Abstract

Alyssa Hacker subverts tens of thousands of machines by using a worm and then uses these zombies to mount a distributed denial of service attack on a Web server. Alyssa’s zombies do not launch a SYN flood or issue dummy packets that will only congest the Web server’s access link. Instead, the zombies fetch files or query search engine databases at the Web server. From the Web server’s perspective, these zombie requests look exactly like legitimate requests, so the server ends up spending a lot of its time serving the zombies, causing legitimate users to be denied service.