SlideShare a Scribd company logo

DDoS Attack PPT by Nitin Bisht

Download as PPT, PDF
N
Nitin Bisht

This document discusses distributed denial of service (DDoS) attacks. It begins by defining a DDoS attack as an attempt to make an online service unavailable by overwhelming it with traffic from multiple sources. It then explains how DDoS attacks work by exploiting vulnerable systems to create large networks of compromised devices that can be directed by an attacker to target a specific system or server. Finally, it discusses different types of DDoS attacks including volumetric attacks, protocol attacks, and application layer attacks and some famous DDoS incidents like attacks on the Church of Scientology and various websites.

Engineering
1 of 37
Downloaded 827 times
1
2
3
Most read
4
Most read
5
6
7
8
9
10
11
Most read
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
Distributed Denial of Service Attacks NITIN BISHT 140231 CSE lll 1
o Introduction to DDoS o How it Works o Aim of DDoS Attack o Types of DDoS o DDoS Symptoms o DDoS Mitigation o Famous DDoS Attacks Table of Content 2
 A Distributed Denial of Service (DDoS) attack is an attempt to make an online service unavailable by overwhelming it with traffic from multiple sources.  In the United States, the people that take part in DDoS attacks are charged with legal offenses at the federal level, both criminally and civilly. Introduction 3
 The average DDoS attack is about 50 gbps.  DDoS Duration :- not defined  Targets :- Gaming industries , banks , news websites Introduction 4
 In a DoS attack, a hacker uses a single Internet connection to either exploit a software vulnerability or flood a target with fake requests—usually in an attempt to exhaust server resources .  On the other hand, distributed denial of service (DDoS) attacks are launched from multiple connected devices that are distributed across the Internet. DDoS VS DoS 5
 In a typical DDoS attack, the hacker begins by exploiting a computer system and making it the DDoS master.  The attack master system identifies other vulnerable systems and gains control over them by either infecting the systems with malware or through bypassing the authentication controls . How DDoS attack works 6
 The attacker creates a command-and- control server to command the network of bots, also called a botnet.  The person in control of a botnet is sometimes referred to as the botmaster.  Their main aim is to prevent legitimate users from accessing a system or site. How DDoS attack works 7
DDoS attack 8
DDoS Attack Report 9
Common reason for DDoS attacks are: 1.Expression of anger and criticism. 2.Training ground for other attacks. 3.Distraction from other malicious actions. 4.Anticompetitive business practices. 5.Means to extract money. 6.To disrupt operation of private or government enterprise. AIM OF A DDoS ATTACK 10
There are broadly 3 types of DDoS attacks :- Network or Volume centric attack – 64% Protocol attacks – 20% Ap Application layer attack - 16% Types of DDoS attacks 11
 These attacks use bots and botnets to flood the network layers with a substantial amount of seemingly legitimate traffic.  This consumes an excessive amount of bandwidth within or outside of the network and causes network operations to become extremely slow or to not work at all. Network or Volume Centric 12
 These kinds of attacks are more difficult to mitigate than attacks from a single source  Volumetric attacks come in a variety of forms, including: • User Datagram Protocol (UDP) Floods • ICMP floods ( Internet Control Message Protocol) Network or Volume Centric 13
 Random ports on a server are flooded with UDP packets, causing the server to repeatedly check for and respond to non-existent applications at the ports.  As a result, the system is unable to respond to legitimate applications. UDP Floods 14
 A server is flooded with ICMP echo requests from multiple spoofed IP addresses.  As the targeted server processes and replies to these phony requests, it is eventually overloaded and unable to process valid ICMP echo requests. ICMP Floods 15
 The goal of an application layer attack is to exhaust resources by consuming too much.  They target the layer that manages HTTP and SMTP communication.  They target web application packets in order to disrupt the transmission of data between hosts.  They attack on apache ,windows web servor , as they are more vulnerable. Application – layer attack 16
 These type of attacks are more sophisticated and are gaining in popularity than other types of DDoS attacks.  For example:- an HTTP Flood – the most common application-layer attack – uses botnets to force a target to expend an excessive amount of resources when responding to a HTTP request Application – layer attack 17
 HTTP floods and other application-layer DDoS attacks mimic human-user behavior making them much more difficult to detect than other types of attacks.  Web based email apps, WordPress, Joomla, and forum software are good examples of application specific targets. Application – layer attack 18
 Protocol attacks target the connection state tables in firewalls, web application servers, and other infrastructure components.  One of the most common state-exhaustion attacks was the ping of death, in which a 65,536-byte ping packet is defragmented and sent to a target server as fast as possible. Protocol attack 19
 Once the target reassembles the large packet, a buffer overload typically occurs.  In the likely scenario that the target attempts to respond to the pings, even more bandwidth is consumed, eventually causing the targeted system to crash. Protocol attack 20
DDoS Attack 21
• DDoS attacks are the single largest threat to our Internet and the Internet of Things. • The more our world becomes connected and dependent on the Internet, the more opportunities to get exploited by these types of attack. DDoS Attack 22
 There was a 180% percent increase in the total number of DDoS attacks in 2016 compared to 2015.  The online gaming sector is currently the most susceptible to attack, accounting for 50% of all DDoS attacks.  Software and technology companies -25%  Internet and telecoms companies - 5% of the total attack. FACTS 23
 3 Most Famous DDoS Attacks I. Scientologist Church Gets Hit Hard By Anonymous! II. Hong Kong’s Democracy Movement Attack III.The New Year Attack ! IV.DDoS in India Famous Attack 24
• This attack took place on January 8, 2008 . • It was attacked by hacker group Anonymous. • The DDoS attack was meant to be a protest against the Church of Scientology’s philosophies and practices. • The program was able to shut down the Scientologist church website momentarily. • The program that was deployed was used to fight for Wikileaks. Scientologist Church 25
• It started in June 2014, in Hong Kong to bring destruction to the Chinese government . This movement is called Occupy Central. • Occupy Central used this DDoS attack against the Chinese government because they wanted a one man one vote system when electing officials to represent political office. • This all led Occupy Central to push their DDoS attack forward and brought down a major political website. Hong Kong’s Democracy Attack 26
• It took place on December 31,2015. • New World Hacking took responsibly for this huge DDoS attack. • They were capable of disrupting BBC’s global website, along with Donald Trumps website as well. • The tool that was used to deploy these attacks is called BangStresser. The New Year Attack 27
• It took place on November ,2016. • It was one of the biggest attack ever done on an ISP. • The attack was of a huge magnitude of 200 gigabytes per second. • This is the reason behind the recent slowing down of the internet experienced by users around Mumbai. • An FIR was filed against the DDoS attack with the Mumbai police. The DDoS Attack in India 28
The United States Computer Emergency Readiness Team(US-CERT) has identified symptoms of a denial-of-service attack to include: unusually slow network performance unavailability of a particular web site inability to access any web site dramatic increase in the number of spam emails received (this type of DoS attack is considered an e-mail bomb). SYMPTOMS 29
DDoS Mitigation 30
 DDoS mitigation is a set of techniques or tools for resisting the impact of DDoS attacks on networks attached to the Internet by protecting the target and relay networks.  DDoS mitigation also requires identifying incoming traffic to separate human traffic from human-like bots and hijacked web browsers.  The process is done by comparing signatures and examining different attributes of the traffic, including IP addresses, cookie variations, HTTP headers, and JavaScript footprints. DDoS Mitigation 31
DDoS Mitigation 32
 Best practices for DDoS mitigation include having both anti-DDoS technology and anti- DDoS emergency response services such as Incapsula, Akamai, CloudFlare or Radware.  DDoS mitigation is also available through cloud- based providers.  User must install anti-virus.  User must install firewall. DDoS Mitigation 33
 Myths: Enterprises believe they are fully protected with only cloud based DDoS mitigation.  Facts: Cloud based DDoS mitigation only protects against large, volumetric attacks, and fails to provide adequate protection against low and slow application layer attacks DDoS Myths 34
 Myths: We will not become a target. Our business is too small.  Facts: DDoS attacks do not discriminate. Any organization, big or small, is in danger or experiencing the risks associated with a DDoS attack. DDoS Myths 35
 Myths: My Internet Service Provider (ISP) is protecting me from DDoS attacks.  Facts: ISP’s lack the ability to detect, analyze and mitigate DDoS attacks and other cyber threats DDoS Myths 36
THANK YOU ! 37

More Related Content

PPTX
Basics of Denial of Service Attacks
Hansa Nidushan
 
PPTX
Dos attack
Manjushree Mashal
 
PPTX
DDoS - Distributed Denial of Service
Er. Shiva K. Shrestha
 
PPT
DDoS Attacks
Jignesh Patel
 
PPTX
DDoS ATTACKS
Anil Antony
 
PPTX
DoS or DDoS attack
stollen_fusion
 
PPTX
Denial of service
garishma bhatia
 
PPTX
Sustainable development
Kuldeep Mishra
 
Basics of Denial of Service Attacks
Hansa Nidushan
 
Dos attack
Manjushree Mashal
 
DDoS - Distributed Denial of Service
Er. Shiva K. Shrestha
 
DDoS Attacks
Jignesh Patel
 
DDoS ATTACKS
Anil Antony
 
DoS or DDoS attack
stollen_fusion
 
Denial of service
garishma bhatia
 
Sustainable development
Kuldeep Mishra
 

What's hot (20)

PPTX
Types of cyber attacks
krishh sivakrishna
 
PPTX
Types of attacks
Vivek Gandhi
 
PPTX
Network attacks
Manjushree Mashal
 
PPTX
Denial of Service Attack
Dhrumil Panchal
 
PPTX
Web application attacks
hruth
 
PPT
Network security cryptography ppt
Thushara92
 
PPT
Wireless security presentation
Muhammad Zia
 
PPTX
An introduction to denial of service attacks
Rollingsherman
 
PPT
Security Attacks.ppt
Zaheer720515
 
PPTX
Cyber attack
Manjushree Mashal
 
PDF
Authentication techniques
IGZ Software house
 
PDF
VULNERABILITY ( CYBER SECURITY )
Kashyap Mandaliya
 
PPTX
IP Spoofing
Akmal Hussain
 
PPTX
Intrusion detection and prevention system
Nikhil Raj
 
PPTX
Malware- Types, Detection and Future
karanwayne
 
PPTX
Denial of service attack
Ahmed Ghazey
 
PPTX
Cyber security
Manjushree Mashal
 
PPTX
Network security (vulnerabilities, threats, and attacks)
Fabiha Shahzad
 
PPTX
Denial of Service Attacks (DoS/DDoS)
Gaurav Sharma
 
PDF
12 types of DDoS attacks
Haltdos
 
Types of cyber attacks
krishh sivakrishna
 
Types of attacks
Vivek Gandhi
 
Network attacks
Manjushree Mashal
 
Denial of Service Attack
Dhrumil Panchal
 
Web application attacks
hruth
 
Network security cryptography ppt
Thushara92
 
Wireless security presentation
Muhammad Zia
 
An introduction to denial of service attacks
Rollingsherman
 
Security Attacks.ppt
Zaheer720515
 
Cyber attack
Manjushree Mashal
 
Authentication techniques
IGZ Software house
 
VULNERABILITY ( CYBER SECURITY )
Kashyap Mandaliya
 
IP Spoofing
Akmal Hussain
 
Intrusion detection and prevention system
Nikhil Raj
 
Malware- Types, Detection and Future
karanwayne
 
Denial of service attack
Ahmed Ghazey
 
Cyber security
Manjushree Mashal
 
Network security (vulnerabilities, threats, and attacks)
Fabiha Shahzad
 
Denial of Service Attacks (DoS/DDoS)
Gaurav Sharma
 
12 types of DDoS attacks
Haltdos
 
Ad

Similar to DDoS Attack PPT by Nitin Bisht (20)

PDF
Whitepaper on DDoS Mitigation
Gaurav Bhatia
 
PPTX
Blue Modern Futuristic Cyber Security Presentation (1).pptx
fancybear340
 
PDF
Computer Security Cyber Security DOS_DDOS Attacks By: Professor Lili Saghafi
Professor Lili Saghafi
 
PDF
Module 8 (denial of service)
Wail Hassan
 
PDF
A041201010
ijceronline
 
PDF
Distributed Denial Of Service ( Ddos )
Sharon Lee
 
PPTX
Denial of Service (DoS) and Distributed DoS (DDoS) Attacks
Swarup Saw
 
PDF
Ix3615551559
IJERA Editor
 
PDF
An Ultimate Guide to DDos Attacks: Detection, Prevention and Mitigation
TechApprise
 
PDF
The Art of Cyber War [From Black Hat Brazil 2014]
Radware
 
PPTX
UNDERSTANDING DDOS ATTACKS : HOW THEY CAN CRIPPLE YOUR WEBSITE
Haltdos
 
PDF
L1803046876
IOSR Journals
 
PPTX
Dos n d dos
sadhana21297
 
PDF
Cyber security Dos and DDos attack by G VAISHNAVI.pdf
vaishnavig1212006
 
PDF
A SYNCHRONIZED DISTRIBUTED DENIAL OF SERVICE PREVENTION SYSTEM
cscpconf
 
PDF
CYBER SECURITY PRESENTATION BY G VAISHNAVI.pdf
vaishnavig1212006
 
PDF
A SURVEY OF TRENDS IN MASSIVE DDOS ATTACKS AND CLOUD-BASED MITIGATIONS
IJNSA Journal
 
PDF
A survey of trends in massive ddos attacks and cloud based mitigations
IJNSA Journal
 
PDF
A survey of trends in massive ddos attacks and cloud based mitigations
IJNSA Journal
 
PDF
2016 payment threats trends report
Ian Beckett
 
Whitepaper on DDoS Mitigation
Gaurav Bhatia
 
Blue Modern Futuristic Cyber Security Presentation (1).pptx
fancybear340
 
Computer Security Cyber Security DOS_DDOS Attacks By: Professor Lili Saghafi
Professor Lili Saghafi
 
Module 8 (denial of service)
Wail Hassan
 
A041201010
ijceronline
 
Distributed Denial Of Service ( Ddos )
Sharon Lee
 
Denial of Service (DoS) and Distributed DoS (DDoS) Attacks
Swarup Saw
 
Ix3615551559
IJERA Editor
 
An Ultimate Guide to DDos Attacks: Detection, Prevention and Mitigation
TechApprise
 
The Art of Cyber War [From Black Hat Brazil 2014]
Radware
 
UNDERSTANDING DDOS ATTACKS : HOW THEY CAN CRIPPLE YOUR WEBSITE
Haltdos
 
L1803046876
IOSR Journals
 
Dos n d dos
sadhana21297
 
Cyber security Dos and DDos attack by G VAISHNAVI.pdf
vaishnavig1212006
 
A SYNCHRONIZED DISTRIBUTED DENIAL OF SERVICE PREVENTION SYSTEM
cscpconf
 
CYBER SECURITY PRESENTATION BY G VAISHNAVI.pdf
vaishnavig1212006
 
A SURVEY OF TRENDS IN MASSIVE DDOS ATTACKS AND CLOUD-BASED MITIGATIONS
IJNSA Journal
 
A survey of trends in massive ddos attacks and cloud based mitigations
IJNSA Journal
 
A survey of trends in massive ddos attacks and cloud based mitigations
IJNSA Journal
 
2016 payment threats trends report
Ian Beckett
 
Ad

Recently uploaded (20)

PDF
PPT on Performance Review to get promotions
prashant593122
 
PDF
PREDICTION OF DIABETES FROM ELECTRONIC HEALTH RECORDS
ijaia
 
PPT
Introduction, IoT Design Methodology, Case Study on IoT System for Weather Mo...
MariaRufina4
 
PPTX
MET 305 2019 SCHEME MODULE 2 COMPLETE.pptx
VinayB68
 
PDF
III.4.1.2_The_Space_Environment.p pdffdf
sittiporn2
 
PDF
COURSE DESCRIPTOR OF SURVEYING R24 SYLLABUS
MNANDITHACIVILSTAFF
 
PDF
Visual Aids for Exploratory Data Analysis.pdf
Ashutosh Satapathy
 
PDF
BIO-INSPIRED ARCHITECTURE FOR PARSIMONIOUS CONVERSATIONAL INTELLIGENCE : THE ...
ijaia
 
PPTX
Information Storage and Retrieval Techniques Unit III
jeyamohan2519
 
PPT
introduction to datamining and warehousing
ssuser4ab3a2
 
PDF
Analyzing Impact of Pakistan Economic Corridor on Import and Export in Pakist...
IJAEMSJORNAL
 
PPTX
Nature of X-rays, X- Ray Equipment, Fluoroscopy
DJERALDINAUXILLIAECE
 
PDF
Unit I ESSENTIAL OF DIGITAL MARKETING.pdf
Nitin Shelake
 
PDF
A SYSTEMATIC REVIEW OF APPLICATIONS IN FRAUD DETECTION
IJNSA Journal
 
PPTX
Current and future trends in Computer Vision.pptx
Subramanyam Natarajan
 
PPTX
Safety Seminar civil to be ensured for safe working.
DILJEETKUMAR8
 
PPT
A5_DistSysCh1.ppt_INTRODUCTION TO DISTRIBUTED SYSTEMS
rameshwarchintamani
 
PDF
Abrasive, erosive and cavitation wear.pdf
nfandraden
 
PPTX
Fundamentals of Mechanical Engineering.pptx
MdMowdudAhmed
 
PPTX
UNIT - 3 Total quality Management .pptx
gokuld13012005
 
PPT on Performance Review to get promotions
prashant593122
 
PREDICTION OF DIABETES FROM ELECTRONIC HEALTH RECORDS
ijaia
 
Introduction, IoT Design Methodology, Case Study on IoT System for Weather Mo...
MariaRufina4
 
MET 305 2019 SCHEME MODULE 2 COMPLETE.pptx
VinayB68
 
III.4.1.2_The_Space_Environment.p pdffdf
sittiporn2
 
COURSE DESCRIPTOR OF SURVEYING R24 SYLLABUS
MNANDITHACIVILSTAFF
 
Visual Aids for Exploratory Data Analysis.pdf
Ashutosh Satapathy
 
BIO-INSPIRED ARCHITECTURE FOR PARSIMONIOUS CONVERSATIONAL INTELLIGENCE : THE ...
ijaia
 
Information Storage and Retrieval Techniques Unit III
jeyamohan2519
 
introduction to datamining and warehousing
ssuser4ab3a2
 
Analyzing Impact of Pakistan Economic Corridor on Import and Export in Pakist...
IJAEMSJORNAL
 
Nature of X-rays, X- Ray Equipment, Fluoroscopy
DJERALDINAUXILLIAECE
 
Unit I ESSENTIAL OF DIGITAL MARKETING.pdf
Nitin Shelake
 
A SYSTEMATIC REVIEW OF APPLICATIONS IN FRAUD DETECTION
IJNSA Journal
 
Current and future trends in Computer Vision.pptx
Subramanyam Natarajan
 
Safety Seminar civil to be ensured for safe working.
DILJEETKUMAR8
 
A5_DistSysCh1.ppt_INTRODUCTION TO DISTRIBUTED SYSTEMS
rameshwarchintamani
 
Abrasive, erosive and cavitation wear.pdf
nfandraden
 
Fundamentals of Mechanical Engineering.pptx
MdMowdudAhmed
 
UNIT - 3 Total quality Management .pptx
gokuld13012005
 

DDoS Attack PPT by Nitin Bisht

  • 1. Distributed Denial of Service Attacks NITIN BISHT 140231 CSE lll 1
  • 2. o Introduction to DDoS o How it Works o Aim of DDoS Attack o Types of DDoS o DDoS Symptoms o DDoS Mitigation o Famous DDoS Attacks Table of Content 2
  • 3.  A Distributed Denial of Service (DDoS) attack is an attempt to make an online service unavailable by overwhelming it with traffic from multiple sources.  In the United States, the people that take part in DDoS attacks are charged with legal offenses at the federal level, both criminally and civilly. Introduction 3
  • 4.  The average DDoS attack is about 50 gbps.  DDoS Duration :- not defined  Targets :- Gaming industries , banks , news websites Introduction 4
  • 5.  In a DoS attack, a hacker uses a single Internet connection to either exploit a software vulnerability or flood a target with fake requests—usually in an attempt to exhaust server resources .  On the other hand, distributed denial of service (DDoS) attacks are launched from multiple connected devices that are distributed across the Internet. DDoS VS DoS 5
  • 6.  In a typical DDoS attack, the hacker begins by exploiting a computer system and making it the DDoS master.  The attack master system identifies other vulnerable systems and gains control over them by either infecting the systems with malware or through bypassing the authentication controls . How DDoS attack works 6
  • 7.  The attacker creates a command-and- control server to command the network of bots, also called a botnet.  The person in control of a botnet is sometimes referred to as the botmaster.  Their main aim is to prevent legitimate users from accessing a system or site. How DDoS attack works 7
  • 10. Common reason for DDoS attacks are: 1.Expression of anger and criticism. 2.Training ground for other attacks. 3.Distraction from other malicious actions. 4.Anticompetitive business practices. 5.Means to extract money. 6.To disrupt operation of private or government enterprise. AIM OF A DDoS ATTACK 10
  • 11. There are broadly 3 types of DDoS attacks :- Network or Volume centric attack – 64% Protocol attacks – 20% Ap Application layer attack - 16% Types of DDoS attacks 11
  • 12.  These attacks use bots and botnets to flood the network layers with a substantial amount of seemingly legitimate traffic.  This consumes an excessive amount of bandwidth within or outside of the network and causes network operations to become extremely slow or to not work at all. Network or Volume Centric 12
  • 13.  These kinds of attacks are more difficult to mitigate than attacks from a single source  Volumetric attacks come in a variety of forms, including: • User Datagram Protocol (UDP) Floods • ICMP floods ( Internet Control Message Protocol) Network or Volume Centric 13
  • 14.  Random ports on a server are flooded with UDP packets, causing the server to repeatedly check for and respond to non-existent applications at the ports.  As a result, the system is unable to respond to legitimate applications. UDP Floods 14
  • 15.  A server is flooded with ICMP echo requests from multiple spoofed IP addresses.  As the targeted server processes and replies to these phony requests, it is eventually overloaded and unable to process valid ICMP echo requests. ICMP Floods 15
  • 16.  The goal of an application layer attack is to exhaust resources by consuming too much.  They target the layer that manages HTTP and SMTP communication.  They target web application packets in order to disrupt the transmission of data between hosts.  They attack on apache ,windows web servor , as they are more vulnerable. Application – layer attack 16
  • 17.  These type of attacks are more sophisticated and are gaining in popularity than other types of DDoS attacks.  For example:- an HTTP Flood – the most common application-layer attack – uses botnets to force a target to expend an excessive amount of resources when responding to a HTTP request Application – layer attack 17
  • 18.  HTTP floods and other application-layer DDoS attacks mimic human-user behavior making them much more difficult to detect than other types of attacks.  Web based email apps, WordPress, Joomla, and forum software are good examples of application specific targets. Application – layer attack 18
  • 19.  Protocol attacks target the connection state tables in firewalls, web application servers, and other infrastructure components.  One of the most common state-exhaustion attacks was the ping of death, in which a 65,536-byte ping packet is defragmented and sent to a target server as fast as possible. Protocol attack 19
  • 20.  Once the target reassembles the large packet, a buffer overload typically occurs.  In the likely scenario that the target attempts to respond to the pings, even more bandwidth is consumed, eventually causing the targeted system to crash. Protocol attack 20
  • 22. • DDoS attacks are the single largest threat to our Internet and the Internet of Things. • The more our world becomes connected and dependent on the Internet, the more opportunities to get exploited by these types of attack. DDoS Attack 22
  • 23.  There was a 180% percent increase in the total number of DDoS attacks in 2016 compared to 2015.  The online gaming sector is currently the most susceptible to attack, accounting for 50% of all DDoS attacks.  Software and technology companies -25%  Internet and telecoms companies - 5% of the total attack. FACTS 23
  • 24.  3 Most Famous DDoS Attacks I. Scientologist Church Gets Hit Hard By Anonymous! II. Hong Kong’s Democracy Movement Attack III.The New Year Attack ! IV.DDoS in India Famous Attack 24
  • 25. • This attack took place on January 8, 2008 . • It was attacked by hacker group Anonymous. • The DDoS attack was meant to be a protest against the Church of Scientology’s philosophies and practices. • The program was able to shut down the Scientologist church website momentarily. • The program that was deployed was used to fight for Wikileaks. Scientologist Church 25
  • 26. • It started in June 2014, in Hong Kong to bring destruction to the Chinese government . This movement is called Occupy Central. • Occupy Central used this DDoS attack against the Chinese government because they wanted a one man one vote system when electing officials to represent political office. • This all led Occupy Central to push their DDoS attack forward and brought down a major political website. Hong Kong’s Democracy Attack 26
  • 27. • It took place on December 31,2015. • New World Hacking took responsibly for this huge DDoS attack. • They were capable of disrupting BBC’s global website, along with Donald Trumps website as well. • The tool that was used to deploy these attacks is called BangStresser. The New Year Attack 27
  • 28. • It took place on November ,2016. • It was one of the biggest attack ever done on an ISP. • The attack was of a huge magnitude of 200 gigabytes per second. • This is the reason behind the recent slowing down of the internet experienced by users around Mumbai. • An FIR was filed against the DDoS attack with the Mumbai police. The DDoS Attack in India 28
  • 29. The United States Computer Emergency Readiness Team(US-CERT) has identified symptoms of a denial-of-service attack to include: unusually slow network performance unavailability of a particular web site inability to access any web site dramatic increase in the number of spam emails received (this type of DoS attack is considered an e-mail bomb). SYMPTOMS 29
  • 31.  DDoS mitigation is a set of techniques or tools for resisting the impact of DDoS attacks on networks attached to the Internet by protecting the target and relay networks.  DDoS mitigation also requires identifying incoming traffic to separate human traffic from human-like bots and hijacked web browsers.  The process is done by comparing signatures and examining different attributes of the traffic, including IP addresses, cookie variations, HTTP headers, and JavaScript footprints. DDoS Mitigation 31
  • 33.  Best practices for DDoS mitigation include having both anti-DDoS technology and anti- DDoS emergency response services such as Incapsula, Akamai, CloudFlare or Radware.  DDoS mitigation is also available through cloud- based providers.  User must install anti-virus.  User must install firewall. DDoS Mitigation 33
  • 34.  Myths: Enterprises believe they are fully protected with only cloud based DDoS mitigation.  Facts: Cloud based DDoS mitigation only protects against large, volumetric attacks, and fails to provide adequate protection against low and slow application layer attacks DDoS Myths 34
  • 35.  Myths: We will not become a target. Our business is too small.  Facts: DDoS attacks do not discriminate. Any organization, big or small, is in danger or experiencing the risks associated with a DDoS attack. DDoS Myths 35
  • 36.  Myths: My Internet Service Provider (ISP) is protecting me from DDoS attacks.  Facts: ISP’s lack the ability to detect, analyze and mitigate DDoS attacks and other cyber threats DDoS Myths 36