Anatomy of 3 DDoS Attacks: Volumetric, Network, Application

Webinar Registration

What you hear about in the media are the massive attacks like the WireX botnet that comprised hundreds of thousands of devices in over a hundred countries or the attack against Dyn by the Mirai botnet that brought down Twitter, the Guardian, Netflix, Reddit, CNN.

That might make a lot of us think that that we are too small to be hit by a DDoS attack, or if we are, we’ll be caught up with thousands of others in an attack that the larger players will have to deal with. 

But the truth is that every day companies from small, medium to large are the target of DDoS attacks motivated by a variety of reasons:

  • Random, nihilistic
  • Hacktivism against your industry or country
  • Ransom – “pay us and we’ll stop”
  • Disgruntled employee
  • Market manipulation
  • Diversion to mask data exfiltration
  • Competition
  • Accidental
  • Criminals demonstrating capabilities to possible customers

The latter is well illustrated by the story of John Kelsey Gammell who was charged by the FBI for attacking his former employer, Washburn Computer Group using several DDoS for hire services that only cost him a few hundred dollars. 

Can you rely on your ISP to protect you? Not in most cases. If it becomes a problem for the ISP you’ll get some attention, but you are responsible for dealing with the traffic that hits your network. You might even get “blackholed” by the ISP in an attempt to protect its other customers. In fact, Gammell allegedly bragged about being able to take down a site protected by a big name ISP’s DDOS mitigation.

With the advent of botnets based on countless IoT devices, 2017 has been called the year of DDOS attacks and if you do a little googling you’ll find all kinds of examples of DDOS victims. Illustrating the growth in DDOS, the FBI is asking victims to report attacks to the local FBI field office.

In this webinar, we will look at the technology behind the 3 types of DDOS attacks:

  • Volumetric – overwhelms victim by sheer number of packets
  • Network – exhausts TCP resources in the network stack of target systems
  • Application – exploits limits and bugs in the higher-level application

After showing you how these 3 types of attacks work, we’ll pivot to mitigation techniques. The first step is detecting DDOS and distinguishing it from any number of other causes such as an upsurge in legitimate traffic, component outages, etc. Then how to respond? Some responses like simple rate limiting are so ham-fisted that they throw out the baby with the proverbial bath water, inadvertently blocking legitimate users. For all practical purposes, the denial of service attack is still successful in such cases. So, we’ll talk about source address filtering and the challenge that massive IoT botnets poses to that technique. The biggest things you have to do is be able to dynamically respond to exponential changes in volume, while also accurately distinguishing good traffic from bad.

Joining me for this real training event is Don Shin, a DDoS expert from our sponsor A10 Networks. Don will discuss attacks he’s seen and briefly show you how A10’s hybrid approach uses local appliances and on-demand cloud capabilities to provide effective but affordable protection.

Please join us for this real training for free session.

First Name:   
Last Name:   
Work Email:  
Job Title:  

Your information will be shared with the sponsor.

By clicking "Submit", you're agreeing to our Privacy Policy and consenting to be contacted by us and the sponsor.



Additional Resources