catch me if you can a cloud based ddos defense
play

Catch me if you can A cloud based DdoS defense Mikal Fourrier DDoS - PowerPoint PPT Presentation

Mar 21, 2023 •165 likes •327 views

Catch me if you can A cloud based DdoS defense Mikal Fourrier DDoS attacks Goal: prevent the access to a computer system to it's legitimate users. DDoS: DoS attack on the network using a lot of different source IP Why:

  1. Catch me if you can A cloud based DdoS defense Mikaël Fourrier

  2. DDoS attacks ● Goal: prevent the access to a computer system to it's legitimate users. ● DDoS: DoS attack on the network using a lot of different source IP ● Why: – Reprisal (ex: Anonymous) – Cyber-war or cyber-terrorism – Extorsion ... 2

  3. Examples of DDoS attacks ● Volumetric attack 3

  4. Examples of DDoS attacks ● SYN flood (layer 4) 4

  5. Examples of DDoS attacks ● Application level (layer 7) – Download large file – Make heavy database request – Hit CPU-intensive URL – Upload large file 5

  6. Mitigations ● Have more servers and bandwidth – but useless the rest of the time – costs a lot ● Firewall with an IP blacklist – good for individual attacks, not so good against DDOS and dynamic IPs ● More secure code – only works against specifics attacks like file upload 6

  7. Need a way to dynamically add and remove new servers, only when needed... 7

  8. Enters the “cloud computing” ● Exemple: Amazon EC2 – VM based – Auto-scaling – Quick start of new instances – Pay what you use – Very high total bandwidth and computing power 8

  9. Catch me if you can ● “A cloud-enabled defense mechanism for Internet services against network and computational DDoS attacks” ● Uses a “shuffling” mechanism to segregate attackers and legitimate users ● Add and remove servers to present a moving target 9

  10. Architecture 10

  11. Points of failure ● DNS servers – still a problem ● Load balancers – not a problem with Amazon ● Replica – not a problem with auto-scaling ● Coordination server – not accessible from the internet so not a problem 11

  12. Interlude: Persistent vs naïve bot ● Naïve bot: dumb – can only attack one IP ● Persistent bot: adaptative – can follow a target – understand HTTP redirect 12

  13. Clients segregation ● RS_3 is bot free! ● Some naïve bots can still attack RS_1 and RS_2, so we shut them down ● Use WebSocket to redirect connected clients ● Use of an dynamic programing or greedy algorithm to make the best segregation possible to maximize the number of saved clients 13

  14. Results 14

  15. Discussion ● Dependent on Amazon infrastructure ● Worst case scenario used ● Catch non-aggressive attackers (stateless algorithm) ● Can catch re-entrant bots ● Cost effective and scalable ● Doesn't require an application modification 15

  16. Credits ● Original paper: http://cs.gmu.edu/~astavrou/research/Catch _me_if_you_can_DSN14.pdf ● DdoSBootcamp (images): https://www.ddosbootcamp.com/ 16

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Ca Catch ch M Me If Ca e If Can: A Cl A Clou oud-En -Enabled ed DDoS DDoS De Defen ense

Ca Catch ch M Me If Ca e If Can: A Cl A Clou oud-En -Enabled ed DDoS DDoS De Defen ense

Ca Catch ch M Me If Ca e If Can: A Cl A Clou oud-En -Enabled ed DDoS DDoS De Defen ense e Quan Jia, Huangxin Wang, Dan Fleck, Fei Li, Angelos Stavrou, Walter Powell Presented by Surya Mani Content u Motivation u Related Work u

262 views • 23 slides
A Taxonomy of DDoS Attacks and DDoS Defense Mechanisms Jelena Mirkovic, Janice Martin & Peter

A Taxonomy of DDoS Attacks and DDoS Defense Mechanisms Jelena Mirkovic, Janice Martin & Peter

A Taxonomy of DDoS Attacks and DDoS Defense Mechanisms Jelena Mirkovic, Janice Martin & Peter Reiher Manu Shantharam & David Hadka What is DoS? DoS A type of attack wherein access to computer resource / service is denied or

380 views • 18 slides
DDoS Defense Mechanisms for IXP Infrastructures Tim Dijkhuizen Lennart van Gijtenbeek

DDoS Defense Mechanisms for IXP Infrastructures Tim Dijkhuizen Lennart van Gijtenbeek

DDoS Defense Mechanisms for IXP Infrastructures Tim Dijkhuizen Lennart van Gijtenbeek Supervisor: Stavros Konstantaras (AMS-IX) SNE: Research Project II 03-07-2018 Introduction D istributed D enial o f S ervice DDoS attacks on banks in

720 views • 33 slides
No Cloud Allowed Denying Service to DDOS Protection Services Presented by: Allison Nixon

No Cloud Allowed Denying Service to DDOS Protection Services Presented by: Allison Nixon

No Cloud Allowed Denying Service to DDOS Protection Services Presented by: Allison Nixon Allison.Nixon@integralis.com Pentesting, Incident Response PaulDotCom host Cloud Based DDOS Protection How it works Fundamental flaws

875 views • 25 slides
Network Security CIA +Availability By Jinjian Ma Topics DOS/DDoS Detection & Defense

Network Security CIA +Availability By Jinjian Ma Topics DOS/DDoS Detection & Defense

Network Security CIA +Availability By Jinjian Ma Topics DOS/DDoS Detection & Defense Prevention DOS/DDoS Types Vulnerability attack Flooding attack DoS vs DDoS DoS: Attack is launched from single host Less

614 views • 26 slides
DDOS: DDos and DDonts DrupalCon 2016 Agenda What is DDoS Detecting DDoS Attacks

DDOS: DDos and DDonts DrupalCon 2016 Agenda What is DDoS Detecting DDoS Attacks

DDOS: DDos and DDonts DrupalCon 2016 Agenda What is DDoS Detecting DDoS Attacks DDoS Prevention Improving Performance Questions Glossary DDoS - Attempt to make a server or network resource unavailable to Internet

549 views • 30 slides
DDoS Defense by Defense by DDoS Offense Offense Published in ACM SIGCOMM06 Presented By:

DDoS Defense by Defense by DDoS Offense Offense Published in ACM SIGCOMM06 Presented By:

DDoS Defense by Defense by DDoS Offense Offense Published in ACM SIGCOMM06 Presented By: Marwa K. Elteir Outline Outline Problem definition Problem definition Related Work Related Work Speak Speak- -up up Model Model

458 views • 9 slides
Universal DDoS Mitigation Bypass DDoS Mitigation Lab About Us Industry body formed to foster

Universal DDoS Mitigation Bypass DDoS Mitigation Lab About Us Industry body formed to foster

Universal DDoS Mitigation Bypass DDoS Mitigation Lab About Us Industry body formed to foster synergy among stakeholders to promote advancement in DDoS defense knowledge. Independent academic R&D division of Nexusguard building next

764 views • 44 slides
Practical Verifiable In-network Filtering for DDoS Defense Deli Gong, Muoi Tran , Shweta Shinde,

Practical Verifiable In-network Filtering for DDoS Defense Deli Gong, Muoi Tran , Shweta Shinde,

Practical Verifiable In-network Filtering for DDoS Defense Deli Gong, Muoi Tran , Shweta Shinde, Hao Jin, Vyas Sekar, Prateek Saxena, Min Suk Kang July 8, 2019 | Dallas, TX Large-scale volumetric DDoS attacks are common (distributed denial of

569 views • 29 slides
Optical-Aware DDoS Defense Matt Hall, Ramakrishnan Durairajan, Guyue (Grace) Liu, Vyas Sekar

Optical-Aware DDoS Defense Matt Hall, Ramakrishnan Durairajan, Guyue (Grace) Liu, Vyas Sekar

Optical-Aware DDoS Defense Matt Hall, Ramakrishnan Durairajan, Guyue (Grace) Liu, Vyas Sekar DDoS Attacks A persistent threat on the global Internet Working from home new online tools for collaboration New tools new attack

405 views • 9 slides
CDN on Demand Affordable DDoS Defense using Untrusted IaaS-Clouds Yossi Gilad, Michael Goberman,

CDN on Demand Affordable DDoS Defense using Untrusted IaaS-Clouds Yossi Gilad, Michael Goberman,

CDN on Demand Affordable DDoS Defense using Untrusted IaaS-Clouds Yossi Gilad, Michael Goberman, Amir Herzberg and Michael Sudkovitch Talk Outline Content Delivery Networks as DoS defense The CDN-on-Demand system Clientless

529 views • 22 slides
Filtering Based Techniques DDOS Attacks: Target CPU / Bandwidth for DDOS Mitigation

Filtering Based Techniques DDOS Attacks: Target CPU / Bandwidth for DDOS Mitigation

Introduction: Filtering Based Techniques DDOS Attacks: Target CPU / Bandwidth for DDOS Mitigation Attacker signals slaves to launch an attack on a specific target address (victim). Slaves then respond by Comp290: Network

275 views • 9 slides
On t On the F he Feas easibilit ibility o y of Re Rerouting-bas based D d DDoS D S Defens

On t On the F he Feas easibilit ibility o y of Re Rerouting-bas based D d DDoS D S Defens

On t On the F he Feas easibilit ibility o y of Re Rerouting-bas based D d DDoS D S Defens nses Mu Muoi Tran , Min Suk Kang, Hsu-Chun Hsiao, Wei-Hsuan Chiang, Shu-Po Tung, Yu-Su Wang May 2019 | San Francisco, CA Transit-link DDoS

548 views • 29 slides
On the Feasibility of Rerouting-based DDoS Defenses Muoi Tran , Min Suk Kang, Hsu-Chun Hsiao,

On the Feasibility of Rerouting-based DDoS Defenses Muoi Tran , Min Suk Kang, Hsu-Chun Hsiao,

On the Feasibility of Rerouting-based DDoS Defenses Muoi Tran , Min Suk Kang, Hsu-Chun Hsiao, Wei-Hsuan Chiang, Shu-Po Tung, Yu-Su Wang May 2019 | San Francisco, CA Transit-link DDoS attack: a powerful type of volumetric DDoS attack

438 views • 25 slides
Modelling and simulation of a defense strategy to face indirect DDoS flooding attacks A. Furfaro,

Modelling and simulation of a defense strategy to face indirect DDoS flooding attacks A. Furfaro,

Modelling and simulation of a defense strategy to face indirect DDoS flooding attacks A. Furfaro, P. Pace, A. Parise, L. Molina Valdiviezo Universit` a della Calabria D.I.M.E.S 87036 Rende(CS) - Italy Email: a.furfaro@unical.it A. Furfaro

510 views • 18 slides
A 1 Moving-target Defense Strategy for Cloud-based Services with Heterogeneous and Dynamic Attack

A 1 Moving-target Defense Strategy for Cloud-based Services with Heterogeneous and Dynamic Attack

A 1 Moving-target Defense Strategy for Cloud-based Services with Heterogeneous and Dynamic Attack Surfaces Wei Peng 1 Feng Li 1 Chin-Tser Huang 2 Xukai Zou 1 1 Indiana University-Purdue University Indianapolis (IUPUI.edu) 2 University of South

857 views • 22 slides
Characteriza*on of Blacklists and Tainted Network Traffic Jing Zhang

Characteriza*on of Blacklists and Tainted Network Traffic Jing Zhang

Characteriza*on of Blacklists and Tainted Network Traffic Jing Zhang 1 , Ari Chivukula 1 , Michael Bailey 1 , Manish Karir 2 , and Mingyan Liu 1 1 University of Michigan 2 Cyber Security Division, Department of

497 views • 24 slides
Pattern Selection using CEGAR Alexander Rovner University of Basel July 31, 2018 Background

Pattern Selection using CEGAR Alexander Rovner University of Basel July 31, 2018 Background

Background Pattern Selection Merge Avoidance Evaluation Conclusion Pattern Selection using CEGAR Alexander Rovner University of Basel July 31, 2018 Background Pattern Selection Merge Avoidance Evaluation Conclusion Planning Tasks

811 views • 54 slides
Detection of browser-based cryptocurrency mining Veelasha Moonsamy Radboud University, The

Detection of browser-based cryptocurrency mining Veelasha Moonsamy Radboud University, The

Detection of browser-based cryptocurrency mining Veelasha Moonsamy Radboud University, The Netherlands 25 June 2019 Blockchain and Cryptocurrencies Security School University of Padova, Italy Radboud University, Nijmegen, NL 2 DiS research

1.44k views • 107 slides
Location tracking Location tracking Engineering & Public Policy Lorrie Faith Cranor

Location tracking Location tracking Engineering & Public Policy Lorrie Faith Cranor

CyLab Location tracking Location tracking Engineering & Public Policy Lorrie Faith Cranor October 14, 2014 y & c S a e v c i u r P r i t e y l b L a a s b U o 8-533 / 8-733 / 19-608 / 95-818: b r a a

893 views • 44 slides
5. From "Jazz Age" to Depression: The Tragedy of the 1920's 5.1. "The Age of

5. From "Jazz Age" to Depression: The Tragedy of the 1920's 5.1. "The Age of

5. From "Jazz Age" to Depression: The Tragedy of the 1920's 5.1. "The Age of Wonderful Nonsense" 5.2. "Brother Can You Spare a Dime?" 5.1. "The Age of Wonderful Nonsense" 5.1.1 "The Business of

899 views • 88 slides
Unofficial Results Theater black is better than expected - many achieving under 2 mNits

Unofficial Results Theater black is better than expected - many achieving under 2 mNits

Gather support and define test procedures Measure existing systems (in theater) As-Built DCPL-S We are here 2D and 3D Teach exhibitors how to Measure mastering suites measure Gather additional measurements Prep content for higher

232 views • 7 slides
Outline Announcements Exercise set 4 debrief CSci 5271 Introduction to Computer Security

Outline Announcements Exercise set 4 debrief CSci 5271 Introduction to Computer Security

Outline Announcements Exercise set 4 debrief CSci 5271 Introduction to Computer Security Bitcoin experience (contd) Day 26: Student Project Presentations #1 Social network tracking 1:18 Stephen McCamant Evasive JavaScript malware 1:36

656 views • 4 slides
2018 Fall Financial Education Housekeeping Slides will advance automatically Todays

2018 Fall Financial Education Housekeeping Slides will advance automatically Todays

2018 Fall Financial Education Housekeeping Slides will advance automatically Todays presentation is being recorded Presentation will be posted online within a week Submit questions for Q&A at the end of the webinar

535 views • 28 slides

More recommend