Universal DDoS Mitigation Bypass. DDoS Mitigation Lab
|
|
- Kelly Lawrence
- 8 years ago
- Views:
Transcription
1 Universal DDoS Mitigation Bypass DDoS Mitigation Lab
2 About Us Industry body formed to foster synergy among stakeholders to promote advancement in DDoS defense knowledge. DDoS Mitigation Lab Independent academic R&D division of Nexusguard building next generation DDoS mitigation knowledge and collaborate with the defense community.
3 Outline DDoS Attack Categories DDoS Detection and Mitigation Techniques How they work? How to bypass / take advantage? DDoS Mitigation Bypass How to use our PoC tool? PoC tool capability Next-Generation Mitigation
4 Financial Impact Source: NTT Communications, Successfully Combating DDoS Attacks, Aug 2012
5 Volumetric Attacks Packet-Rate-Based Bit-Rate-Based
6 Semantic Attacks API attacks Hash DoS Apache Killer Teardrop (old textbook example) Slowloris / RUDY SYN Flood (old textbook example) Smurf (old textbook example)
7 Blended Attacks
8 Attack Quadrant xxx Gbps+ Volume xxx Mbps+ Simple Complexity Sophisticated
9 DDoS Mitigations xxx Gbps+ Volume Traffic Policing Black- / Whitelisting Proactive Resource Release xxx Mbps+ Simple Complexity Sophisticated
10 DDoS Mitigation: Traffic Policing Source: Cisco
11 DDoS Mitigation: Proactive Resource Release 3. Detect idle / slow TCP connections RST 2. TCP connection pool starved 4. Close idle / slow TCP connections With RST Example: Slowloris Attack 1. Open lots of TCP connections
12 DDoS Mitigation: Black- / Whitelisting Src: Black List B (dropped) Src: White List = free pass (for awhile / for x amount of volume) Backend
13 DDoS Mitigation: Source Isolation AS AS AS Source:
14 DDoS Solution: Secure CDN Backend 3: return 2: redirect to nearest server End User 1: request 4: bypass distribution, attack backend!
15 DDoS Detection xxx Gbps+ Rate Measurement (SNMP) Baselining (Netflow) Volume Big Data Analysis Protocol Sanity (PCAP) Protocol Behavior (PCAP) Application (SYSLOG) xxx Mbps+ Simple Complexity Sophisticated
16 Rate- / Flow-Based Countermeasures Detection Mitigation
17 Protocol-Based Countermeasures Detection Mitigation
18 Blanket Countermeasures Detection Mitigation Traffic Statistics and Behavior Big Data Analysis Source Host Verification
19 Source Host Verification TCP SYN Auth HTTP Redirect Auth HTTP Cookie Auth JavaScript Auth CAPTCHA Auth
20 PoC Tool
21 PoC Tool Strengths True TCP/IP behavior (RST, resend, etc.) Believable HTTP headers (User-Agent strings, etc.) Embedded JavaScript engine CAPTCHA solving capability Randomized payload Tunable post-authentication traffic model
22 PoC Tool: Authentication Bypass
23 TCP SYN Auth (TCP Reset) SYN SYN ACK ACK RST SYN SYN ACK ACK
24 TCP SYN Auth (TCP Out-of-Sequence) SYN SYN ACK RST SYN SYN ACK ACK
25 HTTP Redirect Auth GET HTTP 302 redir to /index.html /foo/index.html GET /foo/index.html HTTP 302 redir to /index.html GET /index.html
26 HTTP Cookie Auth GET HTTP 302 redir to GET HTTP 302 redir to GET /index.html /index.html /index.html /index.html /index.html
27 HTTP Cookie Auth (Header Token) GET HTTP 302 redir to [X-Header: foo=bar] GET HTTP 302 redir to [X-Header: foo=bar] [X-Header: foo=bar] GET GET /index.html [X-Header: foo=bar] /index.html /index.html [X-Header: foo=bar] /index.html /index.html /index.html
28 JavaScript Auth GET /index.html JS 7+nine=? ans=16 POST /auth.php HTTP 302 redir to /index.html GET /index.html
29 CAPTCHA Auth GET /index.html POST /auth.php HTTP 302 redir to /index.html GET /index.html
30 CAPTCHA Pwnage
31 PoC Tool: TCP Traffic Model
32 TCP Traffic Model Connection Hold Time Before 1 st Request Connection Idle Timeout After Last Request Number of Connections TCP Connection TCP Connection TCP Connection Connections Interval Connections Interval
33 PoC Tool: HTTP Traffic Model
34 HTTP Traffic Model TCP Connection Number of Requests per Connection HTTP Connection HTTP Connection HTTP Connection HTTP Connection Requests Interval Requests Interval Requests Interval
35 PoC Tool Design 3 tries per authentication attempt (in practice more likely to success) True TCP/IP behavior thru use of OS TCP/IP stack Auth cookies persist during subsequent dialogues JavaScript execution using embedded JS engine (lack of complete DOM an obstacle to full emulation)
36 CAPTCHA Bypass Design 1. Converted to black-and-white for max contrast 2. 3x3 median filter applied for denoising 3. Word segmentation 4. Boundary recognition 5. Pixel difference computed against character map
37 PoC Tool in Action
38 Testing Environment Against Devices Against Services Measure Attack Traffic Measure Attack Traffic
39 Mitigation Bypass (Protection Products) Auth Bypass Post-Auth Proactive Resource Release Testing results under specific conditions, valid as of Jul 13, 2013
40 Mitigation Bypass (Protection Services) Auth Bypass Post-Auth Proactive Resource Release Testing results under specific conditions, valid as of Jul 13, 2013
41 Next-Generation Mitigation Client Puzzle add cost to individual zombies.
42 Conclusion DDoS is expensive to business Existing DDoS protection insufficient Next-Generation solution should make attack expensive
43 Thank You!
44
DDoS Protecion Total AnnihilationD. DDoS Mitigation Lab
DDoS Protecion Total AnnihilationD A Industry body formed to foster synergy among stakeholders to promote advancement in DDoS defense knowledge. Independent academic R&D division of Nexusguard building
More informationKill 'em All -- DDoS Protection Total Annihilation!
Kill 'em All -- DDoS Protection Total Annihilation! Tony T.N. Miu 1, W.L. Lee 2, Alan K.L. Chung 2, Daniel X.P. Luo 2, Albert K.T. Hui 2, and Judy W.S. Wong 2 1 Nexusguard Limited tony.miu@nexusguard.com
More informationTDC s perspective on DDoS threats
TDC s perspective on DDoS threats DDoS Dagen Stockholm March 2013 Lars Højberg, Technical Security Manager, TDC TDC in Sweden TDC in the Nordics 9 300 employees (2012) Turnover: 26,1 billion DKK (2012)
More informationSeVen: A Selective Defense for Low-Rate Application Layer DDoS Attacks. Vivek Nigam Networking Laboratory Federal University of Paraíba - UFPB
SeVen: A Selective Defense for Low-Rate Application Layer DDoS Attacks Vivek Nigam Networking Laboratory Federal University of Paraíba - UFPB 1 Application-Layer DDoS Attacks Application. Transport Network.
More informationUniversal DDoS Mitigation Bypass
Universal DDoS Mitigation Bypass Tony T.N. Miu 1, Albert K.T. Hui 2, W.L. Lee 2, Daniel X.P. Luo 2, Alan K.L. Chung 2, and Judy W.S. Wong 2 1 Nexusguard Limited tony.miu@nexusguard.com 2 Network Threats
More informationDDoS Black and White Kungfu Revealed (DEF CON 20 Edition)
DDoS Black and White Kungfu Revealed (DEF CON 20 Edition) {Tony Miu (aka MT), Anthony Lai (aka Darkfloyd), Alan Chung (aka Avenir), Kelvin Wong (aka Captain)} Valkyrie-X Security Research Group (VXRL)
More informationAcquia Cloud Edge Protect Powered by CloudFlare
Acquia Cloud Edge Protect Powered by CloudFlare Denial-of-service (DoS) Attacks Are on the Rise and Have Evolved into Complex and Overwhelming Security Challenges TECHNICAL GUIDE TABLE OF CONTENTS Introduction....
More informationDDoS Yesterday, Today and tomorrow. Frank Tse, William Guo Nexusguard
DDoS Yesterday, Today and tomorrow Frank Tse, William Guo Nexusguard Agenda 1 2 3 4 5 DDoS Introduction DDoS Attack Analysis DDoS Detection and Mitigation Fighting DDoS in Mobile Era FAQ Page 2 About us
More informationCloudFlare advanced DDoS protection
CloudFlare advanced DDoS protection Denial-of-service (DoS) attacks are on the rise and have evolved into complex and overwhelming security challenges. 1 888 99 FLARE enterprise@cloudflare.com www.cloudflare.com
More informationVALIDATING DDoS THREAT PROTECTION
VALIDATING DDoS THREAT PROTECTION Ensure your DDoS Solution Works in Real-World Conditions WHITE PAPER Executive Summary This white paper is for security and networking professionals who are looking to
More informationHow To Understand A Network Attack
Network Security Attack and Defense Techniques Anna Sperotto (with material from Ramin Sadre) Design and Analysis of Communication Networks (DACS) University of Twente The Netherlands Attacks! Many different
More informationDenial of Service Attacks
2 Denial of Service Attacks : IT Security Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 13 August 2013 its335y13s2l06, Steve/Courses/2013/s2/its335/lectures/malicious.tex,
More informationStress Testing and Distributed Denial of Service Testing of Network Infrastructures
Faculty of Electrical Engineering and Communication Brno University of Technology Technická 12, CZ-616 00 Brno, Czechia http://www.six.feec.vutbr.cz Stress Testing and Distributed Denial of Service Testing
More informationHow To Protect A Dns Authority Server From A Flood Attack
the Availability Digest @availabilitydig Surviving DNS DDoS Attacks November 2013 DDoS attacks are on the rise. A DDoS attack launches a massive amount of traffic to a website to overwhelm it to the point
More informationHow valuable DDoS mitigation hardware is for Layer 7 Sophisticated attacks
How valuable DDoS mitigation hardware is for Layer 7 Sophisticated attacks Stop DDoS before they stop you! James Braunegg (Micron 21) What Is Distributed Denial of Service A Denial of Service attack (DoS)
More informationFortiDDos Size isn t everything
FortiDDos Size isn t everything Martijn Duijm Director Sales Engineering April - 2015 Copyright Fortinet Inc. All rights reserved. Agenda 1. DDoS In The News 2. Drawing the Demarcation Line - Does One
More informationMitigating Denial of Service Attacks. Why Crossing Fingers is Not a Strategy
Mitigating Denial of Service Attacks Why Crossing Fingers is Not a Strategy Introduction Mark Baldwin - Owner of Tectonic Security MSSP and Security Consulting Primarily Work With SMBs DDoS Mitigation
More informationDDoS Protection Technology White Paper
DDoS Protection Technology White Paper Keywords: DDoS attack, DDoS protection, traffic learning, threshold adjustment, detection and protection Abstract: This white paper describes the classification of
More informationCS 356 Lecture 16 Denial of Service. Spring 2013
CS 356 Lecture 16 Denial of Service Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists Chapter
More informationV-ISA Reputation Mechanism, Enabling Precise Defense against New DDoS Attacks
Enabling Precise Defense against New DDoS Attacks 1 Key Points: DDoS attacks are more prone to targeting the application layer. Traditional attack detection and defensive measures fail to defend against
More informationHow To Attack A Website With An Asymmetric Attack
DEFENDING AGAINST LOW-BANDWIDTH, ASYMMETRIC DENIAL-OF-SERVICE ATTACKS David W. Holmes (@dholmesf5) F5 Networks Session ID: HT-R02 Session Classification: Intermediate AGENDA Introduction Why does this
More informationCheck list for web developers
Check list for web developers Requirement Yes No Remarks 1. Input Validation 1.1) Have you done input validation for all the user inputs using white listing and/or sanitization? 1.2) Does the input validation
More informationCSCE 465 Computer & Network Security
CSCE 465 Computer & Network Security Instructor: Dr. Guofei Gu http://courses.cse.tamu.edu/guofei/csce465/ Vulnerability Analysis 1 Roadmap Why vulnerability analysis? Example: TCP/IP related vulnerabilities
More informationFIREWALLS. Firewall: isolates organization s internal net from larger Internet, allowing some packets to pass, blocking others
FIREWALLS FIREWALLS Firewall: isolates organization s internal net from larger Internet, allowing some packets to pass, blocking others FIREWALLS: WHY Prevent denial of service attacks: SYN flooding: attacker
More informationDenial of Service Attacks, What They are and How to Combat Them
Denial of Service Attacks, What They are and How to Combat Them John P. Pironti, CISSP Genuity, Inc. Principal Enterprise Solutions Architect Principal Security Consultant Version 1.0 November 12, 2001
More informationCarrier/WAN SDN Brocade Flow Optimizer Making SDN Consumable
Brocade Flow Optimizer Making SDN Consumable Business And IT Are Changing Like Never Before Changes in Application Type, Delivery and Consumption Public/Hybrid Cloud SaaS/PaaS Storage Users/ Machines Device
More informationNetwork- vs. Host-based Intrusion Detection
Network- vs. Host-based Intrusion Detection A Guide to Intrusion Detection Technology 6600 Peachtree-Dunwoody Road 300 Embassy Row Atlanta, GA 30348 Tel: 678.443.6000 Toll-free: 800.776.2362 Fax: 678.443.6477
More informationDos & DDoS Attack Signatures (note supplied by Steve Tonkovich of CAPTUS NETWORKS)
Dos & DDoS Attack Signatures (note supplied by Steve Tonkovich of CAPTUS NETWORKS) Signature based IDS systems use these fingerprints to verify that an attack is taking place. The problem with this method
More informationFour Steps to Defeat a DDoS Attack
WHITE PAPER Four Steps to Defeat a DDoS Attack Millions of computers around the world are controlled by cybercriminals. These computers, infected with bot malware, automatically connect to command and
More informationDDoS Protection. How Cisco IT Protects Against Distributed Denial of Service Attacks. A Cisco on Cisco Case Study: Inside Cisco IT
DDoS Protection How Cisco IT Protects Against Distributed Denial of Service Attacks A Cisco on Cisco Case Study: Inside Cisco IT 1 Overview Challenge: Prevent low-bandwidth DDoS attacks coming from a broad
More informationIntroducing FortiDDoS. Mar, 2013
Introducing FortiDDoS Mar, 2013 Introducing FortiDDoS Hardware Accelerated DDoS Defense Intent Based Protection Uses the newest member of the FortiASIC family, FortiASIC-TP TM Rate Based Detection Inline
More informationHow To Find Out What Is Causing A Dos On A Web Server
TECHNICAL WHITE PAPER Web Application DoS/DDoS Testing Methodology Gunter Ollman Chief Technology Officer IOActive, Inc. Abstract As the goals and motivations of attackers have evolved, so too have their
More informationFour Steps to Defeat a DDoS Attack
hite Paper Four Steps to Defeat a DDoS Attack Millions of computers around the world are controlled by cybercriminals. These computers, infected with bot malware, automatically connect to command and control
More informationSecurity: Attack and Defense
Security: Attack and Defense Aaron Hertz Carnegie Mellon University Outline! Breaking into hosts! DOS Attacks! Firewalls and other tools 15-441 Computer Networks Spring 2003 Breaking Into Hosts! Guessing
More informationNetwork Security. 1 Pass the course => Pass Written exam week 11 Pass Labs
Network Security Ola Lundh ola.lundh@hh.se Schedule/ time-table: landris.hh.se/ (NetwoSec) Course home-page: hh.se/english/ide/education/student/coursewebp ages/networksecurity cisco.netacad.net Packet
More informationDenial of Service Attacks and Countermeasures. Extreme Networks, Inc. All rights reserved. ExtremeXOS Implementing Advanced Security (EIAS)
Denial of Service Attacks and Countermeasures Extreme Networks, Inc. All rights reserved. ExtremeXOS Implementing Advanced Security (EIAS) Student Objectives Upon successful completion of this module,
More informationDoS/DDoS Attacks and Protection on VoIP/UC
DoS/DDoS Attacks and Protection on VoIP/UC Presented by: Sipera Systems Agenda What are DoS and DDoS Attacks? VoIP/UC is different Impact of DoS attacks on VoIP Protection techniques 2 UC Security Requirements
More informationMcAfee Network Security Platform [formerly IntruShield] Denial-of-Service [DoS] Prevention Techniques Revision C Revised on: 18-December-2013
McAfee [formerly IntruShield] Denial-of-Service [DoS] Prevention Techniques Revision C Revised on: 18-December-2013 2 Contents 1. Overview...4 2. Types of DoS/DDoS Attacks...4 2.1. Volume-based DoS attacks...5
More informationDDoS Attacks - Peeling the Onion on One of the Most Sophisticated Ever Seen. Eldad Chai, VP Product
DDoS Attacks - Peeling the Onion on One of the Most Sophisticated Ever Seen Eldad Chai, VP Product Incapsula Application Delivery from the Cloud 2 DDoS 101 ISP Network Devices Web servers Applications
More informationAnalyzed compe.tors Cisco RadWare Top Layer RioRey IntruGuard. January 2009. Cristian Velciov. ceo@andrisoft.com (+40) 721 250246
Analyzed compe.tors Cisco RadWare Top Layer RioRey IntruGuard January 2009 Cristian Velciov ceo@andrisoft.com (+40) 721 250246 Andrisoft Solution WANGuard Platform is an enterprise-grade Linux-based software
More informationSecurity vulnerabilities in the Internet and possible solutions
Security vulnerabilities in the Internet and possible solutions 1. Introduction The foundation of today's Internet is the TCP/IP protocol suite. Since the time when these specifications were finished in
More informationChapter 8 Network Security
[Computer networking, 5 th ed., Kurose] Chapter 8 8.1 What is network security? 8.2 Principles of cryptography 8.3 Message integrity 84Securing 8.4 e-mail 8.5 Securing TCP connections: SSL 8.6 Network
More informationCS5008: Internet Computing
CS5008: Internet Computing Lecture 22: Internet Security A. O Riordan, 2009, latest revision 2015 Internet Security When a computer connects to the Internet and begins communicating with others, it is
More informationCS 640 Introduction to Computer Networks. Network security (continued) Key Distribution a first step. Lecture24
Introduction to Computer Networks Lecture24 Network security (continued) Key distribution Secure Shell Overview Authentication Practical issues Firewalls Denial of Service Attacks Definition Examples Key
More informationHARPP DDoS Mitigator Appliances and DDoS CERT
www.harppddos.com HARPP DDoS Mitigator Appliances and DDoS CERT provide cyber warfare intelligence with its best-of-breed DDI (Deep DDoS Inspection) technology for full protection of your network, web
More informationIntroduction about DDoS. Security Functional Requirements
S W G IT P Security Functional Requirements for Anti-DDoS Products Jun Woo Park (junusee@tta.or.kr) TTA, Korea Global Leader of ICT Standardization & Certification Ⅰ Introduction about DDoS Ⅱ Security
More informationDenial of Service Attacks. Notes derived from Michael R. Grimaila s originals
Denial of Service Attacks Notes derived from Michael R. Grimaila s originals Denial Of Service The goal of a denial of service attack is to deny legitimate users access to a particular resource. An incident
More informationEnterprise Data Center Topology
CHAPTER 2 This chapter provides a detailed description on how to harden and modify enterprise data center topologies for data center security. It includes the following sections: Overview Network Design
More informationA Primer for Distributed Denial of Service (DDoS) Attacks
A Primer for Distributed Denial of Service (DDoS) Attacks Hemant Jain, VP of Engineering Sichao Wang, Director of Product Management April 2012, Fortinet, Inc A Primer for Distributed Denial of Service
More informationGeneral Network Security
4 CHAPTER FOUR General Network Security Objectives This chapter covers the following Cisco-specific objectives for the Identify security threats to a network and describe general methods to mitigate those
More informationChapter 8 Security Pt 2
Chapter 8 Security Pt 2 IC322 Fall 2014 Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 All material copyright 1996-2012 J.F Kurose and K.W. Ross,
More informationRadware s Attack Mitigation Solution On-line Business Protection
Radware s Attack Mitigation Solution On-line Business Protection Table of Contents Attack Mitigation Layers of Defense... 3 Network-Based DDoS Protections... 3 Application Based DoS/DDoS Protection...
More informationAutomated Mitigation of the Largest and Smartest DDoS Attacks
Datasheet Protection Automated Mitigation of the Largest and Smartest Attacks Incapsula secures websites against the largest and smartest types of attacks - including network, protocol and application
More informationERT Attack Report. Attacks on Large US Bank During Operation Ababil. March 2013
Attacks on Large US Bank During Operation Ababil March 2013 Table of Contents Executive Summary... 3 Background: Operation Ababil... 3 Servers Enlisted to Launch the Attack... 3 Attack Vectors... 4 Variations
More informationAutomated Mitigation of the Largest and Smartest DDoS Attacks
Datasheet Protection Automated Mitigation of the Largest and Smartest Attacks Incapsula secures websites against the largest and smartest types of attacks - including network, protocol and application
More informationMitigating DDoS Attacks at Layer 7
Mitigating DDoS Attacks at Layer 7 Detect, Localize and Mitigate using DNS GSLB Allan Jude ScaleEngine Inc. Introductions Allan Jude 12 Years as FreeBSD Server Admin Architect of the ScaleEngine CDN (HTTP
More informationA Layperson s Guide To DoS Attacks
A Layperson s Guide To DoS Attacks A Rackspace Whitepaper A Layperson s Guide to DoS Attacks Cover Table of Contents 1. Introduction 2 2. Background on DoS and DDoS Attacks 3 3. Types of DoS Attacks 4
More informationMONITORING OF TRAFFIC OVER THE VICTIM UNDER TCP SYN FLOOD IN A LAN
MONITORING OF TRAFFIC OVER THE VICTIM UNDER TCP SYN FLOOD IN A LAN Kanika 1, Renuka Goyal 2, Gurmeet Kaur 3 1 M.Tech Scholar, Computer Science and Technology, Central University of Punjab, Punjab, India
More informationDDoS Attacks & Mitigation
DDoS Attacks & Mitigation Sang Young Security Consultant ws.young@stshk.com 1 DoS Attack DoS & DDoS an attack render a target unusable by legitimate users DDoS Attack launch the DoS attacks from various
More informationComplete Protection against Evolving DDoS Threats
Complete Protection against Evolving DDoS Threats AhnLab, Inc. Table of Contents Introduction... 2 The Evolution of DDoS Attacks... 2 Typical Protection against DDoS Attacks... 3 Firewalls... 3 Intrusion
More informationGame-based Analysis of Denial-of- Service Prevention Protocols. Ajay Mahimkar Class Project: CS 395T
Game-based Analysis of Denial-of- Service Prevention Protocols Ajay Mahimkar Class Project: CS 395T Overview Introduction to DDoS Attacks Current DDoS Defense Strategies Client Puzzle Protocols for DoS
More informationHow To Classify A Dnet Attack
Analysis of Computer Network Attacks Nenad Stojanovski 1, Marjan Gusev 2 1 Bul. AVNOJ 88-1/6, 1000 Skopje, Macedonia Nenad.stojanovski@gmail.com 2 Faculty of Natural Sciences and Mathematics, Ss. Cyril
More informationDenial Of Service. Types of attacks
Denial Of Service The goal of a denial of service attack is to deny legitimate users access to a particular resource. An incident is considered an attack if a malicious user intentionally disrupts service
More informationHow To Block A Ddos Attack On A Network With A Firewall
A Prolexic White Paper Firewalls: Limitations When Applied to DDoS Protection Introduction Firewalls are often used to restrict certain protocols during normal network situations and when Distributed Denial
More informationCriteria for web application security check. Version 2015.1
Criteria for web application security check Version 2015.1 i Content Introduction... iii ISC- P- 001 ISC- P- 001.1 ISC- P- 001.2 ISC- P- 001.3 ISC- P- 001.4 ISC- P- 001.5 ISC- P- 001.6 ISC- P- 001.7 ISC-
More informationand 26th november 2016
DDoS WHERE'S THE THREAT? and WHAT CAN YOU DO? 26th november 2016 Pieter Hanssens pieter.hanssens(at)belnet.be Thomas Eugène thomas.eugene(at)cert.be Presentation based on Whitepaper DDoS: Proactive and
More informationSECURING APACHE : DOS & DDOS ATTACKS - II
SECURING APACHE : DOS & DDOS ATTACKS - II How DDoS attacks are performed A DDoS attack has to be carefully prepared by the attackers. They first recruit the zombie army, by looking for vulnerable machines,
More informationDefending Against Application-Based DDoS Attacks with the Barracuda Web Application Firewall. White Paper
Defending Against Application-Based DDoS Attacks with the Barracuda Web Application Firewall White Paper Executive Summary In the past, DDoS attacks were largely volume-based with the intent to overwhelm
More informationDDoS Protection on the Security Gateway
DDoS Protection on the Security Gateway Best Practices 24 August 2014 Protected 2014 Check Point Software Technologies Ltd. All rights reserved. This product and related documentation are protected by
More informationCheap and efficient anti-ddos solution
Cheap and efficient anti-ddos solution Who am I? Alexei Cioban Experience in IT 13 years CEO & Founder IT-LAB 7 years IT trainings 5 years 2 About company Year of foundation - 2007 12 employees www.it-lab.md
More informationDDoS attacks on electronic payment systems. Sean Rijs and Joris Claassen Supervisor: Stefan Dusée
DDoS attacks on electronic payment systems Sean Rijs and Joris Claassen Supervisor: Stefan Dusée Scope High volume DDoS attacks Electronic payment systems Low bandwidth requirements: 5 from account X to
More informationAttack and Defense Techniques
Network Security Attack and Defense Techniques Anna Sperotto, Ramin Sadre Design and Analysis of Communication Networks (DACS) University of Twente The Netherlands Attack Taxonomy Many different kind of
More informationH...t...t...p...p...o...s...t. OWASP AppSec DC 2010. The OWASP Foundation http://www.owasp.org. Wong Onn Chee OWASP Singapore Lead ocwong@usa.
H...t...t...p...p...o...s...t Wong Onn Chee OWASP Singapore Lead ocwong@usa.net OWASP AppSec DC 2010 11 Nov 2010 Tom Brennan OWASP Foundation tomb@owasp.org Copyright The OWASP Foundation Permission is
More informationAre you safe from DDoS attacks?
www.harppddos.com HARPP DDoS Mitigator Appliances and DDoS CERT The HARPP DDoS Mitigator s unique DDI (Deep DDoS Inspection) and AVS (Attack Visualization System) provide unparalleled protection of your
More informationSurviving DNS DDoS Attacks. Introducing self-protecting servers
Introducing self-protecting servers Background The current DNS environment is subject to a variety of distributed denial of service (DDoS) attacks, including reflected floods, amplification attacks, TCP
More informationQuality Certificate for Kaspersky DDoS Prevention Software
Quality Certificate for Kaspersky DDoS Prevention Software Quality Certificate for Kaspersky DDoS Prevention Software Table of Contents Definitions 3 1. Conditions of software operability 4 2. General
More information1. Introduction. 2. DoS/DDoS. MilsVPN DoS/DDoS and ISP. 2.1 What is DoS/DDoS? 2.2 What is SYN Flooding?
Page 1 of 5 1. Introduction The present document explains about common attack scenarios to computer networks and describes with some examples the following features of the MilsGates: Protection against
More informationDDoS Vulnerability Analysis of Bittorrent Protocol
DDoS Vulnerability Analysis of Bittorrent Protocol Ka Cheung Sia kcsia@cs.ucla.edu Abstract Bittorrent (BT) traffic had been reported to contribute to 3% of the Internet traffic nowadays and the number
More informationCisco Network Foundation Protection Overview
Cisco Network Foundation Protection Overview June 2005 1 Security is about the ability to control the risk incurred from an interconnected global network. Cisco NFP provides the tools, technologies, and
More informationRID-DoS: Real-time Inter-network Defense Against Denial of Service Attacks. Kathleen M. Moriarty. MIT Lincoln Laboratory.
: Real-time Inter-network Defense Against Denial of Service Attacks Kathleen M. Moriarty 22 October 2002 This work was sponsored by the Air Force Contract number F19628-00-C-002. Opinions, interpretations,
More informationMitigating DDoS Attacks with F5 Technology
Mitigating DDoS Attacks with F5 Technology Distributed denial-of-service attacks may be organized by type into a taxonomy that includes network attacks (layers 3 and 4), session attacks (layers 5 and 6),
More informationNetwork forensics 101 Network monitoring with Netflow, nfsen + nfdump
Network forensics 101 Network monitoring with Netflow, nfsen + nfdump www.enisa.europa.eu Agenda Intro to netflow Metrics Toolbox (Nfsen + Nfdump) Demo www.enisa.europa.eu 2 What is Netflow Netflow = Netflow
More informationwww.prolexic.com Stop DDoS Attacks in Minutes
www.prolexic.com Stop DDoS Attacks in Minutes Prolexic gives us the strong insurance policy against DDoS attacks that we were looking for. Mark Johnson, Chief Financial Officer, RealVision You ve seen
More informationJUST FOR THOSE WHO CAN T TOLERATE DOWNTIME WE ARE NOT FOR EVERYONE
WE ARE NOT FOR EVERYONE JUST FOR THOSE WHO CAN T TOLERATE DOWNTIME Don t let a DDoS attack bring your online business to a halt we can protect any server in any location DON T GET STUCK ON THE ROAD OF
More informationSurvey on DDoS Attack Detection and Prevention in Cloud
Survey on DDoS Detection and Prevention in Cloud Patel Ankita Fenil Khatiwala Computer Department, Uka Tarsadia University, Bardoli, Surat, Gujrat Abstract: Cloud is becoming a dominant computing platform
More informationApplication DDoS Mitigation
Application DDoS Mitigation Revision A 2014, Palo Alto Networks, Inc. www.paloaltonetworks.com Contents Overview... 3 Volumetric vs. Application Denial of Service Attacks... 3 Volumetric DoS Mitigation...
More informationWhite paper. TrusGuard DPX: Complete Protection against Evolving DDoS Threats. AhnLab, Inc.
TrusGuard DPX: Complete Protection against Evolving DDoS Threats AhnLab, Inc. Table of Contents Introduction... 2 The Evolution of DDoS Attacks... 2 Typical Protection against DDoS Attacks... 3 Firewalls...
More informationInternet Firewall CSIS 3230. Internet Firewall. Spring 2012 CSIS 4222. net13 1. Firewalls. Stateless Packet Filtering
Internet Firewall CSIS 3230 A combination of hardware and software that isolates an organization s internal network from the Internet at large Ch 8.8: Packet filtering, firewalls, intrusion detection Ch
More informationMigrating the SSL Offloading Configuration of the Alteon Application Switch 2424-SSL to AlteonOS version 27.0.0.0
Migrating the SSL Offloading Configuration of the Alteon Application Switch 2424-SSL to AlteonOS version 27.0.0.0 Table of Contents 1 Introduction... 1 2 Certificates Repository... 2 3 Common SSL Offloading
More informationProtecting Mobile Devices From TCP Flooding Attacks
Protecting Mobile Devices From TCP Flooding Attacks Yogesh Swami % and Hannes Tschofenig* % Nokia Research Center, Palo Alto, CA, USA. * Siemens Corporate Technology, Munich, DE. 1 Motivation Anatomy of
More informationWhat's New in Cisco ACE Application Control Engine Module for the Cisco Catalyst 6500 and Cisco 7600 Series Software Release 2.1.0
What's New in Cisco ACE Application Control Engine Module for the Cisco Catalyst 6500 and Cisco 7600 Series Software Release 2.1.0 PB458841 Product Overview The Cisco ACE Application Control Engine Module
More informationHow To Test A Ddos Prevention Solution
TEST METHODOLOGY Distributed Denial- of- Service (DDoS) Prevention v1.0 Table of Contents 1 Introduction... 5 1.1 The Need for Distributed Denial- of- Service Prevention... 5 1.2 About This Test Methodology
More informationArrow ECS University 2015 Radware Hybrid Cloud WAF Service. 9 Ottobre 2015
Arrow ECS University 2015 Radware Hybrid Cloud WAF Service 9 Ottobre 2015 Get to Know Radware 2 Our Track Record Company Growth Over 10,000 Customers USD Millions 200.00 150.00 32% 144.1 16% 167.0 15%
More informationConfiguring Health Monitoring
CHAPTER 6 This chapter describes how to configure the health monitoring on the CSM and contains these sections: Configuring Probes for Health Monitoring, page 6-1 Configuring Route Health Injection, page
More informationProtect your network: planning for (DDoS), Distributed Denial of Service attacks
Protect your network: planning for (DDoS), Distributed Denial of Service attacks Nov 19, 2015 2015 CenturyLink. All Rights Reserved. The CenturyLink mark, pathways logo and certain CenturyLink product
More informationSecuring Business-Critical Network and Application Infrastructure NET&COM Feb 2006 Gopala Tumuluri Foundry Networks www.foundrynet.
Securing BusinessCritical Network and Application Infrastructure NET&COM Feb 2006 Gopala Tumuluri Foundry Networks www.foundrynet.com Agenda Security Market and Solutions Overview New NetworkBased Security
More informationSecurity Technology White Paper
Security Technology White Paper Issue 01 Date 2012-10-30 HUAWEI TECHNOLOGIES CO., LTD. 2012. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means without
More informationDeployment Guide DDoS Protection for Web and DNS Servers
Deployment Guide DDoS Protection for Web and DNS Servers DG_DDoS Protection 052013.1 TABLE OF CONTENTS 1 Introduction... 4 2 Deployment Guide Overview... 4 3 What is DDoS?... 4 4 Types of DDoS Attacks
More informationFirewalls and Intrusion Detection
Firewalls and Intrusion Detection What is a Firewall? A computer system between the internal network and the rest of the Internet A single computer or a set of computers that cooperate to perform the firewall
More information