SlideShare ist ein Scribd-Unternehmen logo

DDoS Attacks Explained: Causes, Defenses and Solutions

S
segughana

This document discusses distributed denial of service (DDoS) attacks and botnets. It explains that DDoS attacks use multiple compromised internet-connected devices to overwhelm a target with traffic. Large botnets like Conficker have infected millions of devices worldwide. While targets can defend against low-level attacks, high volume attacks are difficult to defend against. Ultimately, reducing DDoS attacks requires addressing the root causes that enable the creation of botnets, such as improving user awareness of computer security and developing better security tools.

Technologie
1 von 11
Downloaden Sie, um offline zu lesen
DDoS  the  problem?   john.crain@icann.org  
What  is  DDoS?   •  “Distributed  Denial  of  Service  A>ack”   –  Uses  mulBple  hosts  on  the  Internet  to  focus  traffic   against  one  or    more  targets.   –  MulBple  can  mean  100’s  of  machine  but  could   also  mean  millions   –  Generates  more  traffic  than  the  target  can  handle,   hence  denying  service  to  legiBmate  traffic  
Source:  www.sans.org  
Just  a  small  sample  of  targets   •  2002  Root  Servers  a>acked   •  ……   •  2006  CafePress   •  2007  Estonia   •  2008  Scientology   •  2009  Twi>er   •  2010  Austalia’s  Parliament  House   •  2011  …..  ?  ?  ?  
BotNets  are  a  big  Problem   •  You  can  not  talk  about  DDoS  without   menBoning  the  hijacked  machines  that  are   used  in  the  a>acks!   •  Viruses/Worms  etc.  are  used  to  enable  control   of  poorly  secured  machines.     •  Can  be  spread  in  numerous  ways.  
How  big  is  the  BotNet  Problem?   •  We  don’t  really  know     –  Seriously!  That  is  a  sign  of  how  bad  it  is..   •  One  BotNet  is  Conficker:   –  We  can  measure  +/-­‐  6  million  unique  IP  addresses   showing  conficker  infecBons  globally….     –  However  that  does  not  count  individual  infecBons   behind  firewalls..  The  Chinese  say  that  they  see  18   million  conficker  infecBons  every  month!   Source:  h>p://www.confickerworkinggroup.org/  and  h>p://www.china.org.cn/government/whitepaper/node_7093508.htm  
Can  you  defend  against  this?   •  You  can  provision  to  deal  with  low  level   a>acks.  (bandwitdth,  system  resources)   •  You  can  have  processes  in  place  to  push  back   on  a>acks.  (Filtering  at  upstreams)   •  This  is  an  arms  raise,  one  where  we  pay  for   our  resources  but  the  “bad  guys”  don’t    
•  Infected  machines  are  not  just  used  for  DDoS,     -­‐  Also  used  to  collect,  store  and  move  data.   -­‐  (Including  peoples  IdenBBes,  money  and  other   sensiBve  data)   •  If  someone  owns  your  machine  they  can  do   anything  with  it  that  you  can  do  including   some  things  you  would  never  think  of  doing  
         “fight  the  disease  not  the  symptoms”   •  We  cannot  remove  the  threat  of  DDoS  unless   we  tackle  the  issues  that  allow  for  BotNets.   •  If  we  are  seeing  millions  of  machines  infected   then  clearly  the  way  we  are  currently  doing   things  is  not  working      
       User  awareness  and  computer  hygiene  needs   to  be  drasBcally  improved.  That  means  more   educaBon  and  be>er  user  tools.    We  must  find  ways  to  make  cybercrime  less   rewarding  and    much  higher  risk.            This  is  no  different  to  real  world  crime  problems!  
Thank  You   John  Crain   Senior  Director,     Security  Stability  and  Resiliency   ICANN   john.crain@icann.org  

Empfohlen

Decentralized internet
Decentralized internet Decentralized internet
Decentralized internet abhinavkeesari
 
Perspectives on Open
Perspectives on OpenPerspectives on Open
Perspectives on OpenTim O'Reilly
 
Your money or your files
Your money or your filesYour money or your files
Your money or your filesRoel Palmaers
 
The meaning of decentralization. Vadim Nareyko.
The meaning of decentralization. Vadim Nareyko.The meaning of decentralization. Vadim Nareyko.
The meaning of decentralization. Vadim Nareyko.Vadim Nareyko
 
"Cyber crime- how to combat the menace"
"Cyber crime- how to combat the menace""Cyber crime- how to combat the menace"
"Cyber crime- how to combat the menace"Dr. Sushma N Jogan
 
Cybercrime.ppt
Cybercrime.pptCybercrime.ppt
Cybercrime.pptAeman Khan
 
Chapter 4 E-Safety and Health & Safety
Chapter 4 E-Safety and Health & SafetyChapter 4 E-Safety and Health & Safety
Chapter 4 E-Safety and Health & SafetyAnjan Mahanta
 
Risk Factory: Top 10 Risks 2013
Risk Factory: Top 10 Risks 2013Risk Factory: Top 10 Risks 2013
Risk Factory: Top 10 Risks 2013Risk Crew
 

Empfohlen

Decentralized internet
Decentralized internet Decentralized internet
Decentralized internet abhinavkeesari
 
Perspectives on Open
Perspectives on OpenPerspectives on Open
Perspectives on OpenTim O'Reilly
 
Your money or your files
Your money or your filesYour money or your files
Your money or your filesRoel Palmaers
 
The meaning of decentralization. Vadim Nareyko.
The meaning of decentralization. Vadim Nareyko.The meaning of decentralization. Vadim Nareyko.
The meaning of decentralization. Vadim Nareyko.Vadim Nareyko
 
"Cyber crime- how to combat the menace"
"Cyber crime- how to combat the menace""Cyber crime- how to combat the menace"
"Cyber crime- how to combat the menace"Dr. Sushma N Jogan
 
Cybercrime.ppt
Cybercrime.pptCybercrime.ppt
Cybercrime.pptAeman Khan
 
Chapter 4 E-Safety and Health & Safety
Chapter 4 E-Safety and Health & SafetyChapter 4 E-Safety and Health & Safety
Chapter 4 E-Safety and Health & SafetyAnjan Mahanta
 
Risk Factory: Top 10 Risks 2013
Risk Factory: Top 10 Risks 2013Risk Factory: Top 10 Risks 2013
Risk Factory: Top 10 Risks 2013Risk Crew
 
CTO-Cybersecurity-Forum-2010-Cristina Buetti
CTO-Cybersecurity-Forum-2010-Cristina BuettiCTO-Cybersecurity-Forum-2010-Cristina Buetti
CTO-Cybersecurity-Forum-2010-Cristina Buettisegughana
 
Learning Center Results 2009
Learning Center Results 2009Learning Center Results 2009
Learning Center Results 2009Lindamood-Bell Learning Processes
 
Tomasz Czajkowski
Tomasz CzajkowskiTomasz Czajkowski
Tomasz Czajkowskisegughana
 
CTO-CybersecurityForum-2010-Mark-Oram
CTO-CybersecurityForum-2010-Mark-OramCTO-CybersecurityForum-2010-Mark-Oram
CTO-CybersecurityForum-2010-Mark-Oramsegughana
 
Father's day 2011
Father's day 2011Father's day 2011
Father's day 2011Brian Salisbury
 
AC&M Consulting: Russian mobile VAS market 1Q2011
AC&M Consulting: Russian mobile VAS market 1Q2011AC&M Consulting: Russian mobile VAS market 1Q2011
AC&M Consulting: Russian mobile VAS market 1Q2011Procontent.Ru Magazine
 
CTO-CybersecurityForum-2010-John Carr
CTO-CybersecurityForum-2010-John CarrCTO-CybersecurityForum-2010-John Carr
CTO-CybersecurityForum-2010-John Carrsegughana
 
CTO-CybersecurityForum-2010-Andrea Gloriso
CTO-CybersecurityForum-2010-Andrea GlorisoCTO-CybersecurityForum-2010-Andrea Gloriso
CTO-CybersecurityForum-2010-Andrea Glorisosegughana
 
Chapter 6 effects of ict on society
Chapter 6 effects of ict on societyChapter 6 effects of ict on society
Chapter 6 effects of ict on societyPratik Gupta
 
cybersecurity and cyber crime
cybersecurity and cyber crimecybersecurity and cyber crime
cybersecurity and cyber crimeDarshan Aswani
 
MobileMiner and NervousNet
MobileMiner and NervousNetMobileMiner and NervousNet
MobileMiner and NervousNetkingsBSD
 
IoT DDoS Attacks: the stakes have changed
IoT DDoS Attacks: the stakes have changed IoT DDoS Attacks: the stakes have changed
IoT DDoS Attacks: the stakes have changed Great Bay Software
 
Forensic And Cloud Computing
Forensic And Cloud ComputingForensic And Cloud Computing
Forensic And Cloud ComputingMitesh Katira
 
Web security-–-everything-we-know-is-wrong-eoin-keary
Web security-–-everything-we-know-is-wrong-eoin-kearyWeb security-–-everything-we-know-is-wrong-eoin-keary
Web security-–-everything-we-know-is-wrong-eoin-kearydrewz lin
 
Brooks18
Brooks18Brooks18
Brooks18Chuck Brooks
 
The Future is Here
The Future is HereThe Future is Here
The Future is HereJeff Bramwell
 
Botnet
BotnetBotnet
BotnetJoshin Gomez
 
Mcs2453 aniq mc101053-assignment1
Mcs2453 aniq mc101053-assignment1Mcs2453 aniq mc101053-assignment1
Mcs2453 aniq mc101053-assignment1Aniq Eastrarulkhair
 
BOTLAB excersise
BOTLAB excersiseBOTLAB excersise
BOTLAB excersiseAnthony Stamm
 
How to stop and apocalypse with second hand laptops and Open Source Software.
How to stop and apocalypse with second hand laptops and Open Source Software.How to stop and apocalypse with second hand laptops and Open Source Software.
How to stop and apocalypse with second hand laptops and Open Source Software.Emerson Tan
 
Botnets
BotnetsBotnets
BotnetsKavisha Miyan
 
Web security – application security roads to software security nirvana iisf...
Web security – application security roads to software security nirvana iisf...Web security – application security roads to software security nirvana iisf...
Web security – application security roads to software security nirvana iisf...Eoin Keary
 

Weitere ähnliche Inhalte

Andere mochten auch

CTO-Cybersecurity-Forum-2010-Cristina Buetti
CTO-Cybersecurity-Forum-2010-Cristina BuettiCTO-Cybersecurity-Forum-2010-Cristina Buetti
CTO-Cybersecurity-Forum-2010-Cristina Buettisegughana
 
Tomasz Czajkowski
Tomasz CzajkowskiTomasz Czajkowski
Tomasz Czajkowskisegughana
 
CTO-CybersecurityForum-2010-Mark-Oram
CTO-CybersecurityForum-2010-Mark-OramCTO-CybersecurityForum-2010-Mark-Oram
CTO-CybersecurityForum-2010-Mark-Oramsegughana
 
AC&M Consulting: Russian mobile VAS market 1Q2011
AC&M Consulting: Russian mobile VAS market 1Q2011AC&M Consulting: Russian mobile VAS market 1Q2011
AC&M Consulting: Russian mobile VAS market 1Q2011Procontent.Ru Magazine
 
CTO-CybersecurityForum-2010-John Carr
CTO-CybersecurityForum-2010-John CarrCTO-CybersecurityForum-2010-John Carr
CTO-CybersecurityForum-2010-John Carrsegughana
 
CTO-CybersecurityForum-2010-Andrea Gloriso
CTO-CybersecurityForum-2010-Andrea GlorisoCTO-CybersecurityForum-2010-Andrea Gloriso
CTO-CybersecurityForum-2010-Andrea Glorisosegughana
 

Andere mochten auch (8)

CTO-Cybersecurity-Forum-2010-Cristina Buetti
CTO-Cybersecurity-Forum-2010-Cristina BuettiCTO-Cybersecurity-Forum-2010-Cristina Buetti
CTO-Cybersecurity-Forum-2010-Cristina Buetti
 
Learning Center Results 2009
Learning Center Results 2009Learning Center Results 2009
Learning Center Results 2009
 
Tomasz Czajkowski
Tomasz CzajkowskiTomasz Czajkowski
Tomasz Czajkowski
 
CTO-CybersecurityForum-2010-Mark-Oram
CTO-CybersecurityForum-2010-Mark-OramCTO-CybersecurityForum-2010-Mark-Oram
CTO-CybersecurityForum-2010-Mark-Oram
 
Father's day 2011
Father's day 2011Father's day 2011
Father's day 2011
 
AC&M Consulting: Russian mobile VAS market 1Q2011
AC&M Consulting: Russian mobile VAS market 1Q2011AC&M Consulting: Russian mobile VAS market 1Q2011
AC&M Consulting: Russian mobile VAS market 1Q2011
 
CTO-CybersecurityForum-2010-John Carr
CTO-CybersecurityForum-2010-John CarrCTO-CybersecurityForum-2010-John Carr
CTO-CybersecurityForum-2010-John Carr
 
CTO-CybersecurityForum-2010-Andrea Gloriso
CTO-CybersecurityForum-2010-Andrea GlorisoCTO-CybersecurityForum-2010-Andrea Gloriso
CTO-CybersecurityForum-2010-Andrea Gloriso
 

Ähnlich wie DDoS Attacks Explained: Causes, Defenses and Solutions

Chapter 6 effects of ict on society
Chapter 6 effects of ict on societyChapter 6 effects of ict on society
Chapter 6 effects of ict on societyPratik Gupta
 
cybersecurity and cyber crime
cybersecurity and cyber crimecybersecurity and cyber crime
cybersecurity and cyber crimeDarshan Aswani
 
MobileMiner and NervousNet
MobileMiner and NervousNetMobileMiner and NervousNet
MobileMiner and NervousNetkingsBSD
 
IoT DDoS Attacks: the stakes have changed
IoT DDoS Attacks: the stakes have changed IoT DDoS Attacks: the stakes have changed
IoT DDoS Attacks: the stakes have changed Great Bay Software
 
Forensic And Cloud Computing
Forensic And Cloud ComputingForensic And Cloud Computing
Forensic And Cloud ComputingMitesh Katira
 
Web security-–-everything-we-know-is-wrong-eoin-keary
Web security-–-everything-we-know-is-wrong-eoin-kearyWeb security-–-everything-we-know-is-wrong-eoin-keary
Web security-–-everything-we-know-is-wrong-eoin-kearydrewz lin
 
Mcs2453 aniq mc101053-assignment1
Mcs2453 aniq mc101053-assignment1Mcs2453 aniq mc101053-assignment1
Mcs2453 aniq mc101053-assignment1Aniq Eastrarulkhair
 
How to stop and apocalypse with second hand laptops and Open Source Software.
How to stop and apocalypse with second hand laptops and Open Source Software.How to stop and apocalypse with second hand laptops and Open Source Software.
How to stop and apocalypse with second hand laptops and Open Source Software.Emerson Tan
 
Web security – application security roads to software security nirvana iisf...
Web security – application security roads to software security nirvana iisf...Web security – application security roads to software security nirvana iisf...
Web security – application security roads to software security nirvana iisf...Eoin Keary
 
Digital revolution with Cloud computing
Digital revolution with Cloud computingDigital revolution with Cloud computing
Digital revolution with Cloud computingTarry Singh
 
Bots and malware
Bots and malwareBots and malware
Bots and malwareDoron Segal
 
Who's that knocking on my firewall door?
Who's that knocking on my firewall door?Who's that knocking on my firewall door?
Who's that knocking on my firewall door?Bruce Wolfe
 
Web security – everything we know is wrong cloud version
Web security – everything we know is wrong cloud versionWeb security – everything we know is wrong cloud version
Web security – everything we know is wrong cloud versionEoin Keary
 
OWASP Ukraine Thomas George presentation
OWASP Ukraine Thomas George presentationOWASP Ukraine Thomas George presentation
OWASP Ukraine Thomas George presentationuisgslide
 

Ähnlich wie DDoS Attacks Explained: Causes, Defenses and Solutions (20)

Chapter 6 effects of ict on society
Chapter 6 effects of ict on societyChapter 6 effects of ict on society
Chapter 6 effects of ict on society
 
cybersecurity and cyber crime
cybersecurity and cyber crimecybersecurity and cyber crime
cybersecurity and cyber crime
 
MobileMiner and NervousNet
MobileMiner and NervousNetMobileMiner and NervousNet
MobileMiner and NervousNet
 
IoT DDoS Attacks: the stakes have changed
IoT DDoS Attacks: the stakes have changed IoT DDoS Attacks: the stakes have changed
IoT DDoS Attacks: the stakes have changed
 
Forensic And Cloud Computing
Forensic And Cloud ComputingForensic And Cloud Computing
Forensic And Cloud Computing
 
Web security-–-everything-we-know-is-wrong-eoin-keary
Web security-–-everything-we-know-is-wrong-eoin-kearyWeb security-–-everything-we-know-is-wrong-eoin-keary
Web security-–-everything-we-know-is-wrong-eoin-keary
 
Brooks18
Brooks18Brooks18
Brooks18
 
The Future is Here
The Future is HereThe Future is Here
The Future is Here
 
Botnet
BotnetBotnet
Botnet
 
Mcs2453 aniq mc101053-assignment1
Mcs2453 aniq mc101053-assignment1Mcs2453 aniq mc101053-assignment1
Mcs2453 aniq mc101053-assignment1
 
BOTLAB excersise
BOTLAB excersiseBOTLAB excersise
BOTLAB excersise
 
How to stop and apocalypse with second hand laptops and Open Source Software.
How to stop and apocalypse with second hand laptops and Open Source Software.How to stop and apocalypse with second hand laptops and Open Source Software.
How to stop and apocalypse with second hand laptops and Open Source Software.
 
Botnets
BotnetsBotnets
Botnets
 
Web security – application security roads to software security nirvana iisf...
Web security – application security roads to software security nirvana iisf...Web security – application security roads to software security nirvana iisf...
Web security – application security roads to software security nirvana iisf...
 
Digital revolution with Cloud computing
Digital revolution with Cloud computingDigital revolution with Cloud computing
Digital revolution with Cloud computing
 
Bots and malware
Bots and malwareBots and malware
Bots and malware
 
Cyber terrorism
Cyber terrorismCyber terrorism
Cyber terrorism
 
Who's that knocking on my firewall door?
Who's that knocking on my firewall door?Who's that knocking on my firewall door?
Who's that knocking on my firewall door?
 
Web security – everything we know is wrong cloud version
Web security – everything we know is wrong cloud versionWeb security – everything we know is wrong cloud version
Web security – everything we know is wrong cloud version
 
OWASP Ukraine Thomas George presentation
OWASP Ukraine Thomas George presentationOWASP Ukraine Thomas George presentation
OWASP Ukraine Thomas George presentation
 

Mehr von segughana

CTO-Cybersecurity-2010-Mohamed-El-Kattani
CTO-Cybersecurity-2010-Mohamed-El-KattaniCTO-Cybersecurity-2010-Mohamed-El-Kattani
CTO-Cybersecurity-2010-Mohamed-El-Kattanisegughana
 
CTO-CRC-Africa-2010-Report
CTO-CRC-Africa-2010-ReportCTO-CRC-Africa-2010-Report
CTO-CRC-Africa-2010-Reportsegughana
 
CTO-CyberSecurityForum-2010-Brisson-Boren
CTO-CyberSecurityForum-2010-Brisson-BorenCTO-CyberSecurityForum-2010-Brisson-Boren
CTO-CyberSecurityForum-2010-Brisson-Borensegughana
 
CTO-CyberSecurityForum-2010-Anthony dyhouse
CTO-CyberSecurityForum-2010-Anthony dyhouseCTO-CyberSecurityForum-2010-Anthony dyhouse
CTO-CyberSecurityForum-2010-Anthony dyhousesegughana
 
CTO-CyberSecurityForum-2010-Charles Ward
CTO-CyberSecurityForum-2010-Charles WardCTO-CyberSecurityForum-2010-Charles Ward
CTO-CyberSecurityForum-2010-Charles Wardsegughana
 
CTO-CyberSecurityForum-2010-Anders Johanson
CTO-CyberSecurityForum-2010-Anders JohansonCTO-CyberSecurityForum-2010-Anders Johanson
CTO-CyberSecurityForum-2010-Anders Johansonsegughana
 
CTO-CyberSecurityForum-2010-Philip Victor
CTO-CyberSecurityForum-2010-Philip VictorCTO-CyberSecurityForum-2010-Philip Victor
CTO-CyberSecurityForum-2010-Philip Victorsegughana
 
CTO-CybersecurityForum-2010-Des Ward
CTO-CybersecurityForum-2010-Des WardCTO-CybersecurityForum-2010-Des Ward
CTO-CybersecurityForum-2010-Des Wardsegughana
 
CTO-CybersecurityForum-2010-Richard Simpson
CTO-CybersecurityForum-2010-Richard SimpsonCTO-CybersecurityForum-2010-Richard Simpson
CTO-CybersecurityForum-2010-Richard Simpsonsegughana
 
CTO-CybersecurityForum-2010-Daisy francis
CTO-CybersecurityForum-2010-Daisy francisCTO-CybersecurityForum-2010-Daisy francis
CTO-CybersecurityForum-2010-Daisy francissegughana
 
CTO-CybersecurityForum-2010-Patricia Asognwe
CTO-CybersecurityForum-2010-Patricia AsognweCTO-CybersecurityForum-2010-Patricia Asognwe
CTO-CybersecurityForum-2010-Patricia Asognwesegughana
 
CTO-CybersecurityForum-2010-Jayantha Fernando
CTO-CybersecurityForum-2010-Jayantha FernandoCTO-CybersecurityForum-2010-Jayantha Fernando
CTO-CybersecurityForum-2010-Jayantha Fernandosegughana
 
CTO-CybersecurityForum-2010-John Crain
CTO-CybersecurityForum-2010-John CrainCTO-CybersecurityForum-2010-John Crain
CTO-CybersecurityForum-2010-John Crainsegughana
 
CTO-CybersecurityForum-2010-Michael Katundu
CTO-CybersecurityForum-2010-Michael KatunduCTO-CybersecurityForum-2010-Michael Katundu
CTO-CybersecurityForum-2010-Michael Katundusegughana
 
CTO-CybersecurityForum-2010-Joe Torres
CTO-CybersecurityForum-2010-Joe TorresCTO-CybersecurityForum-2010-Joe Torres
CTO-CybersecurityForum-2010-Joe Torressegughana
 
CTO-CybersecurityForum-2010-Will Gardner
CTO-CybersecurityForum-2010-Will GardnerCTO-CybersecurityForum-2010-Will Gardner
CTO-CybersecurityForum-2010-Will Gardnersegughana
 
CTO-CybersecurityForum-2010-Trilok-Debeesing
CTO-CybersecurityForum-2010-Trilok-DebeesingCTO-CybersecurityForum-2010-Trilok-Debeesing
CTO-CybersecurityForum-2010-Trilok-Debeesingsegughana
 
CTO-CybersecurityForum-2010-RonWilliams
CTO-CybersecurityForum-2010-RonWilliamsCTO-CybersecurityForum-2010-RonWilliams
CTO-CybersecurityForum-2010-RonWilliamssegughana
 
CTO-Cybersecurity-Forum2010-Thomas-Machdonogh
CTO-Cybersecurity-Forum2010-Thomas-MachdonoghCTO-Cybersecurity-Forum2010-Thomas-Machdonogh
CTO-Cybersecurity-Forum2010-Thomas-Machdonoghsegughana
 
CyberSecurity-Forum-2010-Mario Hoffmann
CyberSecurity-Forum-2010-Mario HoffmannCyberSecurity-Forum-2010-Mario Hoffmann
CyberSecurity-Forum-2010-Mario Hoffmannsegughana
 

Mehr von segughana (20)

CTO-Cybersecurity-2010-Mohamed-El-Kattani
CTO-Cybersecurity-2010-Mohamed-El-KattaniCTO-Cybersecurity-2010-Mohamed-El-Kattani
CTO-Cybersecurity-2010-Mohamed-El-Kattani
 
CTO-CRC-Africa-2010-Report
CTO-CRC-Africa-2010-ReportCTO-CRC-Africa-2010-Report
CTO-CRC-Africa-2010-Report
 
CTO-CyberSecurityForum-2010-Brisson-Boren
CTO-CyberSecurityForum-2010-Brisson-BorenCTO-CyberSecurityForum-2010-Brisson-Boren
CTO-CyberSecurityForum-2010-Brisson-Boren
 
CTO-CyberSecurityForum-2010-Anthony dyhouse
CTO-CyberSecurityForum-2010-Anthony dyhouseCTO-CyberSecurityForum-2010-Anthony dyhouse
CTO-CyberSecurityForum-2010-Anthony dyhouse
 
CTO-CyberSecurityForum-2010-Charles Ward
CTO-CyberSecurityForum-2010-Charles WardCTO-CyberSecurityForum-2010-Charles Ward
CTO-CyberSecurityForum-2010-Charles Ward
 
CTO-CyberSecurityForum-2010-Anders Johanson
CTO-CyberSecurityForum-2010-Anders JohansonCTO-CyberSecurityForum-2010-Anders Johanson
CTO-CyberSecurityForum-2010-Anders Johanson
 
CTO-CyberSecurityForum-2010-Philip Victor
CTO-CyberSecurityForum-2010-Philip VictorCTO-CyberSecurityForum-2010-Philip Victor
CTO-CyberSecurityForum-2010-Philip Victor
 
CTO-CybersecurityForum-2010-Des Ward
CTO-CybersecurityForum-2010-Des WardCTO-CybersecurityForum-2010-Des Ward
CTO-CybersecurityForum-2010-Des Ward
 
CTO-CybersecurityForum-2010-Richard Simpson
CTO-CybersecurityForum-2010-Richard SimpsonCTO-CybersecurityForum-2010-Richard Simpson
CTO-CybersecurityForum-2010-Richard Simpson
 
CTO-CybersecurityForum-2010-Daisy francis
CTO-CybersecurityForum-2010-Daisy francisCTO-CybersecurityForum-2010-Daisy francis
CTO-CybersecurityForum-2010-Daisy francis
 
CTO-CybersecurityForum-2010-Patricia Asognwe
CTO-CybersecurityForum-2010-Patricia AsognweCTO-CybersecurityForum-2010-Patricia Asognwe
CTO-CybersecurityForum-2010-Patricia Asognwe
 
CTO-CybersecurityForum-2010-Jayantha Fernando
CTO-CybersecurityForum-2010-Jayantha FernandoCTO-CybersecurityForum-2010-Jayantha Fernando
CTO-CybersecurityForum-2010-Jayantha Fernando
 
CTO-CybersecurityForum-2010-John Crain
CTO-CybersecurityForum-2010-John CrainCTO-CybersecurityForum-2010-John Crain
CTO-CybersecurityForum-2010-John Crain
 
CTO-CybersecurityForum-2010-Michael Katundu
CTO-CybersecurityForum-2010-Michael KatunduCTO-CybersecurityForum-2010-Michael Katundu
CTO-CybersecurityForum-2010-Michael Katundu
 
CTO-CybersecurityForum-2010-Joe Torres
CTO-CybersecurityForum-2010-Joe TorresCTO-CybersecurityForum-2010-Joe Torres
CTO-CybersecurityForum-2010-Joe Torres
 
CTO-CybersecurityForum-2010-Will Gardner
CTO-CybersecurityForum-2010-Will GardnerCTO-CybersecurityForum-2010-Will Gardner
CTO-CybersecurityForum-2010-Will Gardner
 
CTO-CybersecurityForum-2010-Trilok-Debeesing
CTO-CybersecurityForum-2010-Trilok-DebeesingCTO-CybersecurityForum-2010-Trilok-Debeesing
CTO-CybersecurityForum-2010-Trilok-Debeesing
 
CTO-CybersecurityForum-2010-RonWilliams
CTO-CybersecurityForum-2010-RonWilliamsCTO-CybersecurityForum-2010-RonWilliams
CTO-CybersecurityForum-2010-RonWilliams
 
CTO-Cybersecurity-Forum2010-Thomas-Machdonogh
CTO-Cybersecurity-Forum2010-Thomas-MachdonoghCTO-Cybersecurity-Forum2010-Thomas-Machdonogh
CTO-Cybersecurity-Forum2010-Thomas-Machdonogh
 
CyberSecurity-Forum-2010-Mario Hoffmann
CyberSecurity-Forum-2010-Mario HoffmannCyberSecurity-Forum-2010-Mario Hoffmann
CyberSecurity-Forum-2010-Mario Hoffmann
 

Kürzlich hochgeladen

2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch TuesdayIvanti
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsRavi Sanghani
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
Generative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxGenerative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxfnnc6jmgwh
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentPim van der Noll
 
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...Jeffrey Haguewood
 
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...itnewsafrica
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesManik S Magar
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Alkin Tezuysal
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfIngrid Airi González
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Mark Goldstein
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024TopCSSGallery
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkPixlogix Infotech
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityIES VE
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
Landscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfLandscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfAarwolf Industries LLC
 
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Mark Simos
 

Kürzlich hochgeladen (20)

2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and Insights
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
Generative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxGenerative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptx
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
 
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
 
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdf
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App Framework
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a reality
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
Landscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfLandscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdf
 
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
 

DDoS Attacks Explained: Causes, Defenses and Solutions

  • 1. DDoS  the  problem?   john.crain@icann.org  
  • 2. What  is  DDoS?   •  “Distributed  Denial  of  Service  A>ack”   –  Uses  mulBple  hosts  on  the  Internet  to  focus  traffic   against  one  or    more  targets.   –  MulBple  can  mean  100’s  of  machine  but  could   also  mean  millions   –  Generates  more  traffic  than  the  target  can  handle,   hence  denying  service  to  legiBmate  traffic  
  • 4. Just  a  small  sample  of  targets   •  2002  Root  Servers  a>acked   •  ……   •  2006  CafePress   •  2007  Estonia   •  2008  Scientology   •  2009  Twi>er   •  2010  Austalia’s  Parliament  House   •  2011  …..  ?  ?  ?  
  • 5. BotNets  are  a  big  Problem   •  You  can  not  talk  about  DDoS  without   menBoning  the  hijacked  machines  that  are   used  in  the  a>acks!   •  Viruses/Worms  etc.  are  used  to  enable  control   of  poorly  secured  machines.     •  Can  be  spread  in  numerous  ways.  
  • 6. How  big  is  the  BotNet  Problem?   •  We  don’t  really  know     –  Seriously!  That  is  a  sign  of  how  bad  it  is..   •  One  BotNet  is  Conficker:   –  We  can  measure  +/-­‐  6  million  unique  IP  addresses   showing  conficker  infecBons  globally….     –  However  that  does  not  count  individual  infecBons   behind  firewalls..  The  Chinese  say  that  they  see  18   million  conficker  infecBons  every  month!   Source:  h>p://www.confickerworkinggroup.org/  and  h>p://www.china.org.cn/government/whitepaper/node_7093508.htm  
  • 7. Can  you  defend  against  this?   •  You  can  provision  to  deal  with  low  level   a>acks.  (bandwitdth,  system  resources)   •  You  can  have  processes  in  place  to  push  back   on  a>acks.  (Filtering  at  upstreams)   •  This  is  an  arms  raise,  one  where  we  pay  for   our  resources  but  the  “bad  guys”  don’t    
  • 8. •  Infected  machines  are  not  just  used  for  DDoS,     -­‐  Also  used  to  collect,  store  and  move  data.   -­‐  (Including  peoples  IdenBBes,  money  and  other   sensiBve  data)   •  If  someone  owns  your  machine  they  can  do   anything  with  it  that  you  can  do  including   some  things  you  would  never  think  of  doing  
  • 9.          “fight  the  disease  not  the  symptoms”   •  We  cannot  remove  the  threat  of  DDoS  unless   we  tackle  the  issues  that  allow  for  BotNets.   •  If  we  are  seeing  millions  of  machines  infected   then  clearly  the  way  we  are  currently  doing   things  is  not  working      
  • 10.        User  awareness  and  computer  hygiene  needs   to  be  drasBcally  improved.  That  means  more   educaBon  and  be>er  user  tools.    We  must  find  ways  to  make  cybercrime  less   rewarding  and    much  higher  risk.            This  is  no  different  to  real  world  crime  problems!  
  • 11. Thank  You   John  Crain   Senior  Director,     Security  Stability  and  Resiliency   ICANN   john.crain@icann.org