Upload File

kill 'em all: ddos protection total annihilation!

  • Home
  • Documents
  • Kill 'em All: DDoS Protection Total Annihilation!
25
DDoS Protecion Total AnnihilationD DDoS Mitigation Lab A

Upload: vantruc

Post on 11-Feb-2017

216 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: Kill 'em All: DDoS Protection Total Annihilation!

DDoS Protecion Total AnnihilationD

DDoS Mitigation Lab

A

Page 2: Kill 'em All: DDoS Protection Total Annihilation!

DDoS Mitigation Lab

Independent academic R&D division of Nexusguard building next generation DDoSmitigation knowledge and collaborate with defense community.

Industry body formed to foster synergy among stakeholders to promote advancement in DDoSdefense knowledge.

DDoS Mitigation Lab

Page 3: Kill 'em All: DDoS Protection Total Annihilation!

DDoS Mitigation Lab

DDoS Relevance, Attack Categories, Detection & Mitigation

Source Host Verification: Authentication Methods TCP SYN Auth HTTP Redirect Auth HTTP Cookie Auth JavaScript Auth CAPTCHA Auth

PoC Tool TCP Traffic Model HTTP Traffic Model

Page 4: Kill 'em All: DDoS Protection Total Annihilation!

DDoS Mitigation Lab

Size

Bandwidth> 20Gbps

Complexity

Layer 7> 30%

Frequency

Attack> 2.5milper year

Cost

Lost> US$6Mper hour!!

Source: NTT Communications,“Successfully Combating DDoS Attacks” (Aug 2012)

Page 5: Kill 'em All: DDoS Protection Total Annihilation!

DDoS Mitigation Lab

Volumetric Semantic Blended

Page 6: Kill 'em All: DDoS Protection Total Annihilation!

DDoS Mitigation Lab

Page 7: Kill 'em All: DDoS Protection Total Annihilation!

DDoS Mitigation Lab

Page 8: Kill 'em All: DDoS Protection Total Annihilation!

DDoS Mitigation Lab

SYN ACK

SYN

ACK

RST

SYN

SYN ACK

ACK

Page 9: Kill 'em All: DDoS Protection Total Annihilation!

DDoS Mitigation Lab

RST

SYN

SYN ACK

SYN

SYN ACK

ACK

Page 10: Kill 'em All: DDoS Protection Total Annihilation!

DDoS Mitigation Lab

GET /index.html

HTTP 302 redir to /foo/index.html

GET /foo/index.html

HTTP 302 redir to /index.html

GET /index.html

Page 11: Kill 'em All: DDoS Protection Total Annihilation!

DDoS Mitigation Lab

GET /index.html

HTTP 302 redir to /index.html

HTTP 302 redir to /index.html

GET /index.html

GET /index.html

Page 12: Kill 'em All: DDoS Protection Total Annihilation!

DDoS Mitigation Lab

GET /index.html

HTTP 302 redir to /index.html [X-Header: foo=bar]

GET /index.html[X-Header: foo=bar]

GET /index.html[X-Header: foo=bar]

HTTP 302 redir to /index.html [X-Header: foo=bar]

GET /index.html

[X-Header: foo=bar]

Page 13: Kill 'em All: DDoS Protection Total Annihilation!

DDoS Mitigation Lab

GET /index.html

HTTP 302 redir to /index.html

GET /index.html

POST /auth.phpans=16

JS 7+nine=?

Page 14: Kill 'em All: DDoS Protection Total Annihilation!

DDoS Mitigation Lab

GET /index.html

HTTP 302 redir to /index.html

GET /index.html

POST /auth.php

Page 15: Kill 'em All: DDoS Protection Total Annihilation!

DDoS Mitigation Lab

c

Page 16: Kill 'em All: DDoS Protection Total Annihilation!

DDoS Mitigation Lab

c

Page 17: Kill 'em All: DDoS Protection Total Annihilation!

DDoS Mitigation Lab

c

Page 18: Kill 'em All: DDoS Protection Total Annihilation!

DDoS Mitigation Lab

Numb

er of

Con

necti

ons

Connection Hold TimeBefore 1st Request

Connection Idle TimeoutAfter Last Request

ConnectionsInterval

ConnectionsInterval

Page 19: Kill 'em All: DDoS Protection Total Annihilation!

DDoS Mitigation Lab

c

Page 20: Kill 'em All: DDoS Protection Total Annihilation!

DDoS Mitigation Lab

Numb

er of

Req

uests

per C

onne

ction

RequestsInterval

RequestsInterval

RequestsInterval

Page 21: Kill 'em All: DDoS Protection Total Annihilation!

DDoS Mitigation Lab

Testing results under specific conditions,valid as of Jul 13, 2013

Page 22: Kill 'em All: DDoS Protection Total Annihilation!

DDoS Mitigation Lab

Testing results under specific conditions,valid as of Jul 13, 2013

Page 23: Kill 'em All: DDoS Protection Total Annihilation!

DDoS Mitigation Lab

Testing results under specific conditions,valid as of Jul 13, 2013

Page 24: Kill 'em All: DDoS Protection Total Annihilation!

DDoS Mitigation Lab

Page 25: Kill 'em All: DDoS Protection Total Annihilation!

[email protected]

[email protected]


Creation Annihilation 1

Compton Annihilation - DESY

Annihilation Attacks for Multilinear Maps: Cryptanalysis ... · Annihilation Attacks. To address this gap, we introduce annihilation attacks, which attack multilinear maps in a new

DDoS Threat Landscape - CHI-NOGchinog.org/.../2016/05/10.-DDoS-Threat-Landscape.pdf · DDoS Threat Landscape . DDoS Handbook • A history and overview of DDoS • Review of attack

Universal DDoS Mitigation Bypass - Black Hat Briefings · PDF filefending against “Kill ’em All”-type attacks. 2 DDoS Attack Categories The crudest form of DDoS attack are

Annihilation Sponsorship Brochure

Rank Annihilation Based Methods

Annihilation Nova №2

Tony Mui and Wai-Leng Lee - Kill 'em All — DDoS Protection Total

Feshbach-resonance-mediated positron annihilation in …positrons.ucsd.edu/papers/ANN26.pdf · Feshbach-resonance-mediated positron annihilation in small molecules ... annihilation

DDOS REPORT | 2019 Global DDoS Threat Landscape · Global DDoS Threat Landscape DDOS REPORT | 2019. 2 2019 oa DDoS Trea acape Repor Contents 01 Highlights 02 Overview 03 Network layer

Pair Annihilation and Production

annihilation prologue

23.09.2006Karl Mannheim: Dark Matter Annihilation in Clumpy Halos / DESY Theory Workshop 20061 DarK Matter Annihilation In Clumpy Halos DarK Matter Annihilation

Marvel : Annihilation Saga - 036

Annihilation Talk

annihilation nova 2

Eternal Punishment or Annihilation?

Kill Point Kill Point Kill Point Kill Point Kill ... - ICTSA · Kill Point Kill Point Kill Point Kill Point Kill Point Kill Point Kill Point Kill Point Kill Point Kill Point Kill

Datasheet: DDoS Protection - Grayhats Datasheet DDoS...or OpenBSD vulnerabilities ... Datasheet: DDoS Protection DNS DDoS Protection ... DNS server. This protects your

annihilation nova 4

Prolexic DDoS Analytics & DDoS Mitigation In Real Time

DDoS hybrid protection - rsnog.rs · DDoS protection system –Hybrid solution •Telenor hybrid DDoS protection is based • Local netflow based DDoS protection segment • Cloud

DDoS Threats Landscape : Countering Large-scale DDoS attacks

(D)DOS DEMYSTIFIED - OARnet...DDoS Attack Customers DDoS Attack Volumetric Protection Cloud ISPa ISPb L3-4 DDoS mitigation DDoS Platform DDoS Platform L7 DDoS mitigation SSL Termination

DDoS Protection Place For DDoS Attacks

Proton-Antiproton Annihilation and Meson Spectroscopy with ... · Annihilation with relative angular momentum ‘= 1 (P-wave annihilation) can therefore be se- lected by detecting

DEFCON 21 Miu Lee Kill Em All DDoS Protection Total Annihilation WP Updated

annihilation nova 1

Annihilation Mechanisms - CCSE

Annihilation of Discrimination

Annihilation Nova №3

10. Creation and Annihilation Operators - math.byu.edumath.byu.edu/~sag/QuantumFieldTheory/10-Creation and Annihilation... · 772 10. Creation and Annihilation Operators The point

Botz-4-Sale: Surviving Organized DDoS Attacks That Mimic ...publications.csail.mit.edu/lcs/pubs/pdf/MIT-LCS-TR-969.pdf · ately given a Kill-Bots HTTP cookie. Kill-Bots has a few

Noisy annihilation Outline Sparsity Through Annihilation