INTRODUCTION: DDOS ATTACKS GLOBAL THREAT INTELLIGENCE REPORT 2015 :: COPYRIGHT 2015 NTT INNOVATION INSTITUTE 1 LLC
|
|
- Tamsin Nash
- 6 years ago
- Views:
Transcription
1 INTRODUCTION: DDOS ATTACKS 1
2 DDOS ATTACKS Though Denial of Service (DoS) and Distributed Denial of Service (DDoS) have been common attack techniques used by malicious actors for some time now, organizations still struggle to properly mitigate these threats. Such attacks can have a significant impact on a victimized organization. For years now, NTT Group has been helping prepare clients for such attacks. Every year, new capabilities to mitigate DoS and DDoS threats enter the security marketplace. From application layer appliances to the capabilities of content distribution networks, there has been a great focus on managing the impact of these attacks. The following sections present analyses of DDoS attacks, and a case study of a DDoS attack which used a legitimate application feature against the targeted organization. Read more at the Global Threat Intelligence Report Online at: 2
3 DDOS ATTACKS: DISTRIBUTED DENIAL OF SERVICE OBSERVATIONS 1
4 DISTRIBUTED DENIAL OF SERVICE OBSERVATIONS NTT is one of the largest Internet providers in the world, with a significant share of the world s Internet traffic passing through the global public NTT network. As a provider with world-wide coverage managing this much bandwidth, one of NTT s important tasks is to mitigate large distributed denial of service attacks (DDoS). These attacks historically have focused on flooding a victim s networks with so much data or activity that legitimate services are rendered unavailable. These volume-based attacks are very different from application DDoS attacks (such as that described in the Web Application DDoS Attack case study in Section F.4 of this report), which consume application processing resources. The distribution of DDoS attacks (by type of attack) observed by NTT in 2014 is presented in the following chart. DDOS BY TYPE NTP Amplification Multi-vector TCP SYN SSDP Amplification DNS Amplification Other 0% 7% 14% 21% 28% 35% Caption: NTP amplification leads the number of attacks by type of attack. 2
5 63 percent of all DDoS attacks observed were related to UDP based protocols and services (NTP, SSDP and DNS). Discussions of different DDoS attack types observed in 2014 are presented below. NTP Amplification Attacks With 32 percent of all DDoS attacks during 2014, the most common type of attack we observed was the Network Time Protocol (NTP) amplification attack. In this attack, an attacker changes the source address of an NTP query to the intended victim s address, then sends the maliciously spoofed query to one or more NTP servers. The NTP servers respond to the IP address of the victim (the spoofed source address). The amplification components of the attack are what make it interesting. A very small query to an NTP server can produce a very large response if using particular NTP options. TCP SYN Flood Attacks Another of the largest types of DDoS attacks, with 16 percent of the total, is also one of the oldest and most consistently observed over the years. The TCP SYN flood attack is performed by flooding the target network with a large number of TCP SYN requests which results in the exhaustion of available resources. If mitigating controls are not put in place, a malicious attacker can use this tactic to create a large number of partially-open connections to a server. This can exhaust all available sessions, preventing users from connecting to ports which would normally be accessible for legitimate services. Attackers can further ensure the success of SYN floods by employing different techniques to exhaust resources. This may include spoofing the source IP addresses, targeting multiple ports, attacking from multiple distributed sources, and the use of botnets. 3
6 SSDP Amplification Attacks Another type of DDoS traffic observed in 2014 was Simple Service Discovery Protocol (SSDP) amplification, which made up 9 percent of all DDoS attacks observed. SSDP was created to help devices discover and connect to each other, and is part of the Universal Plug and Play (UPnP) protocol. The protocol was first introduced in 1999 and by default uses UDP port 1900 for communication. Similar to other attacks such as DNS and NTP amplification, attackers send specially crafted requests to an SSDP enabled device and direct the response to the targeted system. Although the service defaults to UDP/1900 it can be directed to send responses to other ports and services. Since there is no shortage of SSDP enabled devices it is a good candidate for attackers to use during reflection and amplification based attacks. Several tools allow attackers to identify SSDP enabled devices and launch attacks. Botnets capable of performing SSDP DDoS attacks may use compromised home computing, network and residential applications to conduct attacks. Due to the wide use of SSDP, especially in residential applications such as network modem/ router bundles, wireless access points, and many home entertainment appliances and gaming systems, it is likely that SSDP DDoS attacks will continue. Unfortunately, most devices which implement SSDP enable this feature by default and it is unlikely that residential users will patch or disable these services. Multi-Vector Attacks In multi-vector attacks, combinations of different DDoS attack types are used during a single incident. Attackers will often initiate attacks using one method but may adapt their approach during the attack if the primary method of attack is not as effective as anticipated. 4
7 Alternatively, attackers may elect to use multiple methods of attack simultaneously to ensure their success. For example, attackers may start with NTP amplification but then use methods such as SYN flood, SSDP, application specific or other methods to amplify the effect of the attack. Multi-vector attacks can be a powerful tactic since this increases the chances of success. These attacks are also designed to overwhelm defenses and organizational staff. It can be a challenge for organizations to respond to multivector attacks since different attack techniques require different mitigation and defensive approaches. DDoS Mitigation Recommendations DDoS attacks have been around for some time. Preventive measures have had a chance to mature, and some measures have proven to be more reliable than others. While they must be evaluated in each organization s unique environment, NTT Group offers the following recommendations: Technical Recommendations: Organizations should look at implementing a layered approach to DDoS mitigation controls leveraging multiple technologies. Implement onsite application DoS mitigation services such as a web application firewall. Filter traffic at multiple points of ingress including the upstream ISP and via content distribution networks or scrubbing services. Third-party traffic scrubbing and filtering services can be valuable because they often anticipate the need to address multiple types of DDoS attacks. Implement dynamic bandwidth services which can scale bandwidth as an attack unfolds. This is not optimal as a long term solution but can help absorb some of the initial impact of an attack. 5
8 Many network firewalls, load balancers and servers support rate limiting or session timeouts. Ensure organizational staff understands the environment and tools which are already available. Understand the capabilities of the organizations and the ISP to handle TCP SYN flood attacks. Many ISPs implement detection for spoofed IP addresses and filter these by default. Keep in mind that ISPs often do a great job at filtering high-volume attacks, but smaller attacks may go unnoticed and not be filtered. Depending on the focus of the attack, host or application-based controls can help mitigate session or connection exhaustion. Ensure the organization follows system and service hardening guidelines to reduce misconfiguration issues and limit services running. Non-technical Recommendations: Ensure the organization understands not only its ability to detect a DDoS attack, but its ability to respond. Account for DDoS attacks in the organization s business continuity and disaster recovery plans. Evaluate the financial impact a DDoS attack would have on organizational operations and services. DDoS attacks are often used to mask other criminal activities. In the event of a DDoS attack, ensure the organization is remaining alert for other malicious activities which may be occurring (fraudulent wire transfers, other breaches, and data exfiltration from other network segments). Know who to call for support during a DDoS attack (SOC, vendors, ISPs, incident response teams). Read more at the Global Threat Intelligence Report Online at: 6
9 DDOS ATTACKS: CALENDAR VIEW OF THE DDOS ATTACK TYPES 1
10 CALENDAR VIEW OF THE DISTRIBUTION OF DDOS ATTACK TYPES NTT Group analyzed DDoS attack data for the most common attack methods witnessed during UDP protocol based attacks (NTP, DNS, SSDP and others) were observed throughout the year. The most notable and impactful attack methods observed during 2014 were NTP and SSDP amplification attacks. During the first quarter of 2014 DDoS mitigation providers and the general media recognized significant spikes in NTP based DDoS activity. NTT Group saw the same result in the data we collected. As depicted in the following chart, the majority of NTP amplification activity for the year was observed from January through April 2014, with only a small reoccurrence of similar attacks in the fourth quarter. One of the primary reasons for this dramatic increase in NTP related attacks was the availability of toolkits allowing attackers to initiate powerful attacks without requiring extensive skills. One of the toolkits providing this capability is NTP-AMP. PERCENTAGE OF DDOS ATTACK TYPES BY MONTH 45% 40% 35% 30% 25% 20% 15% 10% 5% 0% DNS Amplification SSDP Amplification Multi-Vector TCP SYN Other NTP Amplification Month Caption: Percentage of attack types by month. 2
11 Not quite as high volume, NTT Group observed SSDP amplification attacks growing in July and continuing to gain momentum during the fourth quarter, peaking in December The rise of SSDP based attacks in the last quarter of 2014 was rapid and widespread. This jump in observed attacks is likely due to the increased visibility of reflectionbased DDoS capability awareness and the availability of tools supporting these attack methods. With the global availability of UPnP and SSDP enabled devices it is likely we will continue to observe SSDP based attacks for the near future. For specific recommendations and more information on the DDoS attack types covered in this section, please also read the Distributed Denial of Service Observation section of the report. Read more at the Global Threat Intelligence Report Online at: 3
VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT
VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT VOLUME 4, ISSUE 1 1ST QUARTER 2017 Complimentary report supplied by CONTENTS EXECUTIVE SUMMARY 3 VERISIGN-OBSERVED DDoS ATTACK TRENDS: Q1 2017 4 DDoS
More informationVERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT
VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT VOLUME 4, ISSUE 3 3RD QUARTER 2017 Complimentary report supplied by CONTENTS EXECUTIVE SUMMARY 3 VERISIGN-OBSERVED DDoS ATTACK TRENDS: Q3 2017 4 DDoS
More informationVERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT
VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT VOLUME 4, ISSUE 4 4TH QUARTER 2017 Complimentary report supplied by CONTENTS EXECUTIVE SUMMARY 3 VERISIGN-OBSERVED DDoS ATTACK TRENDS: Q4 2017 4 DDoS
More informationCloudflare Advanced DDoS Protection
Cloudflare Advanced DDoS Protection Denial-of-service (DoS) attacks are on the rise and have evolved into complex and overwhelming security challenges. 1 888 99 FLARE enterprise@cloudflare.com www.cloudflare.com
More informationAn Introduction to DDoS attacks trends and protection Alessandro Bulletti Consulting Engineer, Arbor Networks
An Introduction to DDoS attacks trends and protection Alessandro Bulletti Consulting Engineer, Arbor Networks abulletti@arbor.net Topics Covered The DDOS cyber threat and impacts Cyprus attacks trend in
More informationA custom excerpt from Frost & Sullivan s Global DDoS Mitigation Market Research Report (NDD2-72) July, 2014 NDD2-74
Analysis of the Global Distributed Denial of Service (DDoS) Mitigation Market Abridged Version Rise of the DDoS Attack Spurs Demand for Comprehensive Solutions A custom excerpt from Frost & Sullivan s
More informationVERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT
VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT VOLUME 5, ISSUE 1 1ST QUARTER 2018 Complimentary report supplied by CONTENTS EXECUTIVE SUMMARY 3 VERISIGN-OBSERVED DDoS ATTACK TRENDS: Q1 2018 4 DDoS
More informationSecurity+ Guide to Network Security Fundamentals, Fourth Edition. Network Attacks Denial of service Attacks
Security+ Guide to Network Security Fundamentals, Fourth Edition Network Attacks Denial of service Attacks Introduction: What is DoS? DoS attack is an attempt (malicious or selfish) by an attacker to cause
More informationVERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT
VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT VOLUME 5, ISSUE 2 2ND QUARTER 2018 Complimentary report supplied by CONTENTS EXECUTIVE SUMMARY 3 VERISIGN-OBSERVED DDoS ATTACK TRENDS: Q2 2018 4 DDoS
More informationVERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT
VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT VOLUME 3, ISSUE 3 3RD QUARTER 2016 Complimentary report supplied by CONTENTS EXECUTIVE SUMMARY 3 VERISIGN-OBSERVED DDoS ATTACK TRENDS: Q3 2016 4 DDoS
More informationTOP TEN DNS ATTACKS PROTECTING YOUR ORGANIZATION AGAINST TODAY S FAST-GROWING THREATS
TOP TEN DNS ATTACKS PROTECTING YOUR ORGANIZATION AGAINST TODAY S FAST-GROWING THREATS 1 Introduction Your data and infrastructure are at the heart of your business. Your employees, business partners, and
More informationGuide to DDoS Attacks November 2017
This Multi-State Information Sharing and Analysis Center (MS-ISAC) document is a guide to aid partners in their remediation efforts of Distributed Denial of Service (DDoS) attacks. This guide is not inclusive
More informationChapter 7. Denial of Service Attacks
Chapter 7 Denial of Service Attacks DoS attack: An action that prevents or impairs the authorized use of networks, systems, or applications by exhausting resources such as central processing units (CPU),
More informationTechnical White Paper June 2016
TLP:WHITE! Technical White Paper June 2016 GuidetoDDoSAttacks! Authored)by:) Lee)Myers,)Senior)Manager)of)Security)Operations) Christopher)Cooley,)Cyber)Intelligence)Analyst) This MultiCState Information
More informationCyber Security Guidelines Distributed Denial of Service (DDoS) Attacks
Cyber Security Guidelines Distributed Denial of Service (DDoS) Attacks Version: 1.0 Author: Cyber Security Policy and Standards Document Published Date: March 2018 Table of Contents Version: 1.0 Page 1
More informationGlobal DDoS Threat Landscape
DDOS REPORT Global DDoS Threat Landscape OVERVIEW Overview The number of network layer attacks continued to fall in, the fourth consecutive quarterly drop since peaking in Q2 2016. After reaching a record
More informationsnoc Snoc DDoS Protection Fast Secure Cost effective Introduction Snoc 3.0 Global Scrubbing Centers Web Application DNS Protection
Snoc DDoS Protection Fast Secure Cost effective sales@.co.th www..co.th securenoc Introduction Snoc 3.0 Snoc DDoS Protection provides organizations with comprehensive protection against the most challenging
More informationImma Chargin Mah Lazer
Imma Chargin Mah Lazer How to protect against (D)DoS attacks Oliver Matula omatula@ernw.de #2 Denial of Service (DoS) Outline Why is (D)DoS protection important? Infamous attacks of the past What types
More informationDDoS MITIGATION BEST PRACTICES
DDoS MITIGATION BEST PRACTICES DDoS ATTACKS ARE INCREASING EXPONENTIALLY Organizations are becoming increasingly aware of the threat that Distributed Denial of Service (DDoS) attacks can pose. According
More informationDNS SECURITY BENEFITS OF OUTSOURCING YOUR DNS TO AN IP ANYCAST+ PROVIDER
BENEFITS OF OUTSOURCING YOUR DNS TO AN IP ANYCAST+ PROVIDER Introduction DDoS attacks are rapidly growing in magnitude and frequency every year. Just in the last year, attack rates have risen 132% (Q2
More informationIntroduction to DDoS Attacks
Introduction to DDoS Attacks Chris Beal Chief Security Architect MCNC chris.beal@mcnc.org @mcncsecurity on Twitter 2015 MCNC General Use v1.0 DDoS in the News July 2015 2015 MCNC General Use v1.0 DDoS
More informationComputer Security: Principles and Practice
Computer Security: Principles and Practice Chapter 8 Denial of Service First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Denial of Service denial of service (DoS) an action
More informationDistributed Denial of Service (DDoS)
Global Leader in DDoS Mitigation Threat Report Distributed Denial of Service (DDoS) Threat Report Q2 2017 456 Montgomery Street, Suite 800 San Francisco, CA 94104 USA +1 415 299 8550 Contents 1. Methodology...................
More informationakamai s [state of the internet] / security
[Volume 2 / Number 2] akamai s [state of the internet] / security Q2 215 executive summary The Security Report has five research sections: Quarter-over-quarter and year-ago quarterly attack statistics
More informationWHITE PAPER. DDoS of Things SURVIVAL GUIDE. Proven DDoS Defense in the New Era of 1 Tbps Attacks
WHITE PAPER 2017 DDoS of Things SURVIVAL GUIDE Proven DDoS Defense in the New Era of 1 Tbps Attacks Table of Contents Cyclical Threat Trends...3 Where Threat Actors Target Your Business...4 Network Layer
More informationDDoS: STRATEGIES FOR DEALING WITH A GROWING THREAT
DDoS: STRATEGIES FOR DEALING WITH A GROWING THREAT 01. EXECUTIVE SUMMARY This report summarizes recent research on distributed denial of service (DDoS) attacks, which looks at data collated recently and
More informationProlexic Attack Report Q4 2011
Prolexic Attack Report Q4 2011 Prolexic believes the nature of DDoS attacks are changing: they are becoming more concentrated and damaging. Packet-per-second volume is increasing dramatically, while attack
More informationSYMANTEC ENTERPRISE SECURITY. Symantec Internet Security Threat Report September 2005 Power and Energy Industry Data Sheet
SYMANTEC ENTERPRISE SECURITY Symantec Internet Security Threat Report September 00 Power and Energy Industry Data Sheet An important note about these statistics The statistics discussed in this document
More informationDistributed Denial of Service (DDoS)
Global Leader in DDoS Mitigation Threat Report Distributed Denial of Service (DDoS) Threat Report Q1 2017 456 Montgomery Street, Suite 800 San Francisco, CA 94104 USA +1 415 299 8550 Contents 1. Methodology...................
More informationSecurity Whitepaper. DNS Resource Exhaustion
DNS Resource Exhaustion Arlyn Johns October, 2014 DNS is Emerging as a Desirable Target for Malicious Actors The current threat landscape is complex, rapidly expanding and advancing in sophistication.
More informationArbor Solution Brief Arbor Cloud for Enterprises
Arbor Solution Brief Arbor Cloud for Enterprises Integrated DDoS Protection from the Enterprise to the Cloud About Arbor Networks Arbor Networks Inc., the cyber security division of NETSCOUT, helps secure
More informationMulti-vector DDOS Attacks
Multi-vector DDOS Attacks Detection and Mitigation Paul Mazzucco Chief Security Officer August 2015 Key Reasons for Cyber Attacks Money and more money Large number of groups From unskilled to advanced
More informationPROTECTING INFORMATION ASSETS NETWORK SECURITY
PROTECTING INFORMATION ASSETS NETWORK SECURITY PAUL SMITH 20 years of IT experience (desktop, servers, networks, firewalls.) 17 years of engineering in enterprise scaled networks 10+ years in Network Security
More informationWhy IPS Devices and Firewalls Fail to Stop DDoS Threats
Arbor White Paper Why IPS Devices and Firewalls Fail to Stop DDoS Threats How to Protect Your Data Center s Availability About Arbor Networks Arbor Networks, Inc. is a leading provider of network security
More informationComprehensive datacenter protection
Comprehensive datacenter protection There are several key drivers that are influencing the DDoS Protection market: DDoS attacks are increasing in frequency DDoS attacks are increasing in size DoS attack
More informationInternet2 DDoS Mitigation Update
Internet2 DDoS Mitigation Update Nick Lewis, Program Manager - Security and Identity, Internet2 Karl Newell, Cyberinfrastructure Security Engineer, Internet2 2016 Internet2 Let s start with questions!
More informationPractical Guide to Choosing a DDoS Mitigation Service WHITEPAPER
1 From massive volumetric attacks to sophisticated application level threats, DDoS attacks are bigger, smarter and more dangerous than ever. Given today s threat landscape and the availability of inexpensive,
More informationDenial of Service (DoS)
Flood Denial of Service (DoS) Comp Sci 3600 Security Outline Flood 1 2 3 4 5 Flood 6 7 8 Denial-of-Service (DoS) Attack Flood The NIST Computer Security Incident Handling Guide defines a DoS attack as:
More informationA Survey of Defense Mechanisms Against DDoS Flooding A
DDoS Defense: Scope And A Survey of Defense Mechanisms Against DDoS Flooding Attacks IIT Kanpur IEEE COMMUNICATIONS SURVEYS & TUTORIALS, VOL. 15, NO. 4, FOURTH QUARTER 2013 DDoS Defense: Scope And Outline
More informationNISCC Technical Note 06/02: Response to Distributed Denial of Service (DDoS) Attacks
NISCC Technical Note 06/02: Response to Distributed Denial of Service (DDoS) Attacks Background This NISCC technical note is intended to provide information to enable organisations in the UK s Critical
More informationDDOS DETECTION AND RESPONSE TRENDS IN THE ENTERPRISE: AN IANS CUSTOM REPORT
DDOS DETECTION AND RESPONSE TRENDS IN THE ENTERPRISE: AN IANS CUSTOM REPORT SEPTEMBER 2014 COMMISSIONED BY: Contents Contents... 2 Introduction... 3 About the Survey and Respondents... 3 The Current State
More informationHOW TO HANDLE A RANSOM- DRIVEN DDOS ATTACK
From the Security Experts at Corero Network Security HOW TO HANDLE A RANSOM- DRIVEN DDOS ATTACK Be Proactive, Not Reactive STEP-BY-STEP GUIDE The Rise of Ransom-Driven DDoS Attacks Ransom-related Denial
More informationEnterprise D/DoS Mitigation Solution offering
Enterprise D/DoS Mitigation Solution offering About the Domain TCS Enterprise Security and Risk Management (ESRM) offers full services play in security with integrated security solutions. ESRM s solution
More informationO N L I N E I N C I D E N T R E S P O N S E C O M M U N I T Y
Automate Response Congratulations on selecting IncidentResponse.com to retrieve your custom incident response playbook guide. This guide has been created especially for you for use in within your security
More informationINCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Elevation of Privilege
Automate Response Congratulations on selecting IncidentResponse.com to retrieve your custom incident response playbook guide. This guide has been created especially for you for use in within your security
More informationDENIAL OF SERVICE ATTACKS
DENIAL OF SERVICE ATTACKS Ezell Frazier EIS 4316 November 6, 2016 Contents 7.1 Denial of Service... 2 7.2 Targets of DoS attacks... 2 7.3 Purpose of flood attacks... 2 7.4 Packets used during flood attacks...
More informationCOMPUTER NETWORK SECURITY
COMPUTER NETWORK SECURITY Prof. Dr. Hasan Hüseyin BALIK (7 th Week) 7. Denial-of-Service Attacks 7.Outline Denial of Service Attacks Flooding Attacks Distributed Denial of Service Attacks Application Based
More informationA GUIDE TO DDoS PROTECTION
HTTP CACHE BYPASS FLOOD THINK APP SECURITY FIRST CHOOSING THE RIGHT MODEL A GUIDE TO DDoS PROTECTION DNS AMPLIFICATION INTRODUCTION By thinking proactively about DDoS defense, organizations can build a
More informationWEB DDOS PROTECTION APPLICATION PROTECTION VIA DNS FORWARDING
WEB DDOS PROTECTION APPLICATION PROTECTION VIA DNS FORWARDING A STRONG PARTNER COMPANY Link11 - longstanding security experience Link11 is a European IT security provider, headquartered in Frankfurt, Germany
More informationArbor White Paper. DDoS: THE STAKES HAVE CHANGED. HAVE YOU? REVEALED: 3 dangerous myths about DDoS attacks
Arbor White Paper DDoS: THE STAKES HAVE CHANGED. HAVE YOU? REVEALED: 3 dangerous myths about DDoS attacks The findings of the latest annual Worldwide Infrastructure Security Report (WISR) by Arbor Networks
More informationDDoS: Coordinated Attacks Analysis
DDoS: Coordinated Attacks Analysis This article will cover some concepts about a well-known attack named DDoS (Distributed Denial-of-Service) with some lab demonstrations as a Proof of Concept with countermeasures.
More informationA10 DDOS PROTECTION CLOUD
DATA SHEET A10 DDOS PROTECTION CLOUD A10 Networks provides full spectrum DDoS defenses. This includes multi-vector protection from attacks of any type to ensure the availability of enterprise business
More informationINCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Unauthorized Access
Automate Response Congratulations on selecting IncidentResponse.com to retrieve your custom incident response playbook guide. This guide has been created especially for you for use in within your security
More informationWar Stories from the Cloud: Rise of the Machines. Matt Mosher Director Security Sales Strategy
War Stories from the Cloud: Rise of the Machines Matt Mosher Director Security Sales Strategy The Akamai Intelligent Platform The Platform 175,000+ Servers 2,300+ Locations 750+ Cities 92 Countries 1,227+
More informationEnhancing DDoS protection TAYLOR HARRIS SECURITY ENGINEER
Enhancing DDoS protection TAYLOR HARRIS SECURITY ENGINEER Overview DDoS Evolution Typical Reactive/Proactive Mitigation Challenges and Obstacles BGP Flowspec Automated Flowspec Mitigation 2 DDoS Evolution
More informationINCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Virus Outbreak
Automate Response Congratulations on selecting IncidentResponse.com to retrieve your custom incident response playbook guide. This guide has been created especially for you for use in within your security
More informationChapter 10: Denial-of-Services
Chapter 10: Denial-of-Services Technology Brief This chapter, "Denial-of-Service" is focused on DoS and Distributed Denial-of-Service (DDOS) attacks. This chapter will cover understanding of different
More informationAKAMAI CLOUD SECURITY SOLUTIONS
AKAMAI CLOUD SECURITY SOLUTIONS Whether you sell to customers over the web, operate data centers around the world or in the cloud, or support employees on the road, you rely on the Internet to keep your
More informationERT Threat Alert New Risks Revealed by Mirai Botnet November 2, 2016
Abstract The Mirai botnet struck the security industry in three massive attacks that shook traditional DDoS protection paradigms, proving that the Internet of Things (IoT) threat is real and the grounds
More informationINCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Data Theft
Automate Response Congratulations on selecting IncidentResponse.com to retrieve your custom incident response playbook guide. This guide has been created especially for you for use in within your security
More informationArbor White Paper Keeping the Lights On
Arbor White Paper Keeping the Lights On The Importance of DDoS Defense in Business Continuity Planning About Arbor Networks Arbor Networks Inc., the cyber security division of NETSCOUT, helps secure the
More informationCOPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 1
COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 1 Worldwide Infrastructure Security Report Highlights Volume XIII C F Chui, Principal Security Technologist COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 2 Overview This presentation
More informationInternetwork Expert s CCNA Security Bootcamp. Common Security Threats
Internetwork Expert s CCNA Security Bootcamp Common Security Threats http:// Today s s Network Security Challenge The goal of the network is to provide high availability and easy access to data to meet
More informationTESTING DDOS DEFENSE EFFECTIVENESS AT 300 GBPS SCALE AND BEYOND
TEST REPORT TESTING DDOS DEFENSE EFFECTIVENESS AT 300 GBPS SCALE AND BEYOND Ixia BreakingPoint DDoS Defense Test Methodology Report TABLE OF CONTENTS EXECUTIVE SUMMARY... 3 WHAT IS A DDOS ATTACK... 5 DDOS
More informationSIMPLE SERVICE DISCOVERY PROTOCOL BASED DISTRIBUTED REFLECTIVE DENIAL OF SERVICE ATTACK
SIMPLE SERVICE DISCOVERY PROTOCOL BASED DISTRIBUTED REFLECTIVE DENIAL OF SERVICE ATTACK Gursewak Singh 1, Bohar Singh 2 1 Computer Science and Application, Govt College Sri Muktsar sahib 2 Computer Science
More informationDDoS Detection&Mitigation: Radware Solution
DDoS Detection&Mitigation: Radware Solution Igor Urosevic Head of Technical Department SEE CCIE #26391 Ingram Micro Inc. 1 Agenda DDoS attack overview Main point of failures Key challenges today DDoS protection
More informationRESELLER LOGO RADICALLY BETTER. DDoS PROTECTION. Radically more effective, radically more affordable solutions for small and medium enterprises
RESELLER LOGO RADICALLY BETTER DDoS PROTECTION Radically more effective, radically more affordable solutions for small and medium enterprises IT S TIME TO GET SERIOUS ABOUT CYBER CRIME Despite the headline
More informationExternal Supplier Control Obligations. Cyber Security
External Supplier Control Obligations Cyber Security Control Title Control Description Why this is important 1. Cyber Security Governance The Supplier must have cyber risk governance processes in place
More informationImperva Incapsula Product Overview
Product Overview DA T A SH E E T Application Delivery from the Cloud Whether you re running a small e-commerce business or in charge of IT operations for an enterprise, will improve your website security
More informationKeeping the Doors Open and the Lights On
ANALYST BRIEF Keeping the Doors Open and the Lights On PROTECTING AGAINST DISTRIBUTED DENIAL- OF- SERVICE ATTACKS Authors Rob Ayoub and David DeSanto Overview Over the past decade, the threat landscape
More informationDefending against increasingly sophisticated DDoS attacks
IBM Global Technology Services August 2013 Defending against increasingly sophisticated DDoS attacks Managed DDoS protection from IBM Contents 1 Executive summary 2 Industry trends and the current threat
More informationVulnerability Management & Vulnerability Assessment. Nessus Attack Scripting Language (NASL). CVE databases, NVD database
Case Study 2018 Solution/Service Title Vulnerability Management & Vulnerability Assessment Client Industry Cybersecurity, Vulnerability Assessment and Management, Network Security Client Overview Client
More informationState of the Internet Security Q Mihnea-Costin Grigore Security Technical Project Manager
State of the Internet Security Q2 2017 Mihnea-Costin Grigore Security Technical Project Manager Topics 1. Introduction 2. DDoS Attack Trends 3. Web Application Attack Trends 4. Spotlights 5. Resources
More informationRSA NetWitness Suite Respond in Minutes, Not Months
RSA NetWitness Suite Respond in Minutes, Not Months Overview One can hardly pick up a newspaper or turn on the news without hearing about the latest security breaches. The Verizon 2015 Data Breach Investigations
More information(DNS, and DNSSEC and DDOS) Geoff Huston APNIC
D* (DNS, and DNSSEC and DDOS) Geoff Huston APNIC How to be bad 2 How to be bad Host and application-based exploits abound And are not going away anytime soon! And there are attacks on the Internet infrastructure
More informationWHITE PAPER Hybrid Approach to DDoS Mitigation
WHITE PAPER Hybrid Approach to DDoS Mitigation FIRST LINE OF DEFENSE Executive Summary As organizations consider options for DDoS mitigation, it is important to realize that the optimal solution is a hybrid
More informationMemcached amplification: lessons learned. Artyom Gavrichenkov
Memcached amplification: lessons learned Artyom Gavrichenkov 1.7 Typical amplification attack Most servers on the Internet send more data to a client than they receive UDP-based servers
More informationSurprisingly Successful: What Really Works in Cyber Defense. John Pescatore, SANS
Surprisingly Successful: What Really Works in Cyber Defense John Pescatore, SANS 1 Largest Breach Ever 2 The Business Impact Equation All CEOs know stuff happens in business and in security The goal is
More informationCorero & GTT DDoS Trends Report Q2 Q3 2017
Corero & GTT DDoS Trends Report Q2 Q3 2017 Executive Summary KEY TRENDS KEY INSIGHTS RECOMMENDATIONS SUMMARY 3 6 7 9 Organizations around the globe have become increasingly dependent on the Internet as
More information(Distributed) Denial-of-Service. in theory and in practice
(Distributed) Denial-of-Service in theory and in practice About SURFnet National Research and Education Network (NREN) Founded in 1986, incorporated 1988 > 11000km dark-fibre network Shared ICT innovation
More informationNETWORK SECURITY. Ch. 3: Network Attacks
NETWORK SECURITY Ch. 3: Network Attacks Contents 3.1 Network Vulnerabilities 3.1.1 Media-Based 3.1.2 Network Device 3.2 Categories of Attacks 3.3 Methods of Network Attacks 03 NETWORK ATTACKS 2 3.1 Network
More informationCisco IOS Classic Firewall/IPS: Configuring Context Based Access Control (CBAC) for Denial of Service Protection
Cisco IOS Classic Firewall/IPS: Configuring Context Based Access Control (CBAC) for Denial of Service Protection Document ID: 98705 Contents Introduction Prerequisites Requirements Components Used Conventions
More informationProtect Against Evolving DDoS Threats: The Case for Hybrid
Protect Against Evolving DDoS Threats: The Case for Hybrid CIOs want harmony. Security directors loathe point products. Network operations won t buy into anything new. CIOs can get the harmony they need
More informationMemcached amplification: lessons learned. Artyom Gavrichenkov
Memcached amplification: lessons learned Artyom Gavrichenkov 1.7 Typical amplification attack Most servers on the Internet send more data to a client than they receive UDP-based servers
More informationTHE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION
BREACH & ATTACK SIMULATION THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION Cymulate s cyber simulation platform allows you to test your security assumptions, identify possible security gaps and receive
More informationINCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Malware Outbreak
Automate Response Congratulations on selecting IncidentResponse.com to retrieve your custom incident response playbook guide. This guide has been created especially for you for use in within your security
More informationThink You re Safe from DDoS Attacks? As an AWS customer, you probably need more protection. Discover the vulnerabilities and how Neustar can help.
Think You re Safe from DDoS Attacks? As an AWS customer, you probably need more protection. Discover the vulnerabilities and how Neustar can help. www.home.neustar 02 Think You're Safe from DDos Attacks?
More informationWHITE PAPER. Distributed Denial of Service (DDoS) Attacks: Evolution, Impact, & Solutions
Distributed Denial of Service (DDoS) Attacks: Evolution, Impact, & Solutions CONTENTS + Executive Summary 3 + The Evolution of Distributed Denial of Service Attacks 4 Building a Botnet 4 Botnets and DDoS
More informationCisco Cyber Range. Paul Qiu Senior Solutions Architect
Cisco Cyber Range Paul Qiu Senior Solutions Architect Cyber Range Service A platform to experience the intelligent Cyber Security for the real world What I hear, I forget What I see, I remember What I
More informationCyber War Chronicles Stories from the Virtual Trenches
Cyber War Chronicles Stories from the Virtual Trenches Ron Winward Security Evangelist Radware, Inc. March 17, 2016 Background on the Radware Report Key Cyber Attack Trends for 2015-2016 Case Study: Look
More informationSOLUTION BRIEF esentire Risk Advisory and Managed Prevention (RAMP)
SOLUTION BRIEF esentire Risk Advisory and Managed Prevention (RAMP) Adaptive Cybersecurity at the Speed of Your Business Attackers Evolve. Risk is in Constant Fluctuation. Security is a Never-ending Cycle.
More informationTHE CLOUD SECURITY CHALLENGE:
THE CLOUD EMAIL SECURITY CHALLENGE: CLOSING THE CYBERSECURITY SKILLS GAP THROUGH AUTOMATION THE EMAIL SECURITY CHALLENGE Email remains at the heart of the business communications landscape. While nobody
More informationWhat can we lose not implementing proper security in our IT environment? Aleksandar Pavlovic Security Account Manager Cisco
What can we lose not implementing proper security in our IT environment? Aleksandar Pavlovic Security Account Manager Cisco Increasing Digital Traffic Creates a Greater Attack Surface Global IP Traffic
More informationDDoS attack patterns across the APJ cloud market. Samuel Chen CCIE#9607 Enterprise Security Architect, Manager - APJ
DDoS attack patterns across the APJ cloud market Samuel Chen CCIE#9607 Enterprise Security Architect, Manager - APJ www.cloudsec.com/tw DDoS attacks from Q1 2014 to Q1 2016 Each dot represents an individual
More informationSilverline DDoS Protection. Filip Verlaeckt
Silverline DDoS Protection Filip Verlaeckt f.verlaeckt@f5.com The evolution of attackers September 1996 First high profile DDoS attack. NY ISP Panix.com that was nearly put out of business. January 2008
More informationIntrusion Detection System For Denial Of Service Flooding Attacks In Sip Communication Networks
Intrusion Detection System For Denial Of Service Flooding Attacks In Sip Communication Networks So we are proposing a network intrusion detection system (IDS) which uses a Keywords: DDoS (Distributed Denial
More informationMastering The Endpoint
Organizations Find Value In Integrated Suites GET STARTED Overview In the face of constantly evolving threat vectors, IT security decision makers struggle to manage endpoint security effectively. More
More information2015 DDoS Attack Trends and 2016 Outlook
CDNetworks 2015 DDoS Attack Trends and 2016 Outlook 2016, January CDNetworks Security Service Team Table of Contents 1. Introduction... 3 2. Outline... 3 3. DDoS attack trends... 4 4. DDoS attack outlook
More informationDDoS Managed Security Services Playbook
FIRST LINE OF DEFENSE DDoS Managed Security Services Playbook INTRODUCTION Distributed Denial of Service (DDoS) attacks are major threats to your network, your customers and your reputation. They can also
More informationRadware Attack Mitigation Solution (AMS) Protect Online Businesses and Data Centers Against Emerging Application & Network Threats - Whitepaper
Radware Attack Mitigation Solution (AMS) Protect Online Businesses and Data Centers Against Emerging Application & Network Threats - Whitepaper Table of Contents Abstract...3 Understanding Online Business
More information