Kill 'em All: DDoS Protection Total Annihilation!

DDoS Protecion Total AnnihilationD

DDoS Mitigation Lab

Independent academic R&D division of Nexusguard building next generation DDoSmitigation knowledge and collaborate with defense community.

Industry body formed to foster synergy among stakeholders to promote advancement in DDoSdefense knowledge.

DDoS Mitigation Lab

DDoS Relevance, Attack Categories, Detection & Mitigation

Source Host Verification: Authentication Methods TCP SYN Auth HTTP Redirect Auth HTTP Cookie Auth JavaScript Auth CAPTCHA Auth

PoC Tool TCP Traffic Model HTTP Traffic Model

DDoS Mitigation Lab

Bandwidth> 20Gbps

Complexity

Layer 7> 30%

Frequency

Attack> 2.5milper year

Lost> US$6Mper hour!!

Source: NTT Communications,“Successfully Combating DDoS Attacks” (Aug 2012)

DDoS Mitigation Lab

Volumetric Semantic Blended

DDoS Mitigation Lab

SYN ACK

DDoS Mitigation Lab

SYN ACK

DDoS Mitigation Lab

GET /index.html

HTTP 302 redir to /foo/index.html

GET /foo/index.html

HTTP 302 redir to /index.html

GET /index.html

DDoS Mitigation Lab

GET /index.html

DDoS Mitigation Lab

GET /index.html

HTTP 302 redir to /index.html [X-Header: foo=bar]

GET /index.html[X-Header: foo=bar]

HTTP 302 redir to /index.html [X-Header: foo=bar]

GET /index.html

[X-Header: foo=bar]

DDoS Mitigation Lab

GET /index.html

POST /auth.phpans=16

JS 7+nine=?

DDoS Mitigation Lab

GET /index.html

POST /auth.php

DDoS Mitigation Lab

Connection Hold TimeBefore 1st Request

Connection Idle TimeoutAfter Last Request

ConnectionsInterval

DDoS Mitigation Lab

RequestsInterval

DDoS Mitigation Lab

Testing results under specific conditions,valid as of Jul 13, 2013

DDoS Mitigation Lab

tony.miu@nexusguard.com

waileng.lee@bloodspear.org

Kill 'em All: DDoS Protection Total Annihilation!

Documents

Annihilation Mechanisms - CCSE

Creation Annihilation 1

Noisy annihilation Outline Sparsity Through Annihilation

DDoS Threat Landscape - CHI-NOGchinog.org/.../2016/05/10.-DDoS-Threat-Landscape.pdf · DDoS Threat Landscape . DDoS Handbook • A history and overview of DDoS • Review of attack

Annihilation Talk

Annihilation Drax

DDoS Attacks 101 - Vistnet DDoS Protection & Mitigation ...€¦ · DDoS Protection Company V DDoS Attacks 101 eserved. 7 In the meantime the quality of DDoS attack software is improving;

annihilation nova 1

IoTDDoS Attacks Detection based on SDN · DDoS ATTACK ON IOT DDoS on Perception Layer RFID Jamming RFID Kill Command Attack RFID De-synchronizing Attack 1. Sonar, K., & Upadhyay,

Proton-Antiproton Annihilation and Meson Spectroscopy with ... · Annihilation with relative angular momentum ‘= 1 (P-wave annihilation) can therefore be se- lected by detecting

“WAR OF ANNIHILATION”

Annihilation Nova №2

Positron annihilation studies on vacancy defects in …lib.tkk.fi/Diss/2010/isbn9789526030227/isbn9789526030227.pdf · Positron annihilation studies on vacancy ... Positron annihilation

Annihilation Conquest Quasar

Scalable DDoS mitigation · •Scalable DDoS Mitigation –BGP FlowSpec •Cloud DDoS Protection –F5 Silverline. DDoS Overview • Distributed denial-of‐service (DDoS) attacks

Annihilation Nova №4

Rank Annihilation Based Methods

Annihilation of Discrimination

Annihilation Attacks for Multilinear Maps: Cryptanalysis ... · Annihilation Attacks. To address this gap, we introduce annihilation attacks, which attack multilinear maps in a new

annihilation nova 2