recd"><day>Accepted:</day>	<month>July</month>	<year>22,</year>	</date><date date-type="accepted"><day>July</day>	<month>25,</month>	<year>2017</year></date></history><permissions><copyright-statement>&#169; Copyright  2014 by authors and Scientific Research Publishing Inc. </copyright-statement><copyright-year>2014</copyright-year><license><license-p>This work is licensed under the Creative Commons Attribution International License (CC BY). http://creativecommons.org/licenses/by/4.0/</license-p></license></permissions><abstract><p>
 
 
  There are different types of Cyber Security Attacks that are based on ICMP protocols. Many ICMP protocols are very similar, which may lead security managers to think they may have same impact on victim computer systems or servers. In this paper, we investigate impact of different ICMP based security attacks on two popular server systems namely Microsoft’s Windows Server and Apple’s Mac Server OS running on same hardware platform, and compare their performance under different types of ICMP based security attacks.
 
</p></abstract><kwd-group><kwd>DDoS Security Attacks</kwd><kwd> ICMP Based Cyber Attacks</kwd><kwd> Mac Server OS</kwd><kwd> Windows Server OS</kwd></kwd-group></article-meta></front><body><sec id="s1"><title>1. Introduction</title><p>The Distributed Denial of Service (DDoS) attacks are increasing day by day. These DDoS attacks are known to crash many servers and operating systems. So much work has been done on different operating systems with DDoS attacks [<xref ref-type="bibr" rid="scirp.77875-ref1">1</xref>] - [<xref ref-type="bibr" rid="scirp.77875-ref12">12</xref>] , but the companies are still not able to correct all problems that have been observed. In computing, a denial of service(DoS) attack is an attempt to make a machine or network resource unavailable to its intended users, such as to temporarily or indefinitely interrupt or suspend services of a host connected to the Internet.</p><p>Denial of Service attack consumes a victim computer's resources such as network bandwidth, processor, memory etc. In a Denial of Service (DoS) attack, a single computer may attack a single computer or server, where as in a Distributed Denial of Service (DDoS) attack, many computers (Botnets) may attack a single computer.</p><p>In this paper, we use two very similar types (in terms of type of packets used) of ICMP based security attacks commonly known as PING flood attack and SMURF attack. We also test impact of these attacks on two different popular server OS namely, Windows Server 2012 R2 and Apple’s Mac OS X Server LION on same hardware platform i.e. Apple’s Mac Pro platform.</p><sec id="s1_1"><title>1.1. Ping Flood Attack</title><p>Ping Flood Attack is one of the oldest known network attacks, and its aim is to saturate the network with ICMP (Internet Control Message Protocol) traffic. ICMP Ping is used to verify the end-to-end internet path operation, where ICMP Echo request packet is sent to the target and an ICMP Echo Reply packet is expected to confirm communication between sender and receiver [<xref ref-type="bibr" rid="scirp.77875-ref6">6</xref>] .</p><p>A router, or a host, uses an ICMP echo request (ping) message to test a destination’s reachability. A computer system that receives an ICMP echo request message will respond to it by sending an ICMP echo reply message back to the sender (<xref ref-type="fig" rid="fig1">Figure 1</xref>). Using this, an ICMP echo request and reply messages together can test the reachability of a computer on a network [<xref ref-type="bibr" rid="scirp.77875-ref13">13</xref>] . The ICMP echo request and reply messages are identified by the value of the type field in the ICMP message format [<xref ref-type="bibr" rid="scirp.77875-ref14">14</xref>] . If the value of type field is equal to 8, it becomes echo request, if the value of type field is equal to 0, it becomes an echo reply [<xref ref-type="bibr" rid="scirp.77875-ref13">13</xref>] .</p><p>These Ping based DDoS attacks are flood of a large number of ping messages</p><p>sent to target are known to be quite damaging to the availability of the web- based services. The Ping attack can exhaust the target server’s bandwidth and computing resources [<xref ref-type="bibr" rid="scirp.77875-ref14">14</xref>] . The victim computer continues receiving a Ping mes- sage that generates an ICMP echo reply message sent to the source address of the Echo Request.</p></sec><sec id="s1_2"><title>1.2. Smurf Attack</title><p>A more sophisticated version of a DDoS attack is commonly known as a SMURF attack. A SMURF attack utilizes massive number of ICMP packets of spoofed source Internet Protocol (IP) addresses targeting the victim server’s IP address</p><fig id="fig1"  position="float"><label><xref ref-type="fig" rid="fig1">Figure 1</xref></label><caption><title> Ping Utility</title></caption><graphic mimetype="image"   position="float"  xlink:type="simple"  xlink:href="http://html.scirp.org/file/9-7800450x2.png"/></fig><p>(<xref ref-type="fig" rid="fig2">Figure 2</xref>). This is achieved by altering the Echo Request sent to the botnet using an IP broadcast address [<xref ref-type="bibr" rid="scirp.77875-ref13">13</xref>] [<xref ref-type="bibr" rid="scirp.77875-ref15">15</xref>] . The larger the Botnet is the faster and the bigger is the flood of Echo reply messages [<xref ref-type="bibr" rid="scirp.77875-ref16">16</xref>] . The increase of traffic reduces the target server’s ability to respond, and can quickly cause a complete denial of service [<xref ref-type="bibr" rid="scirp.77875-ref5">5</xref>] [<xref ref-type="bibr" rid="scirp.77875-ref6">6</xref>] .</p><p>In this attack both the ICMP echo request and ICMP echo reply messages are used. While the perpetrator sends ICMP echo request messages to an unprotected broadcast domain for amplifying the attack, the victim computer actually receives amplified attack traffic that comprises mainly of ICMP echo reply messages. If the broadcast domain has N number of computers, then for each ICMP echo request broadcasted in such a domain will generate N number of ICMP echo reply messages that are sent to the victim’s server, due to the spoofed source address in the ICMP echo request messages [<xref ref-type="bibr" rid="scirp.77875-ref13">13</xref>] .</p></sec></sec><sec id="s2"><title>2. Experimental Set Up</title><p>In this experiment, simulated attack traffic is sent to the victim server from multiple networks (<xref ref-type="fig" rid="fig3">Figure 3</xref>). In the process of evaluating the impact of attack traf-</p><p>fic, we measured the processor utilization, memory utilization and HTTP transactions for different loads of attack traffic ranging from 100 Mbps to 1 Gbps over a gigabit Ethernet link connected to the victim computer [<xref ref-type="bibr" rid="scirp.77875-ref1">1</xref>] [<xref ref-type="bibr" rid="scirp.77875-ref2">2</xref>] .</p><p>The PING and SMURF attacks were simulated using the experimental set up shown in <xref ref-type="fig" rid="fig3">Figure 3</xref>. The victim server is an Apple Mac Pro, Two 2.4 GHz Quad- Core Intel Xeon E5620 “Westmere” processors server, 8 logical processor and 12 GB RAM [<xref ref-type="bibr" rid="scirp.77875-ref17">17</xref>] [<xref ref-type="bibr" rid="scirp.77875-ref18">18</xref>] . As mentioned earlier, Windows Server 2012 R2 Standard Operating System and Apple server platform to Mac OS X SERVER LION 10.7.5 (11G63) have been installed in the victim server. We compared the performance of two servers in terms of their ability to handle legitimate HTTP connections in</p><fig id="fig2"  position="float"><label><xref ref-type="fig" rid="fig2">Figure 2</xref></label><caption><title> SMURF Attack</title></caption><graphic mimetype="image"   position="float"  xlink:type="simple"  xlink:href="http://html.scirp.org/file/9-7800450x3.png"/></fig><fig id="fig3"  position="float"><label><xref ref-type="fig" rid="fig3">Figure 3</xref></label><caption><title> Experimental Set Up</title></caption><graphic mimetype="image"   position="float"  xlink:type="simple"  xlink:href="http://html.scirp.org/file/9-7800450x4.png"/></fig><p>the presence of different ICMP based attack traffic. In these experiments, the only protection mechanism that was active on the server platform was default firewall in both operating systems.</p></sec><sec id="s3"><title>3. Performance Evaluation</title><p>We test Apple server with Windows OS and Mac OS in four scenarios under Ping and Smurf attack. Four evaluation scenarios are given below:</p><p>1) Ping attack on Windows Server OS on Apple server platform.</p><p>2) Ping attack on Mac OS on Apple server platform.</p><p>3) Smurf attack on Windows Server OS on Apple server platform.</p><p>4) Ping attack on Mac OS on Apple server platform.</p><sec id="s3_1"><title>3.1. Ping Attack on Windows Server OS on Apple Server Platform</title><p>In this scenario-1, we used the Windows Server OS on the Apple’s server hardware platform. In order to analyze the effectiveness of an attack on the server, we found the maximum number of HTTP connections that can be establish on the server without the presence of attack traffic (baseline performance), and then this results were compared with the results obtained in presence of the attack traffic.</p><p>In the beginning, the legitimate HTTP connections were established with the server in the absence of attack traffic, and then the simulated attack traffic was introduced in the network and intensity was measured. In order to evaluate the impact of the ICMP based attack traffic, the number of HTTP connections that the server could handle was recorded for various amount of attack traffic ranging from 100 Mbps to 1 Gbps.</p><p>The baseline performance of the server with no attack traffic was measured to be 6000 HTTP connections per second. After baseline HTTP connections were established, simulated attack traffic was introduced in the range of 100 Mbps to 1 Gbps to the network. Traffic intensity was measured in the steps of 100 Mbps.</p><p>When the PING attack traffic was introduced as shown in <xref ref-type="fig" rid="fig4">Figure 4</xref>, the baseline performance of 6000 HTTP connections of the Windows server was maintained up to 600 Mbps of PING attack traffic. However, as the PING flood was increased beyond 600 Mbps, the server’s baseline performance was found to decline. When the attack traffic reached 700 Mbps, the number of HTTP connections declined to 4950 HTTP connections. At 800 Mbps of attack traffic the legitimate connections declined to 350 only. Finally at higher PING flood intensity greater than 800 Mbps, no legitimate connections could be established with the server (<xref ref-type="fig" rid="fig4">Figure 4</xref>).</p></sec><sec id="s3_2"><title>3.2. Ping Attack on Mac OS on Apple Server Platform</title><p>For this scenario-2, we used the Apple’s native MAC OS for the same Apple’s server hardware platform. Comparatively, the Mac OS results were found to be different from that of Windows Server 2012 R2 for the same hardware platform. Baseline performance could be maintained till 500 Mbps of the PING flood. A significant decline in the number of legitimate connections was found at 600 Mbps supporting only 50 legitimate connections under Ping attack (<xref ref-type="fig" rid="fig5">Figure 5</xref>). This kind of significant decline in the legitimate connections was found to be at 800 Mbps for Windows Server 2012 R2 OS on Apple’s hardware server platform. Inferring from the performance data, it showed that the Microsoft’s Windows Server 2012 R2 was performing better than Apple’s Mac OS on its native Apple</p><fig id="fig4"  position="float"><label><xref ref-type="fig" rid="fig4">Figure 4</xref></label><caption><title> HTTP Connection Establishment under PING attack (scenario-1: Windows Server 2012 R2 on Apple server platform)</title></caption><graphic mimetype="image"   position="float"  xlink:type="simple"  xlink:href="http://html.scirp.org/file/9-7800450x5.png"/></fig><fig id="fig5"  position="float"><label><xref ref-type="fig" rid="fig5">Figure 5</xref></label><caption><title> HTTP Transactions under PING flood attack (scenario-2: Mac Server OS on Apple’s hardware server platform)</title></caption><graphic mimetype="image"   position="float"  xlink:type="simple"  xlink:href="http://html.scirp.org/file/9-7800450x6.png"/></fig><fig id="fig6"  position="float"><label><xref ref-type="fig" rid="fig6">Figure 6</xref></label><caption><title> Legitimate connections under SMURF attack (scenario-3: Windows Server 2012 R2 on Apple server platform)</title></caption><graphic mimetype="image"   position="float"  xlink:type="simple"  xlink:href="http://html.scirp.org/file/9-7800450x7.png"/></fig><p>server hardware platform under Ping flood attack.</p><p>PING flood attack in the scenarios 1 &amp; 2 above was based on the ICMP Echo request protocol. A very similar protocol, namely the ICMP Echo reply protocol</p><p>is used in the Smurf security attack. In next two scenarios, Smurf based security attack was used to evaluate performance of two different server systems from Microsoft Inc and Apple Inc.</p></sec><sec id="s3_3"><title>3.3. Smurf Attack on Windows OS on Apple Server Platform</title><p>In scenario-3, the Smurf flood attack was used to evaluate Windows Server OS 2012 R2 on the same server hardware platform from Apple Inc. A drastic change was observed in Microsoft’s Windows server performance under the Smurf flood attack compared to its previous performance under PING flood attack. In this scenario, the baseline server performance of the number of legitimate connections fell sharply as the Smurf attack traffic increased beyond 100 Mbps. All legitimate client connections were lost at 150 Mbps of Smurf attack traffic, which is a relatively low attack bandwidth compared to 1000 Mbps or 1 Gbps being common these days. No legitimate client connections could be established with the Microsoft’s server OS running on the same hardware platform from Apple Inc. (<xref ref-type="fig" rid="fig6">Figure 6</xref>) for Smurf traffic higher than 150 Mbps.</p><p>This seemed quite unusual in the beginning knowing the fact that the server hardware deployed 8 core processors but the whole server system became unresponsive under relatively small volume of Smurf attack traffic of 150 Mbps. Further analysis of the core utilization showed that one of the core maxed out and other cores didn’t share the excess load of the Smurf flood. It was not clear if it was due to the inability of the Window’s server OS in handling the Smurf flood or was it due to the inability of the Apple’s hardware platform in sharing the excess load.</p><p>In one of the literatures issued by Apple Inc [<xref ref-type="bibr" rid="scirp.77875-ref19">19</xref>] , Apple gave a statement saying “It’s not possible to split a single thread across multiple cores, although a single core may run multiple threads at the same time. This is one reason that you may sometimes see uneven load distributions across the available cores on your computer”.</p></sec><sec id="s3_4"><title>3.4. Smurf Attack on Mac OS on Apple Server Platform</title><p>In this scenario-4, we used native Mac OS on the same Apple’s server hardware platform. A Smurf attack on Mac OS produced relatively improved resilience of the server compared to the crashing of Windows Server 2012 R2 at 150 Mbps of the smurf attack load. Compared with Windows OS, Mac OS was able to sustain the Smurf attack till 300 Mbps by supporting the baseline performance. When the attack traffic increased, the number of legitimate connections started declining, and all legitimated connections were completely lost after the attack traffic increased beyond 500 Mbps (<xref ref-type="fig" rid="fig7">Figure 7</xref>).</p></sec></sec><sec id="s4"><title>4. Compairing Performance</title><p>It is important to compare the performance of different servers under different types of ICMP attacks to obtain a better picture of protection provided by these leading server platforms. Comparative performance is shown in <xref ref-type="fig" rid="fig8">Figure 8</xref> for two server OS under two different types of ICMP based attacks.</p><p>Under Ping attack, the Microsoft’s Windows Server OS 2012 R2 on Apple’s server hardware performs better than Mac LION OS on its own native Apple server hardware. It is found that for the Microsoft’s Windows OS, the number of legitimate connections start declining from its baseline of 6000 connections for attack traffic higher than 600 Mbps. However, for Mac OS on the same Mac</p><p>hardware platform, the number of legitimate connections starts declining from its baseline of 6000 connections when the Ping flood intensity exceeds 300 Mbps.</p><p>Under Smurf attacks, the Microsoft’s Windows server OS on MAC hardware platform is found to crash at relatively low Smurf attack intensity of 150 Mbps. However, under the Smurf attack, the Apple’s MAC LION OS performs much</p><p>better on the same Apple’s Mac Pro hardware platform. The MAC OS lost all legitimate connections but at much higher attack traffic i.e. 600 Mbps. comparatively, under Smurf attack traffic, Mac OS on Apple’s server hardware platform shows higher survivability compared to that for Windows Server OS 2012 R2 on</p><fig id="fig7"  position="float"><label><xref ref-type="fig" rid="fig7">Figure 7</xref></label><caption><title> HTTP Transactions under SMURF attack (Scenario 4: Mac Server OS on Apple server platform)</title></caption><graphic mimetype="image"   position="float"  xlink:type="simple"  xlink:href="http://html.scirp.org/file/9-7800450x8.png"/></fig><fig id="fig8"  position="float"><label><xref ref-type="fig" rid="fig8">Figure 8</xref></label><caption><title> Comparison of legitimate HTTP Connections supported by different configurations</title></caption><graphic mimetype="image"   position="float"  xlink:type="simple"  xlink:href="http://html.scirp.org/file/9-7800450x9.png"/></fig><p>Apple’s server hardware platform.</p></sec><sec id="s5"><title>5. Conclusion</title><p>It is observed that different server operating systems perform differently under different types of ICMP based flood attacks. Windows Server 2012 R2 is one of the most popular server used today, hence even though Apple server platform has its own operating system, it is common to use Windows Server 2012 R2 operating system on Apple Server hardware platform. It is shown in this paper, the Microsoft’s Windows Server OS performed better in term of survivability (num- ber of legitimate connections supported under attack) when compared with that of Apple’s Server OS under Ping based ICMP attack traffic. However, under Smurf based ICMP attack, the Window’s Server OS crashed at a relatively low Smurf traffic of 150 Mbps. For the same Smurf attack the Apple’s Server OS survived under the same scenario of 150 Mbps. However, it also dropped all legitimate connections rather at higher Smurf traffic intensity. The results presented in this paper show that the built-in protection mechanism of Windows Server 2012 R2 is not effective on its own against a SMURF flood attack. We conclude that both server OS need to deploy more efficient protection mechanisms especially against ICMP based Cyber attacks without depending on external security devices.</p></sec><sec id="s6"><title>Acknowledgements</title><p>My sincere thanks to Arturo Gomez and Ronald Palomares for reviewing this paper. The support for this research is providing in part by the US National Science Foundation under Grant No. 0421585 and Houston Endowment Chair in Science, Math and Technology Fellowship.</p></sec><sec id="s7"><title>Cite this paper</title><p>Gunnam, G.R. and Kumar, S. (2017) Do ICMP Security Attacks Have Same Impact on Servers? Journal of Information Security, 8, 274-283. https://doi.org/10.4236/jis.2017.83018</p></sec></body><back><ref-list><title>References</title><ref id="scirp.77875-ref1"><label>1</label><mixed-citation publication-type="other" xlink:type="simple">Kumar, S. and Gade, R. (2015) Windows 2008 vs. Windows 2003: Evaluation of Microsoft’s Windows Servers under Cyber Attacks. Journal of Information Security.</mixed-citation></ref><ref id="scirp.77875-ref2"><label>2</label><mixed-citation publication-type="other" xlink:type="simple">Kumar, S., Valdez, R. and Gomez, O. (2006) Survivability Evaluation of Wireless Sensor Networks under DDoS Attack. International Conference on Networking.  
https://doi.org/10.1109/ICNICONSMCL.2006.205</mixed-citation></ref><ref id="scirp.77875-ref3"><label>3</label><mixed-citation publication-type="other" xlink:type="simple">Kumar, S. (2005) Impact of Distributed Denial of Service (DDoS) Attack Due to ARP-Storm. The Lecture Notes in Computer Science-Book Series-LNCS-3421-Networking-ICN 2005, Part-II, Vol. 3421, 997-1002.  
https://doi.org/10.1007/978-3-540-31957-3_113</mixed-citation></ref><ref id="scirp.77875-ref4"><label>4</label><mixed-citation publication-type="other" xlink:type="simple">Kumar, S. and Sekhar, R. (2011) Experimental Evaluation of Juniper Network’s Netscreen-5GT Security Device against Layer4 Flood Attacks. Journal of Information Security, 2, 50-58. https://doi.org/10.4236/jis.2011.21005</mixed-citation></ref><ref id="scirp.77875-ref5"><label>5</label><mixed-citation publication-type="other" xlink:type="simple">Vellalacheruvu, H.K. and Kumar, S. (2011) Effectiveness of Built-In Security Protection of Microsoft’s Windows Server 2003 against TCP SYN Based DDoS Attacks. Journal of Information Security, 2, 131-138. https://doi.org/10.4236/jis.2011.23013</mixed-citation></ref><ref id="scirp.77875-ref6"><label>6</label><mixed-citation publication-type="other" xlink:type="simple">Gade, R.S.R., Vellalacheruvu, H. and Kumar, S. (2010) Performance of Windows XP, Windows Vista and Apple’s Leopard Systems under a DDoS Attack. International Conference on Digital Society (ICDS’10).</mixed-citation></ref><ref id="scirp.77875-ref7"><label>7</label><mixed-citation publication-type="other" xlink:type="simple">Surisetty, S. and Kumar, S. (2012) Microsoft’s Windows7 vs. Apple’s Snow Leopard: An Experimental Evaluation of Resilience against Distributed Denial of Service (DDoS) Attacks. IEEE Security and Privacy, 10, 60-64.</mixed-citation></ref><ref id="scirp.77875-ref8"><label>8</label><mixed-citation publication-type="other" xlink:type="simple">Baez Jr., R. and Kumar, S. (2014) Apple’s Lion vs. Microsoft’s Windows 7: Comparing Built-In Protection against ICMP Flood Attacks. Journal of Information Security, 5, 123-135. https://doi.org/10.4236/jis.2014.53012</mixed-citation></ref><ref id="scirp.77875-ref9"><label>9</label><mixed-citation publication-type="other" xlink:type="simple">Sundar, K. and Kumar, S. (2016) BlueScreen of Death Observed for the Microsoft’s Server 2012 R2 under Denial of Service Attacks. Journal of Information Security, 7, 225-231. https://doi.org/10.4236/jis.2016.74018</mixed-citation></ref><ref id="scirp.77875-ref10"><label>10</label><mixed-citation publication-type="other" xlink:type="simple">Surisetty, S. and Kumar, S. (2010) Is Apple’s iMac Leopard Operating System Secure under ARP-Based Flooding Attacks? Second International Conference on Internet Monitoring and Protection (ICIMP 2010). https://doi.org/10.1109/ICIMP.2010.30</mixed-citation></ref><ref id="scirp.77875-ref11"><label>11</label><mixed-citation publication-type="other" xlink:type="simple">Kumar, S. and Surishetty, S. (2011) Apple’s Leopard versus Microsoft’s Windows XP: Experimental Evaluation of Apple’s Leopard Operating System with Windows XP-SP2 under Distributed Denial of Service Security Attacks. Information Security Journal: A Global Perspective, 20, 163-172.</mixed-citation></ref><ref id="scirp.77875-ref12"><label>12</label><mixed-citation publication-type="other" xlink:type="simple">Aishwarya, R. and Malliga, S. (2014) Intrusion Detection System—An Efficient Way to Thwart against Dos/DDoS Attack in the Cloud Environment. International Conference on Recent Trends in Information Technology, Chennai, 10-12 April 2014, 1-6.</mixed-citation></ref><ref id="scirp.77875-ref13"><label>13</label><mixed-citation publication-type="other" xlink:type="simple">Kumar, S. (2007) Smurf-Based Distributed Denial of Service (DDoS) Attack Amplification in Internet. 2nd International Conference on Internet Monitoring and Protection (ICIMP), San Jose, 1-5 July 2007, 25.</mixed-citation></ref><ref id="scirp.77875-ref14"><label>14</label><mixed-citation publication-type="journal" xlink:type="simple"><name name-style="western"><surname>Kumar</surname><given-names> S. </given-names></name>,<etal>et al</etal>. (<year>2006</year>)<article-title>PING Attack—How Bad Is It</article-title><source> Computers &amp; Security</source><volume> 25</volume>,<fpage> 332</fpage>-<lpage>337</lpage>.<pub-id pub-id-type="doi"></pub-id></mixed-citation></ref><ref id="scirp.77875-ref15"><label>15</label><mixed-citation publication-type="other" xlink:type="simple">Smurf Attack. http://en.wikipedia.org/wiki/Smurf_attack</mixed-citation></ref><ref id="scirp.77875-ref16"><label>16</label><mixed-citation publication-type="other" xlink:type="simple">Ferguson, P. and Senie, D. (2000) Network Ingress Filtering: Defeating Denial of Service Attacks Which Employ IP Source Address Spoofing. RFC 2827, BCP 38.</mixed-citation></ref><ref id="scirp.77875-ref17"><label>17</label><mixed-citation publication-type="other" xlink:type="simple">Mac Pro (2010) Technical Specifications.  
http://support.apple.com/kb/SP589?locale=en_US</mixed-citation></ref><ref id="scirp.77875-ref18"><label>18</label><mixed-citation publication-type="other" xlink:type="simple">Solid-State Drive Replacement Instructions for Mac Pro.  
http://manuals.info.apple.com/MANUALS/1000/MA1548/en_US/Mac_Pro_SSD_DIY.pdf</mixed-citation></ref><ref id="scirp.77875-ref19"><label>19</label><mixed-citation publication-type="other" xlink:type="simple">Apple Statement on Core Distribution. http://support.apple.com/en-us/HT201838</mixed-citation></ref></ref-list></back></article>