PPT-Stopping amplified DNS DDoS attacks through query rate sharing between DNS resolvers

Jun Ho Huh Research Scientist Cybersecurity Lab Saurabh Verma Ali Hamieh Jun Huh Ho Siva Raj Rajagopalan Maciej Korczynski Nina Fefferman 1 Motivation money talks 2 Its becoming very serious. Denial of Service Attacks. Unlike other forms of computer attacks, goal isn’t access or theft of information or services. The goal is to stop the service from operating. To deny service to legitimate users. DDoS Protector. June 2012. Cybercrime Trends for 2012. SQL. Injections. 44%. APTs. 35%. Botnet. 33%. DDoS. 32%. Ponemon. Institute, May 2012. 32%. DDoS. 65%. . Businesses Experienced Attacks. Average. Author Rocky K. C. Chang, The Hong Kong Polytechnic University. Presented by Chung Tran . Outline. Introduction. DDoS history. DDoS type of attacks. Solutions. Firewall. Four detect and Filters approaches. a.kroczek@f5.com. Jak . zwiększyć bezpieczeństwo . i . wysoką dostępność . aplikacji wg. F5 . Networks. Mobility. SDDC/Cloud. Advanced . threats. Internet of. Things. “Software defined”. everything. The Stakes Have Changed. . Have You?. November 17, 2016. Today’s Speakers. Sean Pike. Program Vice President, Security Products, IDC. Tom Bienkowski. Director, Product Marketing, Arbor Networks. Kevin Whalen. Jun Ho Huh. Research Scientist. Cybersecurity Lab. . Saurabh Verma, . Ali Hamieh, Jun Huh Ho, Siva Raj Rajagopalan, Maciej Korczynski, Nina Fefferman.. . 1. Motivation . money talks!. . 2. It’s becoming very serious!. Underestimating the Impact of DDoS. Jim Benanti – Sr. Consulting Engineer, Arbor Networks. Don’t Take My Word For It. Size Still Matters. 1H16 - ATLAS has recorded:. An average of 124,000 events per week over the last 18 months.. Underestimating the Impact of DDoS. Jim Benanti – Sr. Consulting Engineer, Arbor Networks. Roadmap. DDoS Risk Landscape. DYN & . Mirai. DDoS Defense. Cost of DDoS. Your Opportunity. Q&A. Don’t Take My Word For It. A CDN’s Role in Repelling Attacks against Banking Industry Web Sites. Bruce Maggs. VP for . Research and Development, . Akamai Technologies. The . Akamai Platform and Services. Daily . Statistics. :. Jonathan BOURGAIN . Expert . DDOS et advanced Threat chez Arbor Networks. E. tat . de l’art des architectures de protection anti-DDoS. POUVEZ VOUS REPONDRE A CES QUESTIONS?. Est-. ce. que je . connais. Unlike other forms of computer attacks, goal isn’t access or theft of information or services. The goal is to stop the service from operating. To deny service to legitimate users. Slowing down may be good enough. Plaguing the Internet. DNS based DDoS attacks increasing. Late 2012 - DNS amplification remerges as a problem. January 2014 - new . innovation with . random subdomain attacks. Major attack . vector - open home gateways . Huston. APNIC. February 2014. The E. volution of Evil. It used to be that . they sent . evil packets to . their . chosen . victim. but this exposed the attacker, and limited the damage they could cause. Geoff Huston. APNIC. Some thoughts about . for. Well . –. guess - from the snippets that have been released. …. It was a . Mirai. attack. It used a compromised device collection. It used a range of attack vectors.