SlideShare une entreprise Scribd logo

DDoS Threat Landscape - Ron Winward CHINOG16

Radware
Radware

Ron Winward's Presentation at CHINOG16

Technologie
1  sur  37
Télécharger pour lire hors ligne
© Radware 2016 Ron Winward Security Evangelist Radware May 12, 2016 DDoS Threat Landscape
DDoS Handbook • A history and overview of DDoS • Review of attack types and tools • DDoS Mitigation Considerations • DDoS Dictionary
Security Products Now Cause of 36% of Downtime DDoS Failure Points within the Network – Internet Pipe Saturation remains single greatest failure point – Stateful firewalls jump from 15% to 26% – Last third take down targeted web/SQL servers
“Low & Slow” DoS attacks (e.g.Slowloris) Complexity of Attacks Continues to Grow Multi-vector attacks target all layers of the infrastructure IPS/IDS Large volume network flood attacks Syn Floods Network Scan HTTP Floods SSL Floods App Misuse Brute Force On-Demand Cloud DDoS DoS protection Behavioral analysis IPS WAFSSL protection Internet Pipe Firewall Load Balancer/ADC Server Under Attack SQL Server XSS, CSRFSQL Injections
Types of Attacks Attacks Targeting Network Resources Attacks Targeting Server Resources • UDP • ICMP • IGMP • Reflection • DNS, SSDP, NTP, etc TCP Weaknesses SYN Floods TCP RST TCP PSH+ACK Flood Low and Slow - Sockstress, Slowloris Our current research shows an even split between network and application-layer attacks
Types of Attacks (cont.) Encrypted Attacks Attacks Targeting App Resources • HTTPS Floods • SSL-based Attacks • THC-SSL-DOS HTTP Flood DNS Flood Slow HTTP GET Request Slow HTTP POST Request RegEx Hash Collision
User Datagram Protocol (UDP) Connectionless protocol Doesn’t exploit a specific vulnerability Typically spoofed source IPs, often packets are sent to random dest ports Server has to respond with ICMP unreachables Compute resources are consumed Network capacity is consumed UDP Floods
Internet Control Message Protocol (ICMP) Connectionless protocol Doesn’t exploit a specific vulnerability Can be any type of ICMP message Volumetric in nature Target has to try and process all of the requests This is why we have ICMP policers on routers  – The premise holds true for all devices that have to respond ICMP Floods
DNS, SSDP, NTP, etc. Most common attacks today Leverage the disparity between a request and a reply Amplification can be huge Source IP of the request is spoofed as the target’s IP Target is overwhelmed Reflection Attacks
Protocol exploits Misuse of the six control bits, SYN, ACK, RST, PSH, FIN and URG TCP requires a 3-way negotiation in order for a session to be established – SYN, SYN-ACK, ACK – Each request creates a half-open connection Attacks will often send packets in the wrong order to consume resources on the target while it tries to interpret what’s happening TCP Weaknesses
One of the most common vectors Attacker floods the target with SYN packets from spoofed source IPs Target opens a thread and assigns buffers to prepare for each connection Target sends a SYN-ACK back to the spoofed requestor No response, so target sends more SYN-ACKs until it times out Server is unable to timeout old sessions before new ones can be handled SYN Floods
SYN Flood Impact on Firewall Bandwidth CPU Impact
Most common application layer attack Multiple machines continually download the content from a target Target server exhausts resources trying to deliver the content and handle the connections Slow HTTP GET attack also exists HTTP GET Flood
Common Application Layer attack Essentially holding open connections Can be launched from a single machine Slowloris – Opens connections and sends a partial request – Eventually sends more of the request but not complete request – Connections stay open and max concurrent connections is exhausted Low and Slow Attacks
Developed by hacking group The Hackers Choice (THC) Low and Slow + Encrypted Initiates a regular SSL handshake Immediately requests the renegotiation of the encryption key Continues process until exhaustion How will you see this if it’s an encrypted attack? – Low and slow, so difficult to distinguish from real traffic! Single PC can take down a server THC-SSL-DOS
Anonymous DoSer Anonymous Ping Attack BlackOut BlackBurn ByteDoS FireFlood Generic DDoS GoodBye HOIC LOIC XOIC Pringle DDoS rDoS Unknown DoSer Anonymous Tools for 2016
Anonymous DoSer • TCP SYN Flood • Launched from a client
Anonymous Ping Attack • ICMP Ping tool
Black Out • TCP • UDP • (QUIC) • ICMP • HTTP • “GET /” • Customizable text in payload
BBHH (Black Burn) • SYN Flood • Few options
ByteDoS • SYN Flood • ICMP Flood • DNS Resolution
FireFlood • Targets web servers • Starts with QUIC • Switches to HTTP GET • Embeds some browser info
Generic DDoS • Slowloris attack • You set the duration • Meaningless POST • Server replies • Connections consumed
HOIC • Sends HTTP Post and GET requests • Allows booster scripts to enhance attacks, feeding source data into attack payload • Very common, highly available
LOIC • Early flooding tool used by Anonymous • TCP, UDP, HTTP Floods • Hivemind feature allowing centralized control via IRC • Does not obscure source IP
Pringle DDoS • Ping tool • Plays music! • Otherwise not overly interesting
Attack OS Distros • Parrot OS • Popular OS for hacker, like Kali Linux • DNS • NTP • SNMP • SSDP • Kali • Cyborg • BlackArch
Lizard Squad‘s public stresser services $19.99 => 15GB attack for 1200 second – DNS – SNMP – SYN Shenron Attack Tool
One of the most popular tools $19.99 will gain access to 216 Gbps Attack Network DNS, NTP, ESSYN, xSYN, TS3, TCP-ACK, Dominate, VSE, SNMP, PPS, Portmap and TCP-Amp VDoS Attack Tool
RouterSlap! For $6 you can get a 10- minute attack that is 5- 10G SNMP, DNS, CHARGEN, NTP, SSDP, ESSYN, SSYN, ZXYN, Dominate, VSE, ISSYN, RSSYN, Joomla Attack scheduling Unlimited daily attacks RouterSlap
Lessons Learned - Successful Attack Mitigation Proactive Preparation and Planning is Key Need for a Attack Mitigation solution with the widest coverage to protect from multi-vector attacks, including protection from network and application based DDoS attacks. Monitor security alerts and examine triggers carefully. Tune existing polices and protections to prevent false positives and accurate detection. Consider a hybrid solution that integrates on- premise detection and mitigation with cloud- based protection - to block volumetric attacks. A cyber-security emergency response plan that includes an emergency response team and process in place. Identify areas where helped is needed from a third party. A single point of contact is crucial when under attack - it will help to divert internet traffic and deploy mitigation solutions.
© Radware 2016 Thank You ron.winward@radware.com www.radware.com security.radware.com

Recommandé

Radware Solutions for MSSPs
Radware Solutions for MSSPsRadware Solutions for MSSPs
Radware Solutions for MSSPsRadware
 
Radware Hybrid Cloud WAF Service
Radware Hybrid Cloud WAF ServiceRadware Hybrid Cloud WAF Service
Radware Hybrid Cloud WAF ServiceRadware
 
Radware Cloud Security Services
Radware Cloud Security ServicesRadware Cloud Security Services
Radware Cloud Security ServicesRadware
 
The Art of Cyber War [From Black Hat Brazil 2014]
The Art of Cyber War [From Black Hat Brazil 2014]The Art of Cyber War [From Black Hat Brazil 2014]
The Art of Cyber War [From Black Hat Brazil 2014]Radware
 
DDoS Mitigation - DefensePro - RADWARE
DDoS Mitigation - DefensePro - RADWAREDDoS Mitigation - DefensePro - RADWARE
DDoS Mitigation - DefensePro - RADWAREDeivid Toledo
 
Radware DefensePipe: Cloud-Based Attack Mitigation Solution
Radware DefensePipe: Cloud-Based Attack Mitigation SolutionRadware DefensePipe: Cloud-Based Attack Mitigation Solution
Radware DefensePipe: Cloud-Based Attack Mitigation SolutionRadware
 
Attack Prevention Solution for RADWARE
Attack Prevention Solution for RADWAREAttack Prevention Solution for RADWARE
Attack Prevention Solution for RADWAREDeivid Toledo
 
DSS ITSEC 2013 Conference 07.11.2013 -Radware - Protection against DDoS
DSS ITSEC 2013 Conference 07.11.2013 -Radware - Protection against DDoSDSS ITSEC 2013 Conference 07.11.2013 -Radware - Protection against DDoS
DSS ITSEC 2013 Conference 07.11.2013 -Radware - Protection against DDoSAndris Soroka
 

Recommandé

Radware Solutions for MSSPs
Radware Solutions for MSSPsRadware Solutions for MSSPs
Radware Solutions for MSSPsRadware
 
Radware Hybrid Cloud WAF Service
Radware Hybrid Cloud WAF ServiceRadware Hybrid Cloud WAF Service
Radware Hybrid Cloud WAF ServiceRadware
 
Radware Cloud Security Services
Radware Cloud Security ServicesRadware Cloud Security Services
Radware Cloud Security ServicesRadware
 
The Art of Cyber War [From Black Hat Brazil 2014]
The Art of Cyber War [From Black Hat Brazil 2014]The Art of Cyber War [From Black Hat Brazil 2014]
The Art of Cyber War [From Black Hat Brazil 2014]Radware
 
DDoS Mitigation - DefensePro - RADWARE
DDoS Mitigation - DefensePro - RADWAREDDoS Mitigation - DefensePro - RADWARE
DDoS Mitigation - DefensePro - RADWAREDeivid Toledo
 
Radware DefensePipe: Cloud-Based Attack Mitigation Solution
Radware DefensePipe: Cloud-Based Attack Mitigation SolutionRadware DefensePipe: Cloud-Based Attack Mitigation Solution
Radware DefensePipe: Cloud-Based Attack Mitigation SolutionRadware
 
Attack Prevention Solution for RADWARE
Attack Prevention Solution for RADWAREAttack Prevention Solution for RADWARE
Attack Prevention Solution for RADWAREDeivid Toledo
 
DSS ITSEC 2013 Conference 07.11.2013 -Radware - Protection against DDoS
DSS ITSEC 2013 Conference 07.11.2013 -Radware - Protection against DDoSDSS ITSEC 2013 Conference 07.11.2013 -Radware - Protection against DDoS
DSS ITSEC 2013 Conference 07.11.2013 -Radware - Protection against DDoSAndris Soroka
 
Radware Hybrid Cloud Web Application Firewall and DDoS Protection
Radware Hybrid Cloud Web Application Firewall and DDoS ProtectionRadware Hybrid Cloud Web Application Firewall and DDoS Protection
Radware Hybrid Cloud Web Application Firewall and DDoS ProtectionAndy Ellis
 
What is ddos attack
What is ddos attackWhat is ddos attack
What is ddos attackDosarrest007
 
Optimize your AWS FEST - N2WS session - Addressing the Relentless Threat of R...
Optimize your AWS FEST - N2WS session - Addressing the Relentless Threat of R...Optimize your AWS FEST - N2WS session - Addressing the Relentless Threat of R...
Optimize your AWS FEST - N2WS session - Addressing the Relentless Threat of R...OK2OK
 
9 Steps For Fighting Against a DDos Attack in real-time
9 Steps For Fighting Against a DDos Attack in real-time 9 Steps For Fighting Against a DDos Attack in real-time
9 Steps For Fighting Against a DDos Attack in real-time Haltdos
 
Atelier Technique CISCO ACSS 2018
Atelier Technique CISCO ACSS 2018Atelier Technique CISCO ACSS 2018
Atelier Technique CISCO ACSS 2018African Cyber Security Summit
 
KHNOG 3: DDoS Attack Prevention
KHNOG 3: DDoS Attack PreventionKHNOG 3: DDoS Attack Prevention
KHNOG 3: DDoS Attack PreventionAPNIC
 
HaltDos DDoS Protection Solution
HaltDos DDoS Protection SolutionHaltDos DDoS Protection Solution
HaltDos DDoS Protection SolutionHaltdos
 
DDOS Attack
DDOS Attack DDOS Attack
DDOS Attack Ahmed Salama
 
Take the Ransom Out of Ransomware
Take the Ransom Out of RansomwareTake the Ransom Out of Ransomware
Take the Ransom Out of RansomwareUnitrends
 
DDoS Mitigation Training | DDoS Mitigation Guide | Learn DDoS Mitigation Conc...
DDoS Mitigation Training | DDoS Mitigation Guide | Learn DDoS Mitigation Conc...DDoS Mitigation Training | DDoS Mitigation Guide | Learn DDoS Mitigation Conc...
DDoS Mitigation Training | DDoS Mitigation Guide | Learn DDoS Mitigation Conc...MazeBolt Technologies
 
Infoblox Secure DNS Solution
Infoblox Secure DNS SolutionInfoblox Secure DNS Solution
Infoblox Secure DNS SolutionSrikrupa Srivatsan
 
DSS ITSEC 2013 Conference 07.11.2013 - Radware - Cyber Attacks Survival Guide
DSS ITSEC 2013 Conference 07.11.2013 - Radware - Cyber Attacks Survival GuideDSS ITSEC 2013 Conference 07.11.2013 - Radware - Cyber Attacks Survival Guide
DSS ITSEC 2013 Conference 07.11.2013 - Radware - Cyber Attacks Survival GuideAndris Soroka
 
Two for Attack: Web and Email Content Protection
Two for Attack: Web and Email Content ProtectionTwo for Attack: Web and Email Content Protection
Two for Attack: Web and Email Content ProtectionCisco Canada
 
Preparing for the Imminent Terabit DDoS Attack
Preparing for the Imminent Terabit DDoS AttackPreparing for the Imminent Terabit DDoS Attack
Preparing for the Imminent Terabit DDoS AttackImperva
 
12 types of DDoS attacks
12 types of DDoS attacks12 types of DDoS attacks
12 types of DDoS attacksHaltdos
 
HACKING THE BRAIN: Customize Evil Protocol to Pwn an SDN Controller
HACKING THE BRAIN: Customize Evil Protocol to Pwn an SDN ControllerHACKING THE BRAIN: Customize Evil Protocol to Pwn an SDN Controller
HACKING THE BRAIN: Customize Evil Protocol to Pwn an SDN ControllerPriyanka Aash
 
Advanced DNS Protection
Advanced DNS ProtectionAdvanced DNS Protection
Advanced DNS ProtectionSrikrupa Srivatsan
 
Webinar: DRaaS - It’s Not Just For Disasters Anymore
Webinar: DRaaS - It’s Not Just For Disasters AnymoreWebinar: DRaaS - It’s Not Just For Disasters Anymore
Webinar: DRaaS - It’s Not Just For Disasters AnymoreStorage Switzerland
 
El riesgo para tu negocio crece; cómo protegerte frente al Ransomware y otras...
El riesgo para tu negocio crece; cómo protegerte frente al Ransomware y otras...El riesgo para tu negocio crece; cómo protegerte frente al Ransomware y otras...
El riesgo para tu negocio crece; cómo protegerte frente al Ransomware y otras...Plain Concepts
 
Why DDoS RADAR | MazeBolt Technologies
Why DDoS RADAR | MazeBolt TechnologiesWhy DDoS RADAR | MazeBolt Technologies
Why DDoS RADAR | MazeBolt TechnologiesMazeBolt Technologies
 
DDoS-bdNOG
DDoS-bdNOGDDoS-bdNOG
DDoS-bdNOGZobair Khan
 
DrupalCon Vienna 2017 - Anatomy of DDoS
DrupalCon Vienna 2017 - Anatomy of DDoSDrupalCon Vienna 2017 - Anatomy of DDoS
DrupalCon Vienna 2017 - Anatomy of DDoSSuzanne Aldrich
 

Contenu connexe

Tendances

Radware Hybrid Cloud Web Application Firewall and DDoS Protection
Radware Hybrid Cloud Web Application Firewall and DDoS ProtectionRadware Hybrid Cloud Web Application Firewall and DDoS Protection
Radware Hybrid Cloud Web Application Firewall and DDoS ProtectionAndy Ellis
 
What is ddos attack
What is ddos attackWhat is ddos attack
What is ddos attackDosarrest007
 
Optimize your AWS FEST - N2WS session - Addressing the Relentless Threat of R...
Optimize your AWS FEST - N2WS session - Addressing the Relentless Threat of R...Optimize your AWS FEST - N2WS session - Addressing the Relentless Threat of R...
Optimize your AWS FEST - N2WS session - Addressing the Relentless Threat of R...OK2OK
 
9 Steps For Fighting Against a DDos Attack in real-time
9 Steps For Fighting Against a DDos Attack in real-time 9 Steps For Fighting Against a DDos Attack in real-time
9 Steps For Fighting Against a DDos Attack in real-time Haltdos
 
KHNOG 3: DDoS Attack Prevention
KHNOG 3: DDoS Attack PreventionKHNOG 3: DDoS Attack Prevention
KHNOG 3: DDoS Attack PreventionAPNIC
 
HaltDos DDoS Protection Solution
HaltDos DDoS Protection SolutionHaltDos DDoS Protection Solution
HaltDos DDoS Protection SolutionHaltdos
 
Take the Ransom Out of Ransomware
Take the Ransom Out of RansomwareTake the Ransom Out of Ransomware
Take the Ransom Out of RansomwareUnitrends
 
DDoS Mitigation Training | DDoS Mitigation Guide | Learn DDoS Mitigation Conc...
DDoS Mitigation Training | DDoS Mitigation Guide | Learn DDoS Mitigation Conc...DDoS Mitigation Training | DDoS Mitigation Guide | Learn DDoS Mitigation Conc...
DDoS Mitigation Training | DDoS Mitigation Guide | Learn DDoS Mitigation Conc...MazeBolt Technologies
 
DSS ITSEC 2013 Conference 07.11.2013 - Radware - Cyber Attacks Survival Guide
DSS ITSEC 2013 Conference 07.11.2013 - Radware - Cyber Attacks Survival GuideDSS ITSEC 2013 Conference 07.11.2013 - Radware - Cyber Attacks Survival Guide
DSS ITSEC 2013 Conference 07.11.2013 - Radware - Cyber Attacks Survival GuideAndris Soroka
 
Two for Attack: Web and Email Content Protection
Two for Attack: Web and Email Content ProtectionTwo for Attack: Web and Email Content Protection
Two for Attack: Web and Email Content ProtectionCisco Canada
 
Preparing for the Imminent Terabit DDoS Attack
Preparing for the Imminent Terabit DDoS AttackPreparing for the Imminent Terabit DDoS Attack
Preparing for the Imminent Terabit DDoS AttackImperva
 
12 types of DDoS attacks
12 types of DDoS attacks12 types of DDoS attacks
12 types of DDoS attacksHaltdos
 
HACKING THE BRAIN: Customize Evil Protocol to Pwn an SDN Controller
HACKING THE BRAIN: Customize Evil Protocol to Pwn an SDN ControllerHACKING THE BRAIN: Customize Evil Protocol to Pwn an SDN Controller
HACKING THE BRAIN: Customize Evil Protocol to Pwn an SDN ControllerPriyanka Aash
 
Webinar: DRaaS - It’s Not Just For Disasters Anymore
Webinar: DRaaS - It’s Not Just For Disasters AnymoreWebinar: DRaaS - It’s Not Just For Disasters Anymore
Webinar: DRaaS - It’s Not Just For Disasters AnymoreStorage Switzerland
 
El riesgo para tu negocio crece; cómo protegerte frente al Ransomware y otras...
El riesgo para tu negocio crece; cómo protegerte frente al Ransomware y otras...El riesgo para tu negocio crece; cómo protegerte frente al Ransomware y otras...
El riesgo para tu negocio crece; cómo protegerte frente al Ransomware y otras...Plain Concepts
 
Why DDoS RADAR | MazeBolt Technologies
Why DDoS RADAR | MazeBolt TechnologiesWhy DDoS RADAR | MazeBolt Technologies
Why DDoS RADAR | MazeBolt TechnologiesMazeBolt Technologies
 

Tendances (20)

Radware Hybrid Cloud Web Application Firewall and DDoS Protection
Radware Hybrid Cloud Web Application Firewall and DDoS ProtectionRadware Hybrid Cloud Web Application Firewall and DDoS Protection
Radware Hybrid Cloud Web Application Firewall and DDoS Protection
 
What is ddos attack
What is ddos attackWhat is ddos attack
What is ddos attack
 
Optimize your AWS FEST - N2WS session - Addressing the Relentless Threat of R...
Optimize your AWS FEST - N2WS session - Addressing the Relentless Threat of R...Optimize your AWS FEST - N2WS session - Addressing the Relentless Threat of R...
Optimize your AWS FEST - N2WS session - Addressing the Relentless Threat of R...
 
9 Steps For Fighting Against a DDos Attack in real-time
9 Steps For Fighting Against a DDos Attack in real-time 9 Steps For Fighting Against a DDos Attack in real-time
9 Steps For Fighting Against a DDos Attack in real-time
 
Atelier Technique CISCO ACSS 2018
Atelier Technique CISCO ACSS 2018Atelier Technique CISCO ACSS 2018
Atelier Technique CISCO ACSS 2018
 
KHNOG 3: DDoS Attack Prevention
KHNOG 3: DDoS Attack PreventionKHNOG 3: DDoS Attack Prevention
KHNOG 3: DDoS Attack Prevention
 
HaltDos DDoS Protection Solution
HaltDos DDoS Protection SolutionHaltDos DDoS Protection Solution
HaltDos DDoS Protection Solution
 
DDOS Attack
DDOS Attack DDOS Attack
DDOS Attack
 
Take the Ransom Out of Ransomware
Take the Ransom Out of RansomwareTake the Ransom Out of Ransomware
Take the Ransom Out of Ransomware
 
DDoS Mitigation Training | DDoS Mitigation Guide | Learn DDoS Mitigation Conc...
DDoS Mitigation Training | DDoS Mitigation Guide | Learn DDoS Mitigation Conc...DDoS Mitigation Training | DDoS Mitigation Guide | Learn DDoS Mitigation Conc...
DDoS Mitigation Training | DDoS Mitigation Guide | Learn DDoS Mitigation Conc...
 
Infoblox Secure DNS Solution
Infoblox Secure DNS SolutionInfoblox Secure DNS Solution
Infoblox Secure DNS Solution
 
DSS ITSEC 2013 Conference 07.11.2013 - Radware - Cyber Attacks Survival Guide
DSS ITSEC 2013 Conference 07.11.2013 - Radware - Cyber Attacks Survival GuideDSS ITSEC 2013 Conference 07.11.2013 - Radware - Cyber Attacks Survival Guide
DSS ITSEC 2013 Conference 07.11.2013 - Radware - Cyber Attacks Survival Guide
 
Two for Attack: Web and Email Content Protection
Two for Attack: Web and Email Content ProtectionTwo for Attack: Web and Email Content Protection
Two for Attack: Web and Email Content Protection
 
Preparing for the Imminent Terabit DDoS Attack
Preparing for the Imminent Terabit DDoS AttackPreparing for the Imminent Terabit DDoS Attack
Preparing for the Imminent Terabit DDoS Attack
 
12 types of DDoS attacks
12 types of DDoS attacks12 types of DDoS attacks
12 types of DDoS attacks
 
HACKING THE BRAIN: Customize Evil Protocol to Pwn an SDN Controller
HACKING THE BRAIN: Customize Evil Protocol to Pwn an SDN ControllerHACKING THE BRAIN: Customize Evil Protocol to Pwn an SDN Controller
HACKING THE BRAIN: Customize Evil Protocol to Pwn an SDN Controller
 
Advanced DNS Protection
Advanced DNS ProtectionAdvanced DNS Protection
Advanced DNS Protection
 
Webinar: DRaaS - It’s Not Just For Disasters Anymore
Webinar: DRaaS - It’s Not Just For Disasters AnymoreWebinar: DRaaS - It’s Not Just For Disasters Anymore
Webinar: DRaaS - It’s Not Just For Disasters Anymore
 
El riesgo para tu negocio crece; cómo protegerte frente al Ransomware y otras...
El riesgo para tu negocio crece; cómo protegerte frente al Ransomware y otras...El riesgo para tu negocio crece; cómo protegerte frente al Ransomware y otras...
El riesgo para tu negocio crece; cómo protegerte frente al Ransomware y otras...
 
Why DDoS RADAR | MazeBolt Technologies
Why DDoS RADAR | MazeBolt TechnologiesWhy DDoS RADAR | MazeBolt Technologies
Why DDoS RADAR | MazeBolt Technologies
 

Similaire à DDoS Threat Landscape - Ron Winward CHINOG16

DrupalCon Vienna 2017 - Anatomy of DDoS
DrupalCon Vienna 2017 - Anatomy of DDoSDrupalCon Vienna 2017 - Anatomy of DDoS
DrupalCon Vienna 2017 - Anatomy of DDoSSuzanne Aldrich
 
Network And Application Layer Attacks
Network And Application Layer AttacksNetwork And Application Layer Attacks
Network And Application Layer AttacksArun Modi
 
Session for InfoSecGirls - New age threat management vol 1
Session for InfoSecGirls - New age threat management vol 1Session for InfoSecGirls - New age threat management vol 1
Session for InfoSecGirls - New age threat management vol 1InfoSec Girls
 
Unleash the Hammer on Denial-of-Service: Conquer DDos Attacks!
Unleash the Hammer on Denial-of-Service: Conquer DDos Attacks!Unleash the Hammer on Denial-of-Service: Conquer DDos Attacks!
Unleash the Hammer on Denial-of-Service: Conquer DDos Attacks!PriyadharshiniHemaku
 
Denial of Service - Service Provider Overview
Denial of Service - Service Provider OverviewDenial of Service - Service Provider Overview
Denial of Service - Service Provider OverviewMarketingArrowECS_CZ
 
Ddos and mitigation methods.pptx (1)
Ddos and mitigation methods.pptx (1)Ddos and mitigation methods.pptx (1)
Ddos and mitigation methods.pptx (1)btpsec
 
UDP Flood Attack.pptx
UDP Flood Attack.pptxUDP Flood Attack.pptx
UDP Flood Attack.pptxdawitTerefe5
 
Ddos and mitigation methods.pptx
Ddos and mitigation methods.pptxDdos and mitigation methods.pptx
Ddos and mitigation methods.pptxOzkan E
 
Weapons of Mass Disruption by Roman Lara for OWASP San Antonio Chapter meetup
Weapons of Mass Disruption by Roman Lara for OWASP San Antonio Chapter meetupWeapons of Mass Disruption by Roman Lara for OWASP San Antonio Chapter meetup
Weapons of Mass Disruption by Roman Lara for OWASP San Antonio Chapter meetupmichaelxin2015
 
Azure DDoS Protection Standard
Azure DDoS Protection StandardAzure DDoS Protection Standard
Azure DDoS Protection Standardarnaudlh
 
Denial of services : limiting the threat
Denial of services : limiting the threatDenial of services : limiting the threat
Denial of services : limiting the threatSensePost
 
From liability to asset, the role you should be playing in your security arch...
From liability to asset, the role you should be playing in your security arch...From liability to asset, the role you should be playing in your security arch...
From liability to asset, the role you should be playing in your security arch...Jisc
 
Denial of Service Attacks (DoS/DDoS)
Denial of Service Attacks (DoS/DDoS)Denial of Service Attacks (DoS/DDoS)
Denial of Service Attacks (DoS/DDoS)Gaurav Sharma
 
PLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf Ali
PLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf AliPLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf Ali
PLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf AliPROIDEA
 
PLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf Ali
PLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf AliPLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf Ali
PLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf AliMarta Pacyga
 
A10 issa d do s 5-2014
A10 issa d do s 5-2014A10 issa d do s 5-2014
A10 issa d do s 5-2014Raleigh ISSA
 

Similaire à DDoS Threat Landscape - Ron Winward CHINOG16 (20)

DDoS-bdNOG
DDoS-bdNOGDDoS-bdNOG
DDoS-bdNOG
 
DrupalCon Vienna 2017 - Anatomy of DDoS
DrupalCon Vienna 2017 - Anatomy of DDoSDrupalCon Vienna 2017 - Anatomy of DDoS
DrupalCon Vienna 2017 - Anatomy of DDoS
 
Network And Application Layer Attacks
Network And Application Layer AttacksNetwork And Application Layer Attacks
Network And Application Layer Attacks
 
Session for InfoSecGirls - New age threat management vol 1
Session for InfoSecGirls - New age threat management vol 1Session for InfoSecGirls - New age threat management vol 1
Session for InfoSecGirls - New age threat management vol 1
 
Unleash the Hammer on Denial-of-Service: Conquer DDos Attacks!
Unleash the Hammer on Denial-of-Service: Conquer DDos Attacks!Unleash the Hammer on Denial-of-Service: Conquer DDos Attacks!
Unleash the Hammer on Denial-of-Service: Conquer DDos Attacks!
 
Denial of Service - Service Provider Overview
Denial of Service - Service Provider OverviewDenial of Service - Service Provider Overview
Denial of Service - Service Provider Overview
 
Ddos and mitigation methods.pptx (1)
Ddos and mitigation methods.pptx (1)Ddos and mitigation methods.pptx (1)
Ddos and mitigation methods.pptx (1)
 
UDP Flood Attack.pptx
UDP Flood Attack.pptxUDP Flood Attack.pptx
UDP Flood Attack.pptx
 
Ddos and mitigation methods.pptx
Ddos and mitigation methods.pptxDdos and mitigation methods.pptx
Ddos and mitigation methods.pptx
 
Dos attack
Dos attackDos attack
Dos attack
 
Weapons of Mass Disruption by Roman Lara for OWASP San Antonio Chapter meetup
Weapons of Mass Disruption by Roman Lara for OWASP San Antonio Chapter meetupWeapons of Mass Disruption by Roman Lara for OWASP San Antonio Chapter meetup
Weapons of Mass Disruption by Roman Lara for OWASP San Antonio Chapter meetup
 
Azure DDoS Protection Standard
Azure DDoS Protection StandardAzure DDoS Protection Standard
Azure DDoS Protection Standard
 
Denial of services : limiting the threat
Denial of services : limiting the threatDenial of services : limiting the threat
Denial of services : limiting the threat
 
DoS/DDoS
DoS/DDoSDoS/DDoS
DoS/DDoS
 
From liability to asset, the role you should be playing in your security arch...
From liability to asset, the role you should be playing in your security arch...From liability to asset, the role you should be playing in your security arch...
From liability to asset, the role you should be playing in your security arch...
 
Denial of Service Attacks (DoS/DDoS)
Denial of Service Attacks (DoS/DDoS)Denial of Service Attacks (DoS/DDoS)
Denial of Service Attacks (DoS/DDoS)
 
PLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf Ali
PLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf AliPLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf Ali
PLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf Ali
 
PLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf Ali
PLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf AliPLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf Ali
PLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf Ali
 
DDOS (1).ppt
DDOS (1).pptDDOS (1).ppt
DDOS (1).ppt
 
A10 issa d do s 5-2014
A10 issa d do s 5-2014A10 issa d do s 5-2014
A10 issa d do s 5-2014
 

Plus de Radware

Cyber Security Through the Eyes of the C-Suite (Infographic)
Cyber Security Through the Eyes of the C-Suite (Infographic)Cyber Security Through the Eyes of the C-Suite (Infographic)
Cyber Security Through the Eyes of the C-Suite (Infographic)Radware
 
What’s the Cost of a Cyber Attack (Infographic)
What’s the Cost of a Cyber Attack (Infographic)What’s the Cost of a Cyber Attack (Infographic)
What’s the Cost of a Cyber Attack (Infographic)Radware
 
Radware 2016 State of the Union: Multi Industry Web Performance (Desktop)
Radware 2016 State of the Union: Multi Industry Web Performance (Desktop)Radware 2016 State of the Union: Multi Industry Web Performance (Desktop)
Radware 2016 State of the Union: Multi Industry Web Performance (Desktop)Radware
 
The Expanding Role and Importance of Application Delivery Controllers [Resear...
The Expanding Role and Importance of Application Delivery Controllers [Resear...The Expanding Role and Importance of Application Delivery Controllers [Resear...
The Expanding Role and Importance of Application Delivery Controllers [Resear...Radware
 
The Real Cost of Slow Time vs Downtime
The Real Cost of Slow Time vs DowntimeThe Real Cost of Slow Time vs Downtime
The Real Cost of Slow Time vs DowntimeRadware
 
Cyber Attack Survival: Are You Ready?
Cyber Attack Survival: Are You Ready?Cyber Attack Survival: Are You Ready?
Cyber Attack Survival: Are You Ready?Radware
 
Radware ERT Threat Alert: Shellshock Bash
Radware ERT Threat Alert: Shellshock BashRadware ERT Threat Alert: Shellshock Bash
Radware ERT Threat Alert: Shellshock BashRadware
 
The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving Theatre
The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving TheatreThe Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving Theatre
The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving TheatreRadware
 
Mobile Web Stress: Understanding the Neurological Impact of Poor Performance
Mobile Web Stress: Understanding the Neurological Impact of Poor PerformanceMobile Web Stress: Understanding the Neurological Impact of Poor Performance
Mobile Web Stress: Understanding the Neurological Impact of Poor PerformanceRadware
 
Emotional Engagement and Brand Perception
Emotional Engagement and Brand PerceptionEmotional Engagement and Brand Perception
Emotional Engagement and Brand PerceptionRadware
 
InfoSecurity Europe 2014: The Art Of Cyber War
InfoSecurity Europe 2014: The Art Of Cyber WarInfoSecurity Europe 2014: The Art Of Cyber War
InfoSecurity Europe 2014: The Art Of Cyber WarRadware
 
OpenStack Networking: Developing and Delivering a Commercial Solution for Lo...
OpenStack Networking: Developing and Delivering a Commercial Solution for Lo...OpenStack Networking: Developing and Delivering a Commercial Solution for Lo...
OpenStack Networking: Developing and Delivering a Commercial Solution for Lo...Radware
 
SecureWorld St. Louis: Survival in an Evolving Threat Landscape
SecureWorld St. Louis: Survival in an Evolving Threat LandscapeSecureWorld St. Louis: Survival in an Evolving Threat Landscape
SecureWorld St. Louis: Survival in an Evolving Threat LandscapeRadware
 
In the Line of Fire - The Morphology of Cyber-Attacks
In the Line of Fire - The Morphology of Cyber-AttacksIn the Line of Fire - The Morphology of Cyber-Attacks
In the Line of Fire - The Morphology of Cyber-AttacksRadware
 
Survival in an Evolving Threat Landscape
Survival in an Evolving Threat LandscapeSurvival in an Evolving Threat Landscape
Survival in an Evolving Threat LandscapeRadware
 
In the Line of Fire-the Morphology of Cyber Attacks
In the Line of Fire-the Morphology of Cyber AttacksIn the Line of Fire-the Morphology of Cyber Attacks
In the Line of Fire-the Morphology of Cyber AttacksRadware
 
In the Line of Fire-the Morphology of Cyber Attacks
In the Line of Fire-the Morphology of Cyber AttacksIn the Line of Fire-the Morphology of Cyber Attacks
In the Line of Fire-the Morphology of Cyber AttacksRadware
 
Radware DefenseFlow-The SDN Application That Programs Networks for DoS Security
Radware DefenseFlow-The SDN Application That Programs Networks for DoS Security Radware DefenseFlow-The SDN Application That Programs Networks for DoS Security
Radware DefenseFlow-The SDN Application That Programs Networks for DoS Security Radware
 
In the Line of Fire-the Morphology of Cyber Attacks
In the Line of Fire-the Morphology of Cyber AttacksIn the Line of Fire-the Morphology of Cyber Attacks
In the Line of Fire-the Morphology of Cyber AttacksRadware
 
SecureWorld: Information Security Adaption: Survival In An Evolving Threat L...
SecureWorld: Information Security Adaption: Survival In An Evolving Threat L...SecureWorld: Information Security Adaption: Survival In An Evolving Threat L...
SecureWorld: Information Security Adaption: Survival In An Evolving Threat L...Radware
 

Plus de Radware (20)

Cyber Security Through the Eyes of the C-Suite (Infographic)
Cyber Security Through the Eyes of the C-Suite (Infographic)Cyber Security Through the Eyes of the C-Suite (Infographic)
Cyber Security Through the Eyes of the C-Suite (Infographic)
 
What’s the Cost of a Cyber Attack (Infographic)
What’s the Cost of a Cyber Attack (Infographic)What’s the Cost of a Cyber Attack (Infographic)
What’s the Cost of a Cyber Attack (Infographic)
 
Radware 2016 State of the Union: Multi Industry Web Performance (Desktop)
Radware 2016 State of the Union: Multi Industry Web Performance (Desktop)Radware 2016 State of the Union: Multi Industry Web Performance (Desktop)
Radware 2016 State of the Union: Multi Industry Web Performance (Desktop)
 
The Expanding Role and Importance of Application Delivery Controllers [Resear...
The Expanding Role and Importance of Application Delivery Controllers [Resear...The Expanding Role and Importance of Application Delivery Controllers [Resear...
The Expanding Role and Importance of Application Delivery Controllers [Resear...
 
The Real Cost of Slow Time vs Downtime
The Real Cost of Slow Time vs DowntimeThe Real Cost of Slow Time vs Downtime
The Real Cost of Slow Time vs Downtime
 
Cyber Attack Survival: Are You Ready?
Cyber Attack Survival: Are You Ready?Cyber Attack Survival: Are You Ready?
Cyber Attack Survival: Are You Ready?
 
Radware ERT Threat Alert: Shellshock Bash
Radware ERT Threat Alert: Shellshock BashRadware ERT Threat Alert: Shellshock Bash
Radware ERT Threat Alert: Shellshock Bash
 
The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving Theatre
The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving TheatreThe Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving Theatre
The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving Theatre
 
Mobile Web Stress: Understanding the Neurological Impact of Poor Performance
Mobile Web Stress: Understanding the Neurological Impact of Poor PerformanceMobile Web Stress: Understanding the Neurological Impact of Poor Performance
Mobile Web Stress: Understanding the Neurological Impact of Poor Performance
 
Emotional Engagement and Brand Perception
Emotional Engagement and Brand PerceptionEmotional Engagement and Brand Perception
Emotional Engagement and Brand Perception
 
InfoSecurity Europe 2014: The Art Of Cyber War
InfoSecurity Europe 2014: The Art Of Cyber WarInfoSecurity Europe 2014: The Art Of Cyber War
InfoSecurity Europe 2014: The Art Of Cyber War
 
OpenStack Networking: Developing and Delivering a Commercial Solution for Lo...
OpenStack Networking: Developing and Delivering a Commercial Solution for Lo...OpenStack Networking: Developing and Delivering a Commercial Solution for Lo...
OpenStack Networking: Developing and Delivering a Commercial Solution for Lo...
 
SecureWorld St. Louis: Survival in an Evolving Threat Landscape
SecureWorld St. Louis: Survival in an Evolving Threat LandscapeSecureWorld St. Louis: Survival in an Evolving Threat Landscape
SecureWorld St. Louis: Survival in an Evolving Threat Landscape
 
In the Line of Fire - The Morphology of Cyber-Attacks
In the Line of Fire - The Morphology of Cyber-AttacksIn the Line of Fire - The Morphology of Cyber-Attacks
In the Line of Fire - The Morphology of Cyber-Attacks
 
Survival in an Evolving Threat Landscape
Survival in an Evolving Threat LandscapeSurvival in an Evolving Threat Landscape
Survival in an Evolving Threat Landscape
 
In the Line of Fire-the Morphology of Cyber Attacks
In the Line of Fire-the Morphology of Cyber AttacksIn the Line of Fire-the Morphology of Cyber Attacks
In the Line of Fire-the Morphology of Cyber Attacks
 
In the Line of Fire-the Morphology of Cyber Attacks
In the Line of Fire-the Morphology of Cyber AttacksIn the Line of Fire-the Morphology of Cyber Attacks
In the Line of Fire-the Morphology of Cyber Attacks
 
Radware DefenseFlow-The SDN Application That Programs Networks for DoS Security
Radware DefenseFlow-The SDN Application That Programs Networks for DoS Security Radware DefenseFlow-The SDN Application That Programs Networks for DoS Security
Radware DefenseFlow-The SDN Application That Programs Networks for DoS Security
 
In the Line of Fire-the Morphology of Cyber Attacks
In the Line of Fire-the Morphology of Cyber AttacksIn the Line of Fire-the Morphology of Cyber Attacks
In the Line of Fire-the Morphology of Cyber Attacks
 
SecureWorld: Information Security Adaption: Survival In An Evolving Threat L...
SecureWorld: Information Security Adaption: Survival In An Evolving Threat L...SecureWorld: Information Security Adaption: Survival In An Evolving Threat L...
SecureWorld: Information Security Adaption: Survival In An Evolving Threat L...
 

Dernier

Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embeddingZilliz
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfSeasiaInfotech2
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 

Dernier (20)

Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embedding
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdf
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 

DDoS Threat Landscape - Ron Winward CHINOG16

  • 1. © Radware 2016 Ron Winward Security Evangelist Radware May 12, 2016 DDoS Threat Landscape
  • 2.
  • 3. DDoS Handbook • A history and overview of DDoS • Review of attack types and tools • DDoS Mitigation Considerations • DDoS Dictionary
  • 4. Security Products Now Cause of 36% of Downtime DDoS Failure Points within the Network – Internet Pipe Saturation remains single greatest failure point – Stateful firewalls jump from 15% to 26% – Last third take down targeted web/SQL servers
  • 5. “Low & Slow” DoS attacks (e.g.Slowloris) Complexity of Attacks Continues to Grow Multi-vector attacks target all layers of the infrastructure IPS/IDS Large volume network flood attacks Syn Floods Network Scan HTTP Floods SSL Floods App Misuse Brute Force On-Demand Cloud DDoS DoS protection Behavioral analysis IPS WAFSSL protection Internet Pipe Firewall Load Balancer/ADC Server Under Attack SQL Server XSS, CSRFSQL Injections
  • 6.
  • 7. Types of Attacks Attacks Targeting Network Resources Attacks Targeting Server Resources • UDP • ICMP • IGMP • Reflection • DNS, SSDP, NTP, etc TCP Weaknesses SYN Floods TCP RST TCP PSH+ACK Flood Low and Slow - Sockstress, Slowloris Our current research shows an even split between network and application-layer attacks
  • 8. Types of Attacks (cont.) Encrypted Attacks Attacks Targeting App Resources • HTTPS Floods • SSL-based Attacks • THC-SSL-DOS HTTP Flood DNS Flood Slow HTTP GET Request Slow HTTP POST Request RegEx Hash Collision
  • 9. User Datagram Protocol (UDP) Connectionless protocol Doesn’t exploit a specific vulnerability Typically spoofed source IPs, often packets are sent to random dest ports Server has to respond with ICMP unreachables Compute resources are consumed Network capacity is consumed UDP Floods
  • 10. Internet Control Message Protocol (ICMP) Connectionless protocol Doesn’t exploit a specific vulnerability Can be any type of ICMP message Volumetric in nature Target has to try and process all of the requests This is why we have ICMP policers on routers  – The premise holds true for all devices that have to respond ICMP Floods
  • 11. DNS, SSDP, NTP, etc. Most common attacks today Leverage the disparity between a request and a reply Amplification can be huge Source IP of the request is spoofed as the target’s IP Target is overwhelmed Reflection Attacks
  • 12. Protocol exploits Misuse of the six control bits, SYN, ACK, RST, PSH, FIN and URG TCP requires a 3-way negotiation in order for a session to be established – SYN, SYN-ACK, ACK – Each request creates a half-open connection Attacks will often send packets in the wrong order to consume resources on the target while it tries to interpret what’s happening TCP Weaknesses
  • 13. One of the most common vectors Attacker floods the target with SYN packets from spoofed source IPs Target opens a thread and assigns buffers to prepare for each connection Target sends a SYN-ACK back to the spoofed requestor No response, so target sends more SYN-ACKs until it times out Server is unable to timeout old sessions before new ones can be handled SYN Floods
  • 14. SYN Flood Impact on Firewall Bandwidth CPU Impact
  • 15. Most common application layer attack Multiple machines continually download the content from a target Target server exhausts resources trying to deliver the content and handle the connections Slow HTTP GET attack also exists HTTP GET Flood
  • 16. Common Application Layer attack Essentially holding open connections Can be launched from a single machine Slowloris – Opens connections and sends a partial request – Eventually sends more of the request but not complete request – Connections stay open and max concurrent connections is exhausted Low and Slow Attacks
  • 17. Developed by hacking group The Hackers Choice (THC) Low and Slow + Encrypted Initiates a regular SSL handshake Immediately requests the renegotiation of the encryption key Continues process until exhaustion How will you see this if it’s an encrypted attack? – Low and slow, so difficult to distinguish from real traffic! Single PC can take down a server THC-SSL-DOS
  • 18.
  • 19. Anonymous DoSer Anonymous Ping Attack BlackOut BlackBurn ByteDoS FireFlood Generic DDoS GoodBye HOIC LOIC XOIC Pringle DDoS rDoS Unknown DoSer Anonymous Tools for 2016
  • 20. Anonymous DoSer • TCP SYN Flood • Launched from a client
  • 21. Anonymous Ping Attack • ICMP Ping tool
  • 22. Black Out • TCP • UDP • (QUIC) • ICMP • HTTP • “GET /” • Customizable text in payload
  • 23. BBHH (Black Burn) • SYN Flood • Few options
  • 24. ByteDoS • SYN Flood • ICMP Flood • DNS Resolution
  • 25. FireFlood • Targets web servers • Starts with QUIC • Switches to HTTP GET • Embeds some browser info
  • 26. Generic DDoS • Slowloris attack • You set the duration • Meaningless POST • Server replies • Connections consumed
  • 27. HOIC • Sends HTTP Post and GET requests • Allows booster scripts to enhance attacks, feeding source data into attack payload • Very common, highly available
  • 28. LOIC • Early flooding tool used by Anonymous • TCP, UDP, HTTP Floods • Hivemind feature allowing centralized control via IRC • Does not obscure source IP
  • 29. Pringle DDoS • Ping tool • Plays music! • Otherwise not overly interesting
  • 30. Attack OS Distros • Parrot OS • Popular OS for hacker, like Kali Linux • DNS • NTP • SNMP • SSDP • Kali • Cyborg • BlackArch
  • 31.
  • 32. Lizard Squad‘s public stresser services $19.99 => 15GB attack for 1200 second – DNS – SNMP – SYN Shenron Attack Tool
  • 33. One of the most popular tools $19.99 will gain access to 216 Gbps Attack Network DNS, NTP, ESSYN, xSYN, TS3, TCP-ACK, Dominate, VSE, SNMP, PPS, Portmap and TCP-Amp VDoS Attack Tool
  • 34. RouterSlap! For $6 you can get a 10- minute attack that is 5- 10G SNMP, DNS, CHARGEN, NTP, SSDP, ESSYN, SSYN, ZXYN, Dominate, VSE, ISSYN, RSSYN, Joomla Attack scheduling Unlimited daily attacks RouterSlap
  • 35.
  • 36. Lessons Learned - Successful Attack Mitigation Proactive Preparation and Planning is Key Need for a Attack Mitigation solution with the widest coverage to protect from multi-vector attacks, including protection from network and application based DDoS attacks. Monitor security alerts and examine triggers carefully. Tune existing polices and protections to prevent false positives and accurate detection. Consider a hybrid solution that integrates on- premise detection and mitigation with cloud- based protection - to block volumetric attacks. A cyber-security emergency response plan that includes an emergency response team and process in place. Identify areas where helped is needed from a third party. A single point of contact is crucial when under attack - it will help to divert internet traffic and deploy mitigation solutions.
  • 37. © Radware 2016 Thank You ron.winward@radware.com www.radware.com security.radware.com