TEAM DNSDistributed Denial of Service Attacks

Dennis Galinsky, Brandon Mikelaitis, Michael Stanley

Brandon Williams, Ryan Williams

Agenda

Types of Attack

Source of Attacks

Prevention

History of Attacks

Business Aspect

TCP Connection Attack (SYN FLOOD)

Normal Connection SYN Flood

HTTP Get Flood HTTP Post Flood

Application Layer Attack

Source of Attack Botnets

What are they?How are they Created?Notable Botnet Army’s

○ Storm○ Rbot

For-HireHow much does it cost?Rent an ArmyThreat Level?

Prevention

Detect the threat Mitigate the threat

Distinguish good traffic from bad trafficBlock bad traffic while still allowing good

traffic through. Protect all points of vulnerability.

Prevention Methods

Blackholing Overprovision Routers Firewalls Intrusion Detection Systems (IDS) Third Party Protection

Blackholing

Blocking all traffic the network as far upstream as possible.

Traffic is diverted to a “black hole” where it is discarded.

Good and bad packets are discarded.Not an efficient solution to a DDoS attack.Attacker’s objective is still fulfilled.

Firewalls

Not purpose-built for DDoS attacks, but provide some protection.

Reside too far downstream in the network.

Lack of anomaly detection, can’t recognize when valid protocols are being used in an attack.

Cannot perform antispoofing on a packet by packet basis.

Third Party Protection

DNS based redirect service. Border Gateway Protocol (BGP) based

service. Content Delivery Network (CDN)

providers.

History of Attacks

Anonymous Hacktivist Group (Civil Disobedience)

Lizard Squad PlayStation 4 Network, Xbox Live, Facebook

GitHub Attack Chinese Government, Replaced JS Code to Force reload pages

Happening Now Digital Attack Map

Business AspectCosts for Businesses

DDoS Attacks Lead to: Software & Hardware Replacements Reduction in Revenue Loss of Consumer Trust Customer Data Theft

Questions?

Types of Attack

Source of Attacks

Prevention

History of Attacks

Business Aspect

Demonstration

References https://www.youtube.com/watch?v=BzgsT-_GC4Q https://www.youtube.com/watch?v=sUrM7_G_y7A http://searchsecurity.techtarget.com/definition/SYN-flooding http://us.norton.com/botnet/ http://www.webroot.com/blog/2012/06/06/ddos-for-hire-services-

offering-to-take-down-your-competitors-web-sites-going-mainstream/

https://www.blacklotus.net/learn/about-ddos-attacks/ http://www.slate.com/articles/technology/technology/2010/12/

in_defense_of_ddos.html http://www.cbronline.com/news/cybersecurity/cost-of-ddos-attack

s-tops-half-a-billion-dollars-4498766

http://databreachinsurancequote.com/cyber-insurance/cyber-insurance-can-serve-as-an-ideal-ddos-attack-response-plan/

http://www.kaspersky.com/about/news/business/2015/A-single-DDoS-attack-can-cost-a-company-more-than-400000-dollar