ddos protecion total annihilationda con 21/def con 21... · nexusguard building next generation...
TRANSCRIPT
![Page 1: DDoS Protecion Total AnnihilationDA CON 21/DEF CON 21... · Nexusguard building next generation DDoS mitigation knowledge and collaborate with defense community. Industry body formed](https://reader034.vdocuments.net/reader034/viewer/2022042919/5f5fef1af454752c9d68be06/html5/thumbnails/1.jpg)
DDoS Protecion Total AnnihilationD
DDoS Mitigation Lab
A
![Page 2: DDoS Protecion Total AnnihilationDA CON 21/DEF CON 21... · Nexusguard building next generation DDoS mitigation knowledge and collaborate with defense community. Industry body formed](https://reader034.vdocuments.net/reader034/viewer/2022042919/5f5fef1af454752c9d68be06/html5/thumbnails/2.jpg)
DDoS Mitigation Lab
Independent academic R&D division of Nexusguard building next generation DDoSmitigation knowledge and collaborate with defense community.
Industry body formed to foster synergy among stakeholders to promote advancement in DDoSdefense knowledge.
DDoS Mitigation Lab
![Page 3: DDoS Protecion Total AnnihilationDA CON 21/DEF CON 21... · Nexusguard building next generation DDoS mitigation knowledge and collaborate with defense community. Industry body formed](https://reader034.vdocuments.net/reader034/viewer/2022042919/5f5fef1af454752c9d68be06/html5/thumbnails/3.jpg)
DDoS Mitigation Lab
DDoS Relevance, Attack Categories, Detection & Mitigation
Source Host Verification: Authentication Methods TCP SYN Auth HTTP Redirect Auth HTTP Cookie Auth JavaScript Auth CAPTCHA Auth
PoC Tool TCP Traffic Model HTTP Traffic Model
![Page 4: DDoS Protecion Total AnnihilationDA CON 21/DEF CON 21... · Nexusguard building next generation DDoS mitigation knowledge and collaborate with defense community. Industry body formed](https://reader034.vdocuments.net/reader034/viewer/2022042919/5f5fef1af454752c9d68be06/html5/thumbnails/4.jpg)
DDoS Mitigation Lab
Size
Bandwidth> 20Gbps
Complexity
Layer 7> 30%
Frequency
Attack> 2.5milper year
Cost
Lost> US$6Mper hour!!
Source: NTT Communications,“Successfully Combating DDoS Attacks” (Aug 2012)
![Page 5: DDoS Protecion Total AnnihilationDA CON 21/DEF CON 21... · Nexusguard building next generation DDoS mitigation knowledge and collaborate with defense community. Industry body formed](https://reader034.vdocuments.net/reader034/viewer/2022042919/5f5fef1af454752c9d68be06/html5/thumbnails/5.jpg)
DDoS Mitigation Lab
Volumetric Semantic Blended
![Page 6: DDoS Protecion Total AnnihilationDA CON 21/DEF CON 21... · Nexusguard building next generation DDoS mitigation knowledge and collaborate with defense community. Industry body formed](https://reader034.vdocuments.net/reader034/viewer/2022042919/5f5fef1af454752c9d68be06/html5/thumbnails/6.jpg)
DDoS Mitigation Lab
![Page 7: DDoS Protecion Total AnnihilationDA CON 21/DEF CON 21... · Nexusguard building next generation DDoS mitigation knowledge and collaborate with defense community. Industry body formed](https://reader034.vdocuments.net/reader034/viewer/2022042919/5f5fef1af454752c9d68be06/html5/thumbnails/7.jpg)
DDoS Mitigation Lab
![Page 8: DDoS Protecion Total AnnihilationDA CON 21/DEF CON 21... · Nexusguard building next generation DDoS mitigation knowledge and collaborate with defense community. Industry body formed](https://reader034.vdocuments.net/reader034/viewer/2022042919/5f5fef1af454752c9d68be06/html5/thumbnails/8.jpg)
DDoS Mitigation Lab
SYN ACK
SYN
ACK
RST
SYN
SYN ACK
ACK
![Page 9: DDoS Protecion Total AnnihilationDA CON 21/DEF CON 21... · Nexusguard building next generation DDoS mitigation knowledge and collaborate with defense community. Industry body formed](https://reader034.vdocuments.net/reader034/viewer/2022042919/5f5fef1af454752c9d68be06/html5/thumbnails/9.jpg)
DDoS Mitigation Lab
RST
SYN
SYN ACK
SYN
SYN ACK
ACK
![Page 10: DDoS Protecion Total AnnihilationDA CON 21/DEF CON 21... · Nexusguard building next generation DDoS mitigation knowledge and collaborate with defense community. Industry body formed](https://reader034.vdocuments.net/reader034/viewer/2022042919/5f5fef1af454752c9d68be06/html5/thumbnails/10.jpg)
DDoS Mitigation Lab
GET /index.html
HTTP 302 redir to /foo/index.html
GET /foo/index.html
HTTP 302 redir to /index.html
GET /index.html
![Page 11: DDoS Protecion Total AnnihilationDA CON 21/DEF CON 21... · Nexusguard building next generation DDoS mitigation knowledge and collaborate with defense community. Industry body formed](https://reader034.vdocuments.net/reader034/viewer/2022042919/5f5fef1af454752c9d68be06/html5/thumbnails/11.jpg)
DDoS Mitigation Lab
GET /index.html
HTTP 302 redir to /index.html
HTTP 302 redir to /index.html
GET /index.html
GET /index.html
![Page 12: DDoS Protecion Total AnnihilationDA CON 21/DEF CON 21... · Nexusguard building next generation DDoS mitigation knowledge and collaborate with defense community. Industry body formed](https://reader034.vdocuments.net/reader034/viewer/2022042919/5f5fef1af454752c9d68be06/html5/thumbnails/12.jpg)
DDoS Mitigation Lab
GET /index.html
HTTP 302 redir to /index.html [X-Header: foo=bar]
GET /index.html[X-Header: foo=bar]
GET /index.html[X-Header: foo=bar]
HTTP 302 redir to /index.html [X-Header: foo=bar]
GET /index.html
[X-Header: foo=bar]
![Page 13: DDoS Protecion Total AnnihilationDA CON 21/DEF CON 21... · Nexusguard building next generation DDoS mitigation knowledge and collaborate with defense community. Industry body formed](https://reader034.vdocuments.net/reader034/viewer/2022042919/5f5fef1af454752c9d68be06/html5/thumbnails/13.jpg)
DDoS Mitigation Lab
GET /index.html
HTTP 302 redir to /index.html
GET /index.html
POST /auth.phpans=16
JS 7+nine=?
![Page 14: DDoS Protecion Total AnnihilationDA CON 21/DEF CON 21... · Nexusguard building next generation DDoS mitigation knowledge and collaborate with defense community. Industry body formed](https://reader034.vdocuments.net/reader034/viewer/2022042919/5f5fef1af454752c9d68be06/html5/thumbnails/14.jpg)
DDoS Mitigation Lab
GET /index.html
HTTP 302 redir to /index.html
GET /index.html
POST /auth.php
![Page 15: DDoS Protecion Total AnnihilationDA CON 21/DEF CON 21... · Nexusguard building next generation DDoS mitigation knowledge and collaborate with defense community. Industry body formed](https://reader034.vdocuments.net/reader034/viewer/2022042919/5f5fef1af454752c9d68be06/html5/thumbnails/15.jpg)
DDoS Mitigation Lab
c
![Page 16: DDoS Protecion Total AnnihilationDA CON 21/DEF CON 21... · Nexusguard building next generation DDoS mitigation knowledge and collaborate with defense community. Industry body formed](https://reader034.vdocuments.net/reader034/viewer/2022042919/5f5fef1af454752c9d68be06/html5/thumbnails/16.jpg)
DDoS Mitigation Lab
c
![Page 17: DDoS Protecion Total AnnihilationDA CON 21/DEF CON 21... · Nexusguard building next generation DDoS mitigation knowledge and collaborate with defense community. Industry body formed](https://reader034.vdocuments.net/reader034/viewer/2022042919/5f5fef1af454752c9d68be06/html5/thumbnails/17.jpg)
DDoS Mitigation Lab
c
![Page 18: DDoS Protecion Total AnnihilationDA CON 21/DEF CON 21... · Nexusguard building next generation DDoS mitigation knowledge and collaborate with defense community. Industry body formed](https://reader034.vdocuments.net/reader034/viewer/2022042919/5f5fef1af454752c9d68be06/html5/thumbnails/18.jpg)
DDoS Mitigation Lab
Numb
er of
Con
necti
ons
Connection Hold TimeBefore 1st Request
Connection Idle TimeoutAfter Last Request
ConnectionsInterval
ConnectionsInterval
![Page 19: DDoS Protecion Total AnnihilationDA CON 21/DEF CON 21... · Nexusguard building next generation DDoS mitigation knowledge and collaborate with defense community. Industry body formed](https://reader034.vdocuments.net/reader034/viewer/2022042919/5f5fef1af454752c9d68be06/html5/thumbnails/19.jpg)
DDoS Mitigation Lab
c
![Page 20: DDoS Protecion Total AnnihilationDA CON 21/DEF CON 21... · Nexusguard building next generation DDoS mitigation knowledge and collaborate with defense community. Industry body formed](https://reader034.vdocuments.net/reader034/viewer/2022042919/5f5fef1af454752c9d68be06/html5/thumbnails/20.jpg)
DDoS Mitigation Lab
Numb
er of
Req
uests
per C
onne
ction
RequestsInterval
RequestsInterval
RequestsInterval
![Page 21: DDoS Protecion Total AnnihilationDA CON 21/DEF CON 21... · Nexusguard building next generation DDoS mitigation knowledge and collaborate with defense community. Industry body formed](https://reader034.vdocuments.net/reader034/viewer/2022042919/5f5fef1af454752c9d68be06/html5/thumbnails/21.jpg)
DDoS Mitigation Lab
Testing results under specific conditions,valid as of Jul 13, 2013
![Page 22: DDoS Protecion Total AnnihilationDA CON 21/DEF CON 21... · Nexusguard building next generation DDoS mitigation knowledge and collaborate with defense community. Industry body formed](https://reader034.vdocuments.net/reader034/viewer/2022042919/5f5fef1af454752c9d68be06/html5/thumbnails/22.jpg)
DDoS Mitigation Lab
Testing results under specific conditions,valid as of Jul 13, 2013
![Page 23: DDoS Protecion Total AnnihilationDA CON 21/DEF CON 21... · Nexusguard building next generation DDoS mitigation knowledge and collaborate with defense community. Industry body formed](https://reader034.vdocuments.net/reader034/viewer/2022042919/5f5fef1af454752c9d68be06/html5/thumbnails/23.jpg)
DDoS Mitigation Lab
Testing results under specific conditions,valid as of Jul 13, 2013
![Page 24: DDoS Protecion Total AnnihilationDA CON 21/DEF CON 21... · Nexusguard building next generation DDoS mitigation knowledge and collaborate with defense community. Industry body formed](https://reader034.vdocuments.net/reader034/viewer/2022042919/5f5fef1af454752c9d68be06/html5/thumbnails/24.jpg)
DDoS Mitigation Lab