Cybersecurity: Denial of Service Attack

OVERVIEW

Activity Overview:

In this fun lesson plan, students will model one type of attack (a denial-of-service attack) and figure out how to protect the network against it (no computer programming required)!

Meta description

• Grade Level : 9-12
• Subject Area: Computer Science
• Cybersecurity Concept:
  • Availability
• Computer Science Domains:
  • Computing Systems, Networks and The Internet
• Computer Science Principles:
  • Fostering an Inclusive Computing Culture, Recognizing and Defining Computational Problems
• Materials:
  • None
• Considerations:
  • None

Lesson Plan

Overview

In this fun lesson plan, students will model one type of attack (a denial-of-service attack) and figure out how to protect the network against it (no computer programming required)!

PRE/POST-TEST

https://www.sciencebuddies.org/teacher-resources/lesson-plans/worksheet-cybersecurity-denial.pdf

OBJECTIVES

1. Execute a denial-of-service attack on a model of a computer network.
2. Determine quantitative metrics that can measure the impact of a denial-of-service attack.
3. Design and test a solution to prevent a denial-of-service attack on a model of a computer network.

CATCH/HOOK

Have you ever felt frustrated at being unable to access a favorite website or online game? Did you realize the site might have been a victim of a cyber-attack? If you aren’t careful about online security, your computer could even be used to launch an attack!

ACTIVITY INSTRUCTIONS

Cybersecurity Lesson Plan for High School Students Objective: To introduce high school students to cybersecurity and help them understand the threats and strategies for protecting against cyber-attacks. Materials Needed: • Copies of the uploaded material (provided) • Colored cards to represent requests • Timer Activity: 1. Introduce the concept of cybersecurity and the different types of cyber-attacks, such as the Denial of Service (DoS) attack. 2. Divide the class into 9-12 groups of students, assigning each group one of the roles listed in the uploaded material (clients, Internet, server, guard, and attacker). 3. Have each student in the client group write a request on a colored card and pass it to the Internet group. 4. The Internet group will then pass the requests to the server. 5. The server will process each request as it arrives. 6. The guard will observe the process and act as a firewall if necessary. 7. The attacker will attempt to launch a DoS attack by sending multiple requests to the server. 8. The other students should try to detect and protect against the attack. 9. After the activity, discuss the different strategies to protect against the attack.

REVIEW

In this activity, the attack was launched from one single client. The teacher will explain that sometimes, hackers use a network of devices or a botnet to launch a denial-of-service attack. This type of attack is called a distributed denial-of-service (DDoS) attack. The attackers do not necessarily own the devices from which they launch the attack. They maliciously gain a certain amount of control over devices connected to the Internet and use them to launch the attack. Who would ever allow someone to use their device to launch a distributed denial-of-service attack from their machine? The sad truth is that you might not know your computer, phone, or other Internet-connected device is being used!

STANDARDS

MS-ETS1-3 MS-ETS1-4 FL CS.T MS-ETS1-3. Analyze data from tests to determine similarities and differences among several design solutions to identify the best characteristics of each that can be combined into a new solution to better meet the criteria for success. MS-ETS1-4. Develop a model to generate data for iterative testing and modification of a proposed object, tool, or process such that an optimal design can be achieved.