Fingerprinting a DDoS Attack

•

0 likes•567 views

State of the Internet

EFFECTIVE
DISTILLATION
IS THE KEY
WHEN AN ATTACK
TAKES PLACE:

Hundreds of millions of
data points pour into
a DDoS mitigation
platform in real-time

??
???
?
??

?

?

?

?

Analyze data to detect
anomalies and
malicious traffic

Use automated rules
and human attack
mitigation techniques
to allow good traffic
through and block
bad traffic

The Goal:

101101010001010100011
010100110101001110011
101010011010101001100
101010100110010100101
101010010101010100101
010100101010011100010
101010100101001110101

Store billions of traffic
and attack data
metrics in the cloud

• Make all incoming attack data useful to humans

Typical Automated Method
RAW
DATA

AUTO
ANALYSIS

OUTCOME:
Ineffective distillation
Leads to murky results and
an unclear fingerprint

Prolexic Human Mitigation Method
RAW
DATA

AUTO
ANALYSIS

The Problem:

• There is a gap between what automated data
analytics can do and what malicious attackers
can do live behind their botnets
• Automatic decision making equipment is prone
to false positives

Conclusion:

• That’s why we need human DDoS mitigators

COMPARE THESE 2 METHODS

HUMAN
MITIGATION
(THE MISSING
INGREDIENT)

OUTCOME:
Potent distillation

This crucial extra step leads to
clear and effective results with
a highly identifiable fingerprint

CHEERS!

More Related Content

More from State of the Internet

The stealthy Blackshades Remote Access Tool makes it all too easy for malicious actors to infect computer with a powerful and multifeatured trojan. Once infected, attackers can monitor audio and video, look through webcams, capture screens, log keystrokes, and a wide variety of other dangerous features. Learn how you can protect your computer and your sensitive information from this severe cybersecurity threat in this short slide presentation.

State of-the-internet-web-security-threat-advisory-blackshades-rat-presentation

State of-the-internet-web-security-threat-advisory-blackshades-rat-presentation

State of-the-internet-web-security-threat-advisory-blackshades-rat-presentation

State of the Internet

Largest 2013 DDoS Attacks Mitigated by Quarter

Largest 2013 DDoS Attacks Mitigated by Quarter

Largest 2013 DDoS Attacks Mitigated by Quarter

State of the Internet

Top 10 DDoS Trends for 2013 Infographic

Top 10 DDoS Trends for 2013 Infographic

Top 10 DDoS Trends for 2013 Infographic

State of the Internet

Q3 2013 Global DDoS Attacks | DDoS Attack Statistics

Q3 2013 Global DDoS Attacks | DDoS Attack Statistics

Q3 2013 Global DDoS Attacks | DDoS Attack Statistics

State of the Internet

The Battle Against DDoS | DDoS Attack Statistics

The Battle Against DDoS | DDoS Attack Statistics

The Battle Against DDoS | DDoS Attack Statistics

State of the Internet

Distributed reflection denial of service attacks, or DrDoS attacks, increased significantly in 2013. Uniquely, reflection attacks have two victims – the unwilling third-party server that is compelled to launch DDoS attack traffic and the attackers’ intended DDoS target. For both victims the effect is similar – slow performance or an outage that prevents legitimate users from accessing your site. This infographic from Prolexic explains why DrDoS attacks are on the rise and best practices to stop them.

Rise of Dr Dos DDoS Attacks - Infographic

Rise of Dr Dos DDoS Attacks - Infographic

Rise of Dr Dos DDoS Attacks - Infographic

State of the Internet

DDoS Attack & Defense Infographic

DDoS Attack & Defense Infographic

DDoS Attack & Defense Infographic

State of the Internet

Q3 2013 Global DDoS Attack Report

Q3 2013 Global DDoS Attack Report

Q3 2013 Global DDoS Attack Report

State of the Internet

More from State of the Internet (8)

State of-the-internet-web-security-threat-advisory-blackshades-rat-presentation

State of-the-internet-web-security-threat-advisory-blackshades-rat-presentation

State of-the-internet-web-security-threat-advisory-blackshades-rat-presentation

Largest 2013 DDoS Attacks Mitigated by Quarter

Largest 2013 DDoS Attacks Mitigated by Quarter

Largest 2013 DDoS Attacks Mitigated by Quarter

Top 10 DDoS Trends for 2013 Infographic

Top 10 DDoS Trends for 2013 Infographic

Top 10 DDoS Trends for 2013 Infographic

Q3 2013 Global DDoS Attacks | DDoS Attack Statistics

Q3 2013 Global DDoS Attacks | DDoS Attack Statistics

Q3 2013 Global DDoS Attacks | DDoS Attack Statistics

The Battle Against DDoS | DDoS Attack Statistics

The Battle Against DDoS | DDoS Attack Statistics

The Battle Against DDoS | DDoS Attack Statistics

Rise of Dr Dos DDoS Attacks - Infographic

Rise of Dr Dos DDoS Attacks - Infographic

Rise of Dr Dos DDoS Attacks - Infographic

DDoS Attack & Defense Infographic

DDoS Attack & Defense Infographic

DDoS Attack & Defense Infographic

Q3 2013 Global DDoS Attack Report

Q3 2013 Global DDoS Attack Report

Q3 2013 Global DDoS Attack Report

Recently uploaded

The value of a flexible API Management solution for Open Banking Steve Melan, Manager for IT Innovation and Architecture - State's and Saving's Bank of Luxembourg Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - The value of a flexible API Management solution for O...

Apidays New York 2024 - The value of a flexible API Management solution for O...

Apidays New York 2024 - The value of a flexible API Management solution for O...

Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...

Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...

Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...

Scaling API-first – The story of a global engineering organization Ian Reasor, Senior Computer Scientist - Adobe Radu Cotescu, Senior Computer Scientist - Adobe Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke

Product Anonymous

The 7 Things I Know About Cyber Security After 25 Years | April 2024

The 7 Things I Know About Cyber Security After 25 Years | April 2024

The 7 Things I Know About Cyber Security After 25 Years | April 2024

What is a good lead in your organisation? Which leads are priority? What happens to leads? When sales and marketing give different answers to these questions, or perhaps aren't sure of the answers at all, frustrations build and opportunities are left on the table. Join us for an illuminating session with Cian McLoughlin, HubSpot Principal Customer Success Manager, as we look at that crucial piece of the customer journey in which leads are transferred from marketing to sales.

04-2024-HHUG-Sales-and-Marketing-Alignment.pptx

04-2024-HHUG-Sales-and-Marketing-Alignment.pptx

04-2024-HHUG-Sales-and-Marketing-Alignment.pptx

How to Troubleshoot Apps for the Modern Connected Worker

How to Troubleshoot Apps for the Modern Connected Worker

How to Troubleshoot Apps for the Modern Connected Worker

Data Cloud, More than a CDP by Matt Robison

Data Cloud, More than a CDP by Matt Robison

Data Cloud, More than a CDP by Matt Robison

Anna Loughnan Colquhoun

Abhishek Deb(1), Mr Abdul Kalam(2) M. Des (UX) , School of Design, DIT University , Dehradun. This paper explores the future potential of AI-enabled smartphone processors, aiming to investigate the advancements, capabilities, and implications of integrating artificial intelligence (AI) into smartphone technology. The research study goals consist of evaluating the development of AI in mobile phone processors, analyzing the existing state as well as abilities of AI-enabled cpus determining future patterns as well as chances together with reviewing obstacles as well as factors to consider for more growth.

Exploring the Future Potential of AI-Enabled Smartphone Processors

Exploring the Future Potential of AI-Enabled Smartphone Processors

Exploring the Future Potential of AI-Enabled Smartphone Processors

GenCyber Cyber Security Day Presentation

GenCyber Cyber Security Day Presentation

GenCyber Cyber Security Day Presentation

Michael W. Hawkins

Tech Trends Report 2024 Future Today Institute.pdf

Tech Trends Report 2024 Future Today Institute.pdf

Tech Trends Report 2024 Future Today Institute.pdf

With more memory available, system performance of three Dell devices increased, which can translate to a better user experience Conclusion When your system has plenty of RAM to meet your needs, you can efficiently access the applications and data you need to finish projects and to-do lists without sacrificing time and focus. Our test results show that with more memory available, three Dell PCs delivered better performance and took less time to complete the Procyon Office Productivity benchmark. These advantages translate to users being able to complete workflows more quickly and multitask more easily. Whether you need the mobility of the Latitude 5440, the creative capabilities of the Precision 3470, or the high performance of the OptiPlex Tower Plus 7010, configuring your system with more RAM can help keep processes running smoothly, enabling you to do more without compromising performance.

Boost PC performance: How more available memory can improve productivity

Boost PC performance: How more available memory can improve productivity

Boost PC performance: How more available memory can improve productivity

Principled Technologies

Real Time Object Detection Using Open CV

Real Time Object Detection Using Open CV

Real Time Object Detection Using Open CV

Effective data discovery is crucial for maintaining compliance and mitigating risks in today's rapidly evolving privacy landscape. However, traditional manual approaches often struggle to keep pace with the growing volume and complexity of data. Join us for an insightful webinar where industry leaders from TrustArc and Privya will share their expertise on leveraging AI-powered solutions to revolutionize data discovery. You'll learn how to: - Effortlessly maintain a comprehensive, up-to-date data inventory - Harness code scanning insights to gain complete visibility into data flows leveraging the advantages of code scanning over DB scanning - Simplify compliance by leveraging Privya's integration with TrustArc - Implement proven strategies to mitigate third-party risks Our panel of experts will discuss real-world case studies and share practical strategies for overcoming common data discovery challenges. They'll also explore the latest trends and innovations in AI-driven data management, and how these technologies can help organizations stay ahead of the curve in an ever-changing privacy landscape.

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

Created by Mozilla Research in 2012 and now part of Linux Foundation Europe, the Servo project is an experimental rendering engine written in Rust. It combines memory safety and concurrency to create an independent, modular, and embeddable rendering engine that adheres to web standards. Stewardship of Servo moved from Mozilla Research to the Linux Foundation in 2020, where its mission remains unchanged. After some slow years, in 2023 there has been renewed activity on the project, with a roadmap now focused on improving the engine’s CSS 2 conformance, exploring Android support, and making Servo a practical embeddable rendering engine. In this presentation, Rakhi Sharma reviews the status of the project, our recent developments in 2023, our collaboration with Tauri to make Servo an easy-to-use embeddable rendering engine, and our plans for the future to make Servo an alternative web rendering engine for the embedded devices industry. (c) Embedded Open Source Summit 2024 April 16-18, 2024 Seattle, Washington (US) https://events.linuxfoundation.org/embedded-open-source-summit/ https://ossna2024.sched.com/event/1aBNF/a-year-of-servo-reboot-where-are-we-now-rakhi-sharma-igalia

A Year of the Servo Reboot: Where Are We Now?

A Year of the Servo Reboot: Where Are We Now?

A Year of the Servo Reboot: Where Are We Now?

How to Troubleshoot Apps for the Modern Connected Worker

How to Troubleshoot Apps for the Modern Connected Worker

How to Troubleshoot Apps for the Modern Connected Worker

Imagine a world where information flows as swiftly as thought itself, making decision-making as fluid as the data driving it. Every moment is critical, and the right tools can significantly boost your organization’s performance. The power of real-time data automation through FME can turn this vision into reality. Aimed at professionals eager to leverage real-time data for enhanced decision-making and efficiency, this webinar will cover the essentials of real-time data and its significance. We’ll explore: FME’s role in real-time event processing, from data intake and analysis to transformation and reporting An overview of leveraging streams vs. automations FME’s impact across various industries highlighted by real-life case studies Live demonstrations on setting up FME workflows for real-time data Practical advice on getting started, best practices, and tips for effective implementation Join us to enhance your skills in real-time data automation with FME, and take your operational capabilities to the next level.

From Event to Action: Accelerate Your Decision Making with Real-Time Automation

From Event to Action: Accelerate Your Decision Making with Real-Time Automation

From Event to Action: Accelerate Your Decision Making with Real-Time Automation

Automating Google Workspace (GWS) & more with Apps Script

Automating Google Workspace (GWS) & more with Apps Script

Automating Google Workspace (GWS) & more with Apps Script

Finology Group – Insurtech Innovation Award 2024

Finology Group – Insurtech Innovation Award 2024

Finology Group – Insurtech Innovation Award 2024

The Digital Insurer

Enterprise Knowledge’s Urmi Majumder, Principal Data Architecture Consultant, and Fernando Aguilar Islas, Senior Data Science Consultant, presented "Driving Behavioral Change for Information Management through Data-Driven Green Strategy" on March 27, 2024 at Enterprise Data World (EDW) in Orlando, Florida. In this presentation, Urmi and Fernando discussed a case study describing how the information management division in a large supply chain organization drove user behavior change through awareness of the carbon footprint of their duplicated and near-duplicated content, identified via advanced data analytics. Check out their presentation to gain valuable perspectives on utilizing data-driven strategies to influence positive behavioral shifts and support sustainability initiatives within your organization. In this session, participants gained answers to the following questions: - What is a Green Information Management (IM) Strategy, and why should you have one? - How can Artificial Intelligence (AI) and Machine Learning (ML) support your Green IM Strategy through content deduplication? - How can an organization use insights into their data to influence employee behavior for IM? - How can you reap additional benefits from content reduction that go beyond Green IM?

Driving Behavioral Change for Information Management through Data-Driven Gree...

Driving Behavioral Change for Information Management through Data-Driven Gree...

Driving Behavioral Change for Information Management through Data-Driven Gree...

Enterprise Knowledge

Recently uploaded (20)

Apidays New York 2024 - The value of a flexible API Management solution for O...

Apidays New York 2024 - The value of a flexible API Management solution for O...

Apidays New York 2024 - The value of a flexible API Management solution for O...

Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...

Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...

Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke

The 7 Things I Know About Cyber Security After 25 Years | April 2024

The 7 Things I Know About Cyber Security After 25 Years | April 2024

The 7 Things I Know About Cyber Security After 25 Years | April 2024

04-2024-HHUG-Sales-and-Marketing-Alignment.pptx

04-2024-HHUG-Sales-and-Marketing-Alignment.pptx

04-2024-HHUG-Sales-and-Marketing-Alignment.pptx

How to Troubleshoot Apps for the Modern Connected Worker

How to Troubleshoot Apps for the Modern Connected Worker

How to Troubleshoot Apps for the Modern Connected Worker

Data Cloud, More than a CDP by Matt Robison

Data Cloud, More than a CDP by Matt Robison

Data Cloud, More than a CDP by Matt Robison

Exploring the Future Potential of AI-Enabled Smartphone Processors

Exploring the Future Potential of AI-Enabled Smartphone Processors

Exploring the Future Potential of AI-Enabled Smartphone Processors

GenCyber Cyber Security Day Presentation

GenCyber Cyber Security Day Presentation

GenCyber Cyber Security Day Presentation

Tech Trends Report 2024 Future Today Institute.pdf

Tech Trends Report 2024 Future Today Institute.pdf

Tech Trends Report 2024 Future Today Institute.pdf

Boost PC performance: How more available memory can improve productivity

Boost PC performance: How more available memory can improve productivity

Boost PC performance: How more available memory can improve productivity

Real Time Object Detection Using Open CV

Real Time Object Detection Using Open CV

Real Time Object Detection Using Open CV

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

A Year of the Servo Reboot: Where Are We Now?

A Year of the Servo Reboot: Where Are We Now?

A Year of the Servo Reboot: Where Are We Now?

How to Troubleshoot Apps for the Modern Connected Worker

How to Troubleshoot Apps for the Modern Connected Worker

How to Troubleshoot Apps for the Modern Connected Worker

From Event to Action: Accelerate Your Decision Making with Real-Time Automation

From Event to Action: Accelerate Your Decision Making with Real-Time Automation

From Event to Action: Accelerate Your Decision Making with Real-Time Automation

Automating Google Workspace (GWS) & more with Apps Script

Automating Google Workspace (GWS) & more with Apps Script

Automating Google Workspace (GWS) & more with Apps Script

Finology Group – Insurtech Innovation Award 2024

Finology Group – Insurtech Innovation Award 2024

Finology Group – Insurtech Innovation Award 2024

Driving Behavioral Change for Information Management through Data-Driven Gree...

Driving Behavioral Change for Information Management through Data-Driven Gree...

Driving Behavioral Change for Information Management through Data-Driven Gree...

Fingerprinting a DDoS Attack

1. EFFECTIVE DISTILLATION IS THE KEY WHEN AN ATTACK TAKES PLACE: Hundreds of millions of data points pour into a DDoS mitigation platform in real-time ?? ??? ? ?? ? ? ? ? Analyze data to detect anomalies and malicious traffic Use automated rules and human attack mitigation techniques to allow good traffic through and block bad traffic The Goal: 101101010001010100011 010100110101001110011 101010011010101001100 101010100110010100101 101010010101010100101 010100101010011100010 101010100101001110101 Store billions of traffic and attack data metrics in the cloud • Make all incoming attack data useful to humans Typical Automated Method RAW DATA AUTO ANALYSIS OUTCOME: Ineffective distillation Leads to murky results and an unclear fingerprint Prolexic Human Mitigation Method RAW DATA AUTO ANALYSIS The Problem: • There is a gap between what automated data analytics can do and what malicious attackers can do live behind their botnets • Automatic decision making equipment is prone to false positives Conclusion: • That’s why we need human DDoS mitigators COMPARE THESE 2 METHODS HUMAN MITIGATION (THE MISSING INGREDIENT) OUTCOME: Potent distillation This crucial extra step leads to clear and effective results with a highly identifiable fingerprint CHEERS!