Introduction to DDoS Attacks

Size: px
Start display at page:

Download "Introduction to DDoS Attacks"

Transcription

1 Introduction to DDoS Attacks Chris Beal Chief Security Architect on Twitter 2015 MCNC General Use v1.0

2 DDoS in the News July MCNC General Use v1.0

3 DDoS Attack Trends Source: Arbor Networks Worldwide Infrastructure Security Report Volume X

4 DDoS Attack Trends Source: Arbor Networks Worldwide Infrastructure Security Report Volume X

5 DDoS Attack Trends The Rise of SSDP Source: Arbor Networks Worldwide Infrastructure Security Report Volume X

6 DDoS Attack Trends Source: Akamai State of the Internet / Security Report Q1 2015

7 DDoS Explained Make information resources unavailable to intended users Web sites systems VoIP (Phones) Network Infrastructure Why? Boredom Revenge General Malice Politics Hide Identity Distraction

8 DDoS Explained Source: Arbor Networks Worldwide Infrastructure Security Report Volume X

9 DDoS Explained Distributed Denial of Service

10 DDoS Explained Source: Andy Hull, Associated Bank, N.A.

11 DDoS Explained Types of DDoS A4acks Source: Arbor Networks Worldwide Infrastructure Security Report Volume X

12 DDoS Explained Types of DDoS A4acks Source: Arbor Networks Worldwide Infrastructure Security Report Volume X

13 Common A4ack Tools Source: Arbor Networks Worldwide Infrastructure Security Report Volume X

14 DDoS Tools

15 DDoS As A Service

16 Amplifica:on A4acks NetBIOS 3.8x SNMP 6.3x DNS QOTD 29x - 54x 140x Source: Amplification Hell: Revisiting Network Protocols for DDoS Abuse

17 Amplifica:on A4acks CHARGEN 359x NTP 557x Source: Amplification Hell: Revisiting Network Protocols for DDoS Abuse

18 NTP Amplification Attack Explained

19 Observations MCNC trends usually correlate with industry trends Most attacks target customers, not MCNC systems or infrastructure Web content security systems are the exception Mostly infrastructure layer attacks Fragmentation, CHARGEN, SSDP, DNS, NTP, TCP SYN Schools targeted most often Both K-12 and Higher-Ed Attack patterns follow school year Attacks + when school in, - when school out Targeted attacks shift vectors as mitigation applied 2015 MCNC General Use v1.0

20 Observations Motivations for Attacks Attacks on K-12 Many perpetrated by students Disrupting class Avoiding online testing Revenge Attacks on Higher-Ed Motivations are mixed Taking advantage of vulnerable systems Gaming related DDoS 2015 MCNC General Use v1.0

21 NCREN DDoS Attack Data

22 NCREN DDoS Attack Data

23 NCREN DDoS Attack Data

24 NCREN DDoS Attack Data

25 DDoS Attacks Seen on NCREN September 2014 July 2015 Volume of Attacks (Gbps) Number of Attacks

26 NCREN DDoS Attack Data

27 NCREN DDoS Attack Data

28 Current State of DDoS Protection Some tools in place to identify DDoS traffic Detection only Sometimes customers call us Communicate with constituents when issues arise Implement targeted filtering when issues identified ACLs, black hole routing Often a blunt instrument Work with upstream providers to address issues as required 2015 MCNC General Use v1.0

29 Desired State of DDoS Protection Proactively Detect and Defend Against DDoS Attacks - Rapid Detection - Automated Remediation - Proactive Communication Clean Pipe for our Customers 2015 MCNC General Use v1.0

30 MCNC s Approach Focus on Stopping Volumetric / Infrastructure Attacks Well positioned to detect and block these attacks Addressing other application-layer attacks may be difficult for us Provide this Capability as Part of Our Standard Network Service No separate charges for the DDoS protection service Addressing Non-Volumetric / Non-Infrastructure Attacks is a Secondary Consideration We may or may not add these capabilities in the future

31 Next Steps for MCNC August / September 2015 Finalize Architecture & Design Prepare for Proof-of-Concept Testing October / November 2015 Execute Proof-of-Concept Tests Review and Analyze Test Results Negotiate Terms with Technology Vendors November / December 2015 Procure Necessary Technology Solutions Prepare MCNC Infrastructure January / February 2016 Deploy Technology Solutions Launch MCNC DDoS Protection Service

32 What Can You Do? Ensure that BC / DR and Incident Response plans address responding to a DDoS attack Think about internal communications Make sure applications are patched and hardened Make sure network infrastructure is patched and hardened Least Privilege Filtering Inbound and Outbound Prevent spoofed traffic from leaving your network BCP 38 RFC 2827 urpf Rate Limiting Monitor web logs for outbound traffic to interesting sites DDoS attack services What is my IP? services Educate students, parents, etc. Engage MCNC Plan for how to address Application DDoS Anti-DDoS Solutions Load Balancers Firewalls IPS

33 Ques:ons?

An Introduction to DDoS attacks trends and protection Alessandro Bulletti Consulting Engineer, Arbor Networks

An Introduction to DDoS attacks trends and protection Alessandro Bulletti Consulting Engineer, Arbor Networks An Introduction to DDoS attacks trends and protection Alessandro Bulletti Consulting Engineer, Arbor Networks abulletti@arbor.net Topics Covered The DDOS cyber threat and impacts Cyprus attacks trend in

More information

INTRODUCTION: DDOS ATTACKS GLOBAL THREAT INTELLIGENCE REPORT 2015 :: COPYRIGHT 2015 NTT INNOVATION INSTITUTE 1 LLC

INTRODUCTION: DDOS ATTACKS GLOBAL THREAT INTELLIGENCE REPORT 2015 :: COPYRIGHT 2015 NTT INNOVATION INSTITUTE 1 LLC INTRODUCTION: DDOS ATTACKS 1 DDOS ATTACKS Though Denial of Service (DoS) and Distributed Denial of Service (DDoS) have been common attack techniques used by malicious actors for some time now, organizations

More information

Imma Chargin Mah Lazer

Imma Chargin Mah Lazer Imma Chargin Mah Lazer How to protect against (D)DoS attacks Oliver Matula omatula@ernw.de #2 Denial of Service (DoS) Outline Why is (D)DoS protection important? Infamous attacks of the past What types

More information

VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT

VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT VOLUME 4, ISSUE 3 3RD QUARTER 2017 Complimentary report supplied by CONTENTS EXECUTIVE SUMMARY 3 VERISIGN-OBSERVED DDoS ATTACK TRENDS: Q3 2017 4 DDoS

More information

Multi-vector DDOS Attacks

Multi-vector DDOS Attacks Multi-vector DDOS Attacks Detection and Mitigation Paul Mazzucco Chief Security Officer August 2015 Key Reasons for Cyber Attacks Money and more money Large number of groups From unskilled to advanced

More information

VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT

VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT VOLUME 5, ISSUE 1 1ST QUARTER 2018 Complimentary report supplied by CONTENTS EXECUTIVE SUMMARY 3 VERISIGN-OBSERVED DDoS ATTACK TRENDS: Q1 2018 4 DDoS

More information

Internet2 DDoS Mitigation Update

Internet2 DDoS Mitigation Update Internet2 DDoS Mitigation Update Nick Lewis, Program Manager - Security and Identity, Internet2 Karl Newell, Cyberinfrastructure Security Engineer, Internet2 2016 Internet2 Let s start with questions!

More information

Exit from Hell? Reducing the Impact of Amplification DDoS Attacks Marc Kührer, Thomas Hupperich, Christian Rossow, and Thorsten Holz

Exit from Hell? Reducing the Impact of Amplification DDoS Attacks Marc Kührer, Thomas Hupperich, Christian Rossow, and Thorsten Holz Exit from Hell? Reducing the Impact of Amplification DDoS Attacks Marc Kührer, Thomas Hupperich, Christian Rossow, and Thorsten Holz Presented By : Richie Noble Distributed Denial-of-Service (DDoS) Attacks

More information

Memcached amplification: lessons learned. Artyom Gavrichenkov

Memcached amplification: lessons learned. Artyom Gavrichenkov Memcached amplification: lessons learned Artyom Gavrichenkov 1.7 Typical amplification attack Most servers on the Internet send more data to a client than they receive UDP-based servers

More information

VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT

VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT VOLUME 5, ISSUE 2 2ND QUARTER 2018 Complimentary report supplied by CONTENTS EXECUTIVE SUMMARY 3 VERISIGN-OBSERVED DDoS ATTACK TRENDS: Q2 2018 4 DDoS

More information

VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT

VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT VOLUME 4, ISSUE 4 4TH QUARTER 2017 Complimentary report supplied by CONTENTS EXECUTIVE SUMMARY 3 VERISIGN-OBSERVED DDoS ATTACK TRENDS: Q4 2017 4 DDoS

More information

Memcached amplification: lessons learned. Artyom Gavrichenkov

Memcached amplification: lessons learned. Artyom Gavrichenkov Memcached amplification: lessons learned Artyom Gavrichenkov 1.7 Typical amplification attack Most servers on the Internet send more data to a client than they receive UDP-based servers

More information

Enhancing DDoS protection TAYLOR HARRIS SECURITY ENGINEER

Enhancing DDoS protection TAYLOR HARRIS SECURITY ENGINEER Enhancing DDoS protection TAYLOR HARRIS SECURITY ENGINEER Overview DDoS Evolution Typical Reactive/Proactive Mitigation Challenges and Obstacles BGP Flowspec Automated Flowspec Mitigation 2 DDoS Evolution

More information

Routing Security DDoS and Route Hijacks. Merike Kaeo CEO, Double Shot Security

Routing Security DDoS and Route Hijacks. Merike Kaeo CEO, Double Shot Security Routing Security DDoS and Route Hijacks Merike Kaeo CEO, Double Shot Security merike@doubleshotsecurity.com DISCUSSION POINTS Understanding The Growing Complexity DDoS Attack Trends Packet Filters and

More information

DDOS DETECTION AND RESPONSE TRENDS IN THE ENTERPRISE: AN IANS CUSTOM REPORT

DDOS DETECTION AND RESPONSE TRENDS IN THE ENTERPRISE: AN IANS CUSTOM REPORT DDOS DETECTION AND RESPONSE TRENDS IN THE ENTERPRISE: AN IANS CUSTOM REPORT SEPTEMBER 2014 COMMISSIONED BY: Contents Contents... 2 Introduction... 3 About the Survey and Respondents... 3 The Current State

More information

Arbor WISR XII The Stakes Have Changed. Julio Arruda V1.0

Arbor WISR XII The Stakes Have Changed. Julio Arruda V1.0 Arbor WISR XII The Stakes Have Changed Julio Arruda V1.0 Overview This presentation provides a quick view of the ATLAS collected information for the year of 2016, then focus in Latin America targeted DDoS,

More information

Analisi degli attacchi DDOS e delle contromisure

Analisi degli attacchi DDOS e delle contromisure Attacchi informatici: Strategie e tecniche per capire, prevenire e proteggersi dagli attacchi della rete Analisi degli attacchi DDOS e delle contromisure Alessandro Tagliarino 0 WHO IS ARBOR NETWORKS?

More information

2015 DDoS Attack Trends and 2016 Outlook

2015 DDoS Attack Trends and 2016 Outlook CDNetworks 2015 DDoS Attack Trends and 2016 Outlook 2016, January CDNetworks Security Service Team Table of Contents 1. Introduction... 3 2. Outline... 3 3. DDoS attack trends... 4 4. DDoS attack outlook

More information

DDoS Mitigation & Case Study Ministry of Finance

DDoS Mitigation & Case Study Ministry of Finance DDoS Mitigation Service @Belnet & Case Study Ministry of Finance Julien Dandoy, FODFin Technical Architect Grégory Degueldre, Belnet Network Architect Agenda DDoS : Definition and types DDoS Mitigation

More information

IoT - Next Wave of DDoS? IoT Sourced DDoS Attacks A Focus on Mirai Botnet and Best Practices in DDoS Defense

IoT - Next Wave of DDoS? IoT Sourced DDoS Attacks A Focus on Mirai Botnet and Best Practices in DDoS Defense IoT - Next Wave of DDoS? IoT Sourced DDoS Attacks A Focus on Mirai Botnet and Best Practices in DDoS Defense DDoS Attacks Increasing in Size, Frequency & Complexity Arbor Networks WISR XII Largest attack

More information

Denial of Service Protection Standardize Defense or Loose the War

Denial of Service Protection Standardize Defense or Loose the War Denial of Service Protection Standardize Defense or Loose the War ETSI : the threats, risk and opportunities 16th and 17th - Sophia-Antipolis, France By: Emir@cw.net Arslanagic Head of Security Engineering

More information

VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT

VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT VOLUME 4, ISSUE 1 1ST QUARTER 2017 Complimentary report supplied by CONTENTS EXECUTIVE SUMMARY 3 VERISIGN-OBSERVED DDoS ATTACK TRENDS: Q1 2017 4 DDoS

More information

A custom excerpt from Frost & Sullivan s Global DDoS Mitigation Market Research Report (NDD2-72) July, 2014 NDD2-74

A custom excerpt from Frost & Sullivan s Global DDoS Mitigation Market Research Report (NDD2-72) July, 2014 NDD2-74 Analysis of the Global Distributed Denial of Service (DDoS) Mitigation Market Abridged Version Rise of the DDoS Attack Spurs Demand for Comprehensive Solutions A custom excerpt from Frost & Sullivan s

More information

Cybersecurity. Anna Chan, Marketing Director, Akamai Technologies

Cybersecurity. Anna Chan, Marketing Director, Akamai Technologies Grow revenue opportunities with fast, personalized web experiences and manage complexity from peak demand, mobile Business devices and Continuity data collection. & Cybersecurity Anna Chan, Marketing Director,

More information

DDoS: STRATEGIES FOR DEALING WITH A GROWING THREAT

DDoS: STRATEGIES FOR DEALING WITH A GROWING THREAT DDoS: STRATEGIES FOR DEALING WITH A GROWING THREAT 01. EXECUTIVE SUMMARY This report summarizes recent research on distributed denial of service (DDoS) attacks, which looks at data collated recently and

More information

2nd SIG-NOC meeting and DDoS Mitigation Workshop Scrubbing Away DDOS Attacks. 9 th November 2015

2nd SIG-NOC meeting and DDoS Mitigation Workshop Scrubbing Away DDOS Attacks. 9 th November 2015 2nd SIG-NOC meeting and DDoS Mitigation Workshop Scrubbing Away DDOS Attacks 9 th November 2015 AKAMAI SOLUTIONS WEB PERFORMANCE SOLUTIONS MEDIA DELIVERY SOLUTIONS CLOUD SECURITY SOLUTIONS CLOUD NETWORKING

More information

Why IPS Devices and Firewalls Fail to Stop DDoS Threats

Why IPS Devices and Firewalls Fail to Stop DDoS Threats Arbor White Paper Why IPS Devices and Firewalls Fail to Stop DDoS Threats How to Protect Your Data Center s Availability About Arbor Networks Arbor Networks, Inc. is a leading provider of network security

More information

Cyber Security Guidelines Distributed Denial of Service (DDoS) Attacks

Cyber Security Guidelines Distributed Denial of Service (DDoS) Attacks Cyber Security Guidelines Distributed Denial of Service (DDoS) Attacks Version: 1.0 Author: Cyber Security Policy and Standards Document Published Date: March 2018 Table of Contents Version: 1.0 Page 1

More information

A Survey of Defense Mechanisms Against DDoS Flooding A

A Survey of Defense Mechanisms Against DDoS Flooding A DDoS Defense: Scope And A Survey of Defense Mechanisms Against DDoS Flooding Attacks IIT Kanpur IEEE COMMUNICATIONS SURVEYS & TUTORIALS, VOL. 15, NO. 4, FOURTH QUARTER 2013 DDoS Defense: Scope And Outline

More information

DDoS attack patterns across the APJ cloud market. Samuel Chen CCIE#9607 Enterprise Security Architect, Manager - APJ

DDoS attack patterns across the APJ cloud market. Samuel Chen CCIE#9607 Enterprise Security Architect, Manager - APJ DDoS attack patterns across the APJ cloud market Samuel Chen CCIE#9607 Enterprise Security Architect, Manager - APJ www.cloudsec.com/tw DDoS attacks from Q1 2014 to Q1 2016 Each dot represents an individual

More information

WEB DDOS PROTECTION APPLICATION PROTECTION VIA DNS FORWARDING

WEB DDOS PROTECTION APPLICATION PROTECTION VIA DNS FORWARDING WEB DDOS PROTECTION APPLICATION PROTECTION VIA DNS FORWARDING A STRONG PARTNER COMPANY Link11 - longstanding security experience Link11 is a European IT security provider, headquartered in Frankfurt, Germany

More information

August 14th, 2018 PRESENTED BY:

August 14th, 2018 PRESENTED BY: August 14th, 2018 PRESENTED BY: APPLICATION LAYER ATTACKS 100% 80% 60% 40% 20% 0% DNS is the second most targeted protocol after HTTP. DNS DoS techniques range from: Flooding requests to a given host.

More information

DDoS Beasts and How to Fight Them. Artyom Gavrichenkov

DDoS Beasts and How to Fight Them. Artyom Gavrichenkov DDoS Beasts and How to Fight Them Artyom Gavrichenkov Timeline of ancient history First attacks: 1999-2000 2005: STRIDE model by Microsoft Spoofing Identity Tampering with Data Repudiation

More information

VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT

VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT VOLUME 3, ISSUE 3 3RD QUARTER 2016 Complimentary report supplied by CONTENTS EXECUTIVE SUMMARY 3 VERISIGN-OBSERVED DDoS ATTACK TRENDS: Q3 2016 4 DDoS

More information

Technical White Paper June 2016

Technical White Paper June 2016 TLP:WHITE! Technical White Paper June 2016 GuidetoDDoSAttacks! Authored)by:) Lee)Myers,)Senior)Manager)of)Security)Operations) Christopher)Cooley,)Cyber)Intelligence)Analyst) This MultiCState Information

More information

WHITE PAPER Hybrid Approach to DDoS Mitigation

WHITE PAPER Hybrid Approach to DDoS Mitigation WHITE PAPER Hybrid Approach to DDoS Mitigation FIRST LINE OF DEFENSE Executive Summary As organizations consider options for DDoS mitigation, it is important to realize that the optimal solution is a hybrid

More information

Trends in IoT DDoSbotnets

Trends in IoT DDoSbotnets Trends in IoT DDoSbotnets Netnod Meeting, 14-15 March2018 Steinthor Bjarnason ASERT Network Security Research Engineer sbjarnason@arbor.net 2018 ARBOR PUBLIC 7,7 MillionDuring this presentation, approx.

More information

State of the Internet Security Q Mihnea-Costin Grigore Security Technical Project Manager

State of the Internet Security Q Mihnea-Costin Grigore Security Technical Project Manager State of the Internet Security Q2 2017 Mihnea-Costin Grigore Security Technical Project Manager Topics 1. Introduction 2. DDoS Attack Trends 3. Web Application Attack Trends 4. Spotlights 5. Resources

More information

(Distributed) Denial-of-Service. in theory and in practice

(Distributed) Denial-of-Service. in theory and in practice (Distributed) Denial-of-Service in theory and in practice About SURFnet National Research and Education Network (NREN) Founded in 1986, incorporated 1988 > 11000km dark-fibre network Shared ICT innovation

More information

Neustar forms partnership with Limelight for turbocharged DDoS mitigation

Neustar forms partnership with Limelight for turbocharged DDoS mitigation Neustar forms partnership with Limelight for turbocharged DDoS mitigation Publication Date: 28 Jun 2016 Product code: IT0022-000723 Rik Turner Ovum view Summary Neustar, a provider of real-time cloud-based

More information

Cyber War Chronicles Stories from the Virtual Trenches

Cyber War Chronicles Stories from the Virtual Trenches Cyber War Chronicles Stories from the Virtual Trenches Ron Winward Security Evangelist Radware, Inc. March 17, 2016 Background on the Radware Report Key Cyber Attack Trends for 2015-2016 Case Study: Look

More information

Data Plane Protection. The googles they do nothing.

Data Plane Protection. The googles they do nothing. Data Plane Protection The googles they do nothing. Types of DoS Single Source. Multiple Sources. Reflection attacks, DoS and DDoS. Spoofed addressing. Can be, ICMP (smurf, POD), SYN, Application attacks.

More information

Internetwork Expert s CCNA Security Bootcamp. Common Security Threats

Internetwork Expert s CCNA Security Bootcamp. Common Security Threats Internetwork Expert s CCNA Security Bootcamp Common Security Threats http:// Today s s Network Security Challenge The goal of the network is to provide high availability and easy access to data to meet

More information

Mitigating DDoS Attacks in Zero Seconds with Proactive Mitigation Controls

Mitigating DDoS Attacks in Zero Seconds with Proactive Mitigation Controls Mitigating DDoS Attacks in Zero Seconds with Proactive Mitigation Controls 1 Executive Summary Akamai now mitigates the more than 65% of the 10,000-plus yearly DDoS attacks against its Prolexic platform

More information

( ) 2016 NSFOCUS

( ) 2016 NSFOCUS NSFOCUS 2016 Q3 Report on DDoS Situation and Trends (2016-10-20) 2016 NSFOCUS Copyright 2016 NSFOCUS Technologies, Inc. All rights reserved. Unless otherwise stated, NSFOCUS Technologies, Inc. holds the

More information

DNS SECURITY BENEFITS OF OUTSOURCING YOUR DNS TO AN IP ANYCAST+ PROVIDER

DNS SECURITY BENEFITS OF OUTSOURCING YOUR DNS TO AN IP ANYCAST+ PROVIDER BENEFITS OF OUTSOURCING YOUR DNS TO AN IP ANYCAST+ PROVIDER Introduction DDoS attacks are rapidly growing in magnitude and frequency every year. Just in the last year, attack rates have risen 132% (Q2

More information

Cloud Security Strategy - Adapt to Changes with Security Automation -

Cloud Security Strategy - Adapt to Changes with Security Automation - SESSION ID: CMI-F03 Cloud Security Strategy - Adapt to Changes with Security Automation - Hayato Kiriyama Security Solutions Architect Amazon Web Services Japan K.K. @hkiriyam1 Agenda New Normal of Security

More information

Check Point DDoS Protector Simple and Easy Mitigation

Check Point DDoS Protector Simple and Easy Mitigation Check Point DDoS Protector Simple and Easy Mitigation Jani Ekman janie@checkpoint.com Sales Engineer DDoS Protector 1 (D)DoS Attacks 2 3 4 DDoS Protector Behavioral DoS Protection Summary 2 What is an

More information

Anti-DDoS. FAQs. Issue 11 Date HUAWEI TECHNOLOGIES CO., LTD.

Anti-DDoS. FAQs. Issue 11 Date HUAWEI TECHNOLOGIES CO., LTD. Issue 11 Date 2018-05-28 HUAWEI TECHNOLOGIES CO., LTD. Copyright Huawei Technologies Co., Ltd. 2019. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any

More information

War Stories from the Cloud: Rise of the Machines. Matt Mosher Director Security Sales Strategy

War Stories from the Cloud: Rise of the Machines. Matt Mosher Director Security Sales Strategy War Stories from the Cloud: Rise of the Machines Matt Mosher Director Security Sales Strategy The Akamai Intelligent Platform The Platform 175,000+ Servers 2,300+ Locations 750+ Cities 92 Countries 1,227+

More information

F5 Warsaw SOC. Kamil Woniak. Security Operations Manager, F5 Networks

F5 Warsaw SOC. Kamil Woniak. Security Operations Manager, F5 Networks F5 Warsaw SOC Kamil Woniak Security Operations Manager, F5 Networks k.wozniak@f5.com Agenda The Story of the SOC Threat intelligence & Research F5 Anti-Fraud, DDOS and WAF protection services Highlights

More information

DDoS Protection in Backbone Networks

DDoS Protection in Backbone Networks DDoS Protection in Backbone Networks The Czech Way Pavel Minarik, Chief Technology Officer Holland Strikes Back, 3 rd Oct 2017 Backbone DDoS protection Backbone protection is specific High number of up-links,

More information

NISCC Technical Note 06/02: Response to Distributed Denial of Service (DDoS) Attacks

NISCC Technical Note 06/02: Response to Distributed Denial of Service (DDoS) Attacks NISCC Technical Note 06/02: Response to Distributed Denial of Service (DDoS) Attacks Background This NISCC technical note is intended to provide information to enable organisations in the UK s Critical

More information

TOP TEN DNS ATTACKS PROTECTING YOUR ORGANIZATION AGAINST TODAY S FAST-GROWING THREATS

TOP TEN DNS ATTACKS PROTECTING YOUR ORGANIZATION AGAINST TODAY S FAST-GROWING THREATS TOP TEN DNS ATTACKS PROTECTING YOUR ORGANIZATION AGAINST TODAY S FAST-GROWING THREATS 1 Introduction Your data and infrastructure are at the heart of your business. Your employees, business partners, and

More information

SYMANTEC ENTERPRISE SECURITY. Symantec Internet Security Threat Report September 2005 Power and Energy Industry Data Sheet

SYMANTEC ENTERPRISE SECURITY. Symantec Internet Security Threat Report September 2005 Power and Energy Industry Data Sheet SYMANTEC ENTERPRISE SECURITY Symantec Internet Security Threat Report September 00 Power and Energy Industry Data Sheet An important note about these statistics The statistics discussed in this document

More information

EMERGING THREATS & STRATEGIES FOR DEFENSE. Paul Fletcher Cyber Security

EMERGING THREATS & STRATEGIES FOR DEFENSE. Paul Fletcher Cyber Security EMERGING THREATS & STRATEGIES FOR DEFENSE Paul Fletcher Cyber Security Evangelist @_PaulFletcher Threats by Customer Environment Cloud Environment On Premise Environment 1.96% 0.13% 0.02% application-attack

More information

DDoS: Evolving Threats, Solutions FEATURING: Carlos Morales of Arbor Networks Offers New Strategies INTERVIEW TRANSCRIPT

DDoS: Evolving Threats, Solutions FEATURING: Carlos Morales of Arbor Networks Offers New Strategies INTERVIEW TRANSCRIPT INTERVIEW TRANSCRIPT DDoS: Evolving Threats, Solutions Carlos Morales of Arbor Networks Offers New Strategies FEATURING: Characteristics of recent attacks; Gaps in organizations defenses; How to best prepare

More information

HOW TO HANDLE A RANSOM- DRIVEN DDOS ATTACK

HOW TO HANDLE A RANSOM- DRIVEN DDOS ATTACK From the Security Experts at Corero Network Security HOW TO HANDLE A RANSOM- DRIVEN DDOS ATTACK Be Proactive, Not Reactive STEP-BY-STEP GUIDE The Rise of Ransom-Driven DDoS Attacks Ransom-related Denial

More information

1000 days of UDP amplification DDoS attacks

1000 days of UDP amplification DDoS attacks 1 days of UDP amplification DDoS attacks Daniel R. Thomas, Richard Clayton, Alastair R. Beresford Firstname.Lastname@cl.cam.ac.uk Daniel: 517 A1EC B29 8E3 CF64 7CCD 5514 35D5 D749 33D9 Richard: 899A 94CE

More information

Guide to DDoS Attacks November 2017

Guide to DDoS Attacks November 2017 This Multi-State Information Sharing and Analysis Center (MS-ISAC) document is a guide to aid partners in their remediation efforts of Distributed Denial of Service (DDoS) attacks. This guide is not inclusive

More information

Intrusion prevention systems are an important part of protecting any organisation from constantly developing threats.

Intrusion prevention systems are an important part of protecting any organisation from constantly developing threats. Network IPS Overview Intrusion prevention systems are an important part of protecting any organisation from constantly developing threats. By using protocol recognition, identification, and traffic analysis

More information

Defense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation

Defense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation Defense-in-Depth Against Malicious Software Speaker name Title Group Microsoft Corporation Agenda Understanding the Characteristics of Malicious Software Malware Defense-in-Depth Malware Defense for Client

More information

The UCSD Network Telescope

The UCSD Network Telescope The UCSD Network Telescope Colleen Shannon cshannon @ caida.org NSF CIED Site Visit November 22, 2004 UCSD CSE Motivation Blocking technologies for automated exploits is nascent and not widely deployed

More information

ASA/PIX Security Appliance

ASA/PIX Security Appliance I N D E X A AAA, implementing, 27 28 access to ASA/PIX Security Appliance monitoring, 150 151 securing, 147 150 to websites, blocking, 153 155 access control, 30 access policies, creating for web and mail

More information

The accidental hacker DNS Amplifica7on Norid registrar seminar Registrarseminar 2013 Oslo, NO wed, december 4th, 2013 Marco Davids

The accidental hacker DNS Amplifica7on Norid registrar seminar Registrarseminar 2013 Oslo, NO wed, december 4th, 2013 Marco Davids The accidental hacker DNS Amplifica7on Norid registrar seminar 2013 Registrarseminar 2013 Oslo, NO wed, december 4th, 2013 Marco Davids 1 Pleased to meet you! Personalia: Marco Davids Technical Advisor

More information

Combating Cyberattacks Through Network Agility and Automation Sagi Chief Technology Officer

Combating Cyberattacks Through Network Agility and Automation Sagi Chief Technology Officer Combating Cyberattacks Through Network Agility and Automation Sagi Brody @webairsagi Chief Technology Officer Leverage new technologies to: 1) Improve traditional DDoS monitoring & mitigation 2) Enhance

More information

CDNetworks DDoS Attack Trends and Outlook for February 2015 CDNetworks Security Service Team. Copyright 2015 CDNetworks

CDNetworks DDoS Attack Trends and Outlook for February 2015 CDNetworks Security Service Team. Copyright 2015 CDNetworks CDNetworks 2014 DDoS Attack Trends and Outlook for 2015 February 2015 CDNetworks Security Service Team Copyright 2015 CDNetworks 1. Introduction CDNetworks, a global CDN service provider, provides content

More information

Protect Against Evolving DDoS Threats: The Case for Hybrid

Protect Against Evolving DDoS Threats: The Case for Hybrid Protect Against Evolving DDoS Threats: The Case for Hybrid CIOs want harmony. Security directors loathe point products. Network operations won t buy into anything new. CIOs can get the harmony they need

More information

DDoS Protector. Simon Yu Senior Security Consultant. Block Denial of Service attacks within seconds CISSP-ISSAP, MBCS, CEH

DDoS Protector. Simon Yu Senior Security Consultant. Block Denial of Service attacks within seconds CISSP-ISSAP, MBCS, CEH DDoS Protector Block Denial of Service attacks within seconds Simon Yu Senior Security Consultant CISSP-ISSAP, MBCS, CEH 2012 Check Point Software Technologies Ltd. [PROTECTED] All rights reserved. 2012

More information

COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 1

COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 1 COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 1 Worldwide Infrastructure Security Report Highlights Volume XIII C F Chui, Principal Security Technologist COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 2 Overview This presentation

More information

Security Challenges & Remedies for the Telecoms Operator and its Customers

Security Challenges & Remedies for the Telecoms Operator and its Customers Security Challenges & Remedies for the Telecoms Operator and its Customers Nikos Xanthopoulos Senior Product Manager, Voice & Data Services Tassos Chatzithomaoglou IP Engineering Manager March 2015 1 st

More information

Securing Online Businesses Against SSL-based DDoS Attacks. Whitepaper

Securing Online Businesses Against SSL-based DDoS Attacks. Whitepaper Securing Online Businesses Against SSL-based DDoS Attacks Whitepaper Table of Contents Introduction......3 Encrypted DoS Attacks...3 Out-of-path Deployment ( Private Scrubbing Centers)...4 In-line Deployment...6

More information

(DNS, and DNSSEC and DDOS) Geoff Huston APNIC

(DNS, and DNSSEC and DDOS) Geoff Huston APNIC D* (DNS, and DNSSEC and DDOS) Geoff Huston APNIC How to be bad 2 How to be bad Host and application-based exploits abound And are not going away anytime soon! And there are attacks on the Internet infrastructure

More information

A10 DDOS PROTECTION CLOUD

A10 DDOS PROTECTION CLOUD DATA SHEET A10 DDOS PROTECTION CLOUD A10 Networks provides full spectrum DDoS defenses. This includes multi-vector protection from attacks of any type to ensure the availability of enterprise business

More information

Intelligent and Secure Network

Intelligent and Secure Network Intelligent and Secure Network BIG-IP IP Global Delivery Intelligence v11.2 IP Intelligence Service Brian Boyan - b.boyan@f5.com Tony Ganzer t.ganzer@f5.com 2 Agenda Welcome & Intro Introduce F5 IP Intelligence

More information

Prolexic Attack Report Q4 2011

Prolexic Attack Report Q4 2011 Prolexic Attack Report Q4 2011 Prolexic believes the nature of DDoS attacks are changing: they are becoming more concentrated and damaging. Packet-per-second volume is increasing dramatically, while attack

More information

RESELLER LOGO RADICALLY BETTER. DDoS PROTECTION. Radically more effective, radically more affordable solutions for small and medium enterprises

RESELLER LOGO RADICALLY BETTER. DDoS PROTECTION. Radically more effective, radically more affordable solutions for small and medium enterprises RESELLER LOGO RADICALLY BETTER DDoS PROTECTION Radically more effective, radically more affordable solutions for small and medium enterprises IT S TIME TO GET SERIOUS ABOUT CYBER CRIME Despite the headline

More information

UDP-based Amplification Attacks and its Mitigations

UDP-based Amplification Attacks and its Mitigations UDP-based Amplification Attacks and its Mitigations Yoshiaki Kasahara kasahara@nc.kyushu-u.ac.jp 1/21/2014 APAN 37th in Bandung, Indonesia 1 Summary If you have servers with global IP addresses 1. Make

More information

Growing DDoS attacks what have we learned (29. June 2015)

Growing DDoS attacks what have we learned (29. June 2015) Growing DDoS attacks what have we learned (29. June 2015) Miloš Kukoleča AMRES milos.kukoleca@amres.ac.rs financed by the European Union from the START Danube Region Network protection Strict network policy

More information

SOTI SUMMER [state of the internet] / security ATTACK SPOTLIGHT

SOTI SUMMER [state of the internet] / security ATTACK SPOTLIGHT SOTI SUMMER 2018 [state of the internet] / security ATTACK SPOTLIGHT State of the Internet / Attack Spotlight ATTACK SPOTLIGHT Memcached 1.0 OVERVIEW Earlier this year, Akamai mitigated the largest DDoS

More information

Distributed Denial of Service (DDoS)

Distributed Denial of Service (DDoS) Global Leader in DDoS Mitigation Threat Report Distributed Denial of Service (DDoS) Threat Report Q1 2017 456 Montgomery Street, Suite 800 San Francisco, CA 94104 USA +1 415 299 8550 Contents 1. Methodology...................

More information

Distributed Denial of Service (DDoS)

Distributed Denial of Service (DDoS) Global Leader in DDoS Mitigation Threat Report Distributed Denial of Service (DDoS) Threat Report Q2 2017 456 Montgomery Street, Suite 800 San Francisco, CA 94104 USA +1 415 299 8550 Contents 1. Methodology...................

More information

Anti-DDoS. User Guide (Paris) Issue 01 Date HUAWEI TECHNOLOGIES CO., LTD.

Anti-DDoS. User Guide (Paris) Issue 01 Date HUAWEI TECHNOLOGIES CO., LTD. Issue 01 Date 2018-08-15 HUAWEI TECHNOLOGIES CO., LTD. Copyright Huawei Technologies Co., Ltd. 2018. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any

More information

Chapter 10: Denial-of-Services

Chapter 10: Denial-of-Services Chapter 10: Denial-of-Services Technology Brief This chapter, "Denial-of-Service" is focused on DoS and Distributed Denial-of-Service (DDOS) attacks. This chapter will cover understanding of different

More information

Secure your Web Applications with AWS WAF & AWS Shield. James Chiang ( 蔣宗恩 ) AWS Solution Architect

Secure your Web Applications with AWS WAF & AWS Shield. James Chiang ( 蔣宗恩 ) AWS Solution Architect Secure your Web Applications with AWS WAF & AWS Shield James Chiang ( 蔣宗恩 ) AWS Solution Architect www.cloudsec.com What to expect from this session Types of Threats AWS Shield AWS WAF DEMO Real World

More information

Enterprise D/DoS Mitigation Solution offering

Enterprise D/DoS Mitigation Solution offering Enterprise D/DoS Mitigation Solution offering About the Domain TCS Enterprise Security and Risk Management (ESRM) offers full services play in security with integrated security solutions. ESRM s solution

More information

WHITE PAPER. DDoS of Things SURVIVAL GUIDE. Proven DDoS Defense in the New Era of 1 Tbps Attacks

WHITE PAPER. DDoS of Things SURVIVAL GUIDE. Proven DDoS Defense in the New Era of 1 Tbps Attacks WHITE PAPER 2017 DDoS of Things SURVIVAL GUIDE Proven DDoS Defense in the New Era of 1 Tbps Attacks Table of Contents Cyclical Threat Trends...3 Where Threat Actors Target Your Business...4 Network Layer

More information

A GUIDE TO DDoS PROTECTION

A GUIDE TO DDoS PROTECTION HTTP CACHE BYPASS FLOOD THINK APP SECURITY FIRST CHOOSING THE RIGHT MODEL A GUIDE TO DDoS PROTECTION DNS AMPLIFICATION INTRODUCTION By thinking proactively about DDoS defense, organizations can build a

More information

DDoS Defense Mechanisms for IXP Infrastructures

DDoS Defense Mechanisms for IXP Infrastructures DDoS Defense Mechanisms for IXP Infrastructures Tim Dijkhuizen Lennart van Gijtenbeek Supervisor: Stavros Konstantaras (AMS-IX) SNE: Research Project II 03-07-2018 Introduction Distributed Denial of Service

More information

External Supplier Control Obligations. Cyber Security

External Supplier Control Obligations. Cyber Security External Supplier Control Obligations Cyber Security Control Title Control Description Why this is important 1. Cyber Security Governance The Supplier must have cyber risk governance processes in place

More information

Practical Approaches to the DRDoS Attack Detection based on Netflow Analysis

Practical Approaches to the DRDoS Attack Detection based on Netflow Analysis Practical Approaches to the DRDoS Attack Detection based on Netflow Analysis Jungtae Kim/Ik-Kyun Kim Information Security Research Department Electronics and Telecommunications Research Institute Daejeon,

More information

SmartWall Threat Defense System - NTD1100

SmartWall Threat Defense System - NTD1100 SmartWall Threat Defense System - NTD1100 Key Benefits Robust, real-time security coverage Real-time Layer 3-7 mitigation against volumetric attacks for both IPv4 and IPv6 traffic. Industry- leading density,

More information

DDoS MITIGATION BEST PRACTICES

DDoS MITIGATION BEST PRACTICES DDoS MITIGATION BEST PRACTICES DDoS ATTACKS ARE INCREASING EXPONENTIALLY Organizations are becoming increasingly aware of the threat that Distributed Denial of Service (DDoS) attacks can pose. According

More information

AKAMAI CLOUD SECURITY SOLUTIONS

AKAMAI CLOUD SECURITY SOLUTIONS AKAMAI CLOUD SECURITY SOLUTIONS Whether you sell to customers over the web, operate data centers around the world or in the cloud, or support employees on the road, you rely on the Internet to keep your

More information

The Emerging Role of a CDN in Facilitating Secure Cloud Deployments

The Emerging Role of a CDN in Facilitating Secure Cloud Deployments White Paper The Emerging Role of a CDN in Facilitating Secure Cloud Deployments Sponsored by: Fastly Robert Ayoub August 2017 IDC OPINION The ongoing adoption of cloud services and the desire for anytime,

More information

Network Security. Thierry Sans

Network Security. Thierry Sans Network Security Thierry Sans HTTP SMTP DNS BGP The Protocol Stack Application TCP UDP Transport IPv4 IPv6 ICMP Network ARP Link Ethernet WiFi The attacker is capable of confidentiality integrity availability

More information

Validating the Security of the Borderless Infrastructure

Validating the Security of the Borderless Infrastructure SESSION ID: CDS-R01 Validating the Security of the Borderless Infrastructure David DeSanto Director, Product Management Spirent Communications, Inc. @david_desanto Agenda 2 The Adversary The Adversary

More information

Designing a Secure DNS Architecture

Designing a Secure DNS Architecture WHITE PAPER Designing a Secure DNS Architecture In today s networking landscape, it is no longer adequate to have a DNS infrastructure that simply responds to queries. What is needed is an integrated secure

More information

Arbor White Paper. DDoS: THE STAKES HAVE CHANGED. HAVE YOU? REVEALED: 3 dangerous myths about DDoS attacks

Arbor White Paper. DDoS: THE STAKES HAVE CHANGED. HAVE YOU? REVEALED: 3 dangerous myths about DDoS attacks Arbor White Paper DDoS: THE STAKES HAVE CHANGED. HAVE YOU? REVEALED: 3 dangerous myths about DDoS attacks The findings of the latest annual Worldwide Infrastructure Security Report (WISR) by Arbor Networks

More information

Snort: The World s Most Widely Deployed IPS Technology

Snort: The World s Most Widely Deployed IPS Technology Technology Brief Snort: The World s Most Widely Deployed IPS Technology Overview Martin Roesch, the founder of Sourcefire and chief security architect at Cisco, created Snort in 1998. Snort is an open-source,

More information