Defense Against Rapidly Morphing DDOS

Channel:
United States All Hacking Cons
Subscribers:
6,070
Published on ● Video Link: https://www.youtube.com/watch?v=BwA-rmW9Nmc


Duration: 36:17
11 views
0

Defense Against Rapidly Morphing DDOS
Mudit Tyagi | Architect, Security Products, F5 Networks
Mikhail Fedorov | Product Management Engineer, Security, F5 Networks
Location: South Seas CDF
Date: Wednesday, August 7 | 5:05pm-5:30pm
Format: 25-Minute Briefings
Tracks: Network Defense, Enterprise

In June 2018 ProtonMail suffered rapidly morphing sustained DDOS attacks that included Syn Floods, TCP handshake violations, TCP Zero Sequence, ACK floods, NTP non-standard port floods, reflection attacks on SSDP, NTP, Chargen, LDAP and Memcache protocols[1].

We created an attack toolkit that mimics the ProtonMail attacks, and used it to study the efficacy of various defenses against an attack like ProtonMail suffered. We discovered that using standard techniques to fight off rapidly changing bursting attacks is near impossible for SOC operators, as speed of human action to understand the attack and apply well known mitigation is too slow.

We found that a combination of an unsupervised Machine Learning algorithm to determine a baseline, perform anomaly detection and mitigation, and another Machine Learning algorithm to tune the performance of the first, yielded the most effective defense. With this scheme in place, the SOC operator did not have to react at machine speed but simply monitored the findings and the actions of the machine.



Black Hat - USA - 2019 Hacking conference
#hacking, #hackers, #infosec, #opsec, #IT, #security



Other Videos By All Hacking Cons


2022-01-08Operational Templates for State Level Attack and Collective Defense of Countries
2022-01-08Internet Scale Analysis of AWS Cognito Security
2022-01-08Paging All Windows Geeks Finding Evil in Windows 10 Compressed Memory
2022-01-08Legal GNSS Spoofing and its Effects on Autonomous Vehicles
2022-01-08Reverse Engineering WhatsApp Encryption for Chat Manipulation and More
2022-01-08Lessons and Lulz The 5th Annual Black Hat USA NOC Report
2022-01-08Rogue7 Rogue Engineering Station Attacks on S7 Simatic PLCs
2022-01-08PeriScope An Effective Probing and Fuzzing Framework for the Hardware OS Boundary
2022-01-07Attacking iPhone XS Max
2022-01-07Come Join the CAFSA - Continuous Automated Firmware Security Analysis
2022-01-07Defense Against Rapidly Morphing DDOS
2022-01-07Automation Techniques in C++ Reverse Engineering
2022-01-07He Said, She Said – Poisoned RDP Offense and Defense
2022-01-07Command Injection in F5 iRules
2022-01-07Battle of Windows Service: A Silver Bullet to Discover File Privilege Escalation Bugs Automatically
2022-01-07Denial of Service with a Fistful of Packets: Exploiting Algorithmic Complexity Vulnerabilities
2022-01-07HostSplit: Exploitable Antipatterns in Unicode Normalization
2022-01-07Behind the scenes of iOS and Mac Security
2022-01-07How Do Cyber Insurers View The World?
2022-01-07Controlled Chaos: The Inevitable Marriage of DevOps & Security
2022-01-07Detecting Deep Fakes with Mice


Tags:
data
hacker
security
computer
internet
technology
hacking
attack
digital
virus
information
hack
online
crime
code
web
concept
thief
protection
scam
fraud
malware
secure
identity
phishing
access
safety
theft
firewall
communication
business
privacy
account
spy
programmer
program
spyware
hacked
hacking conference
conference
learn
how to
2022
2021
cybersecurity
owned
break in
google
securing
exploit
exploitation
recon
social engineering
Mikhail Fedorov
Mudit Tyagi
Morphing DDoS
Defense