NB
Uploaded byNitin Bisht
PPT, PDF16,211 views

DDoS Attack PPT by Nitin Bisht

This document discusses distributed denial of service (DDoS) attacks. It begins by defining a DDoS attack as an attempt to make an online service unavailable by overwhelming it with traffic from multiple sources. It then explains how DDoS attacks work by exploiting vulnerable systems to create large networks of compromised devices that can be directed by an attacker to target a specific system or server. Finally, it discusses different types of DDoS attacks including volumetric attacks, protocol attacks, and application layer attacks and some famous DDoS incidents like attacks on the Church of Scientology and various websites.

Engineering
In this document
Powered by AI

Introduction to Distributed Denial of Service (DDoS) attacks and their importance.

Definition and impacts of DDoS attacks, with an average attack size of 50 gbps targeting various industries.

Comparison between DDoS and DoS attacks, highlighting the difference in attack sources.

Explanation of how DDoS attacks work through botnets and the role of a botmaster.

Common motives behind DDoS attacks including expression of anger and distractions.

Overview of three types of DDoS attacks: Network/Volume based, Protocol, and Application.

Details of network or volume-centric attacks, including UDP and ICMP floods.

Mechanisms of UDP floods and ICMP floods in DDoS attacks.

Description of application-layer attacks and their impact on web communication.

Insights into protocol attacks targeting connection state tables and the 'ping of death' attack.

The growing threat of DDoS attacks, statistics showing a 180% rise in attacks in 2016.

Famous DDoS attacks including those on the Scientologist Church and Hong Kong's democracy movement.

Identifying symptoms of DDoS attacks including slow network and unavailability of websites.

Techniques for mitigating DDoS attacks, focusing on network protection and identification of traffic.

Common myths regarding DDoS attack protection and the truths surrounding small businesses and ISPs.

Closing remarks and thanks for the audience.

Downloaded 829 times
Distributed Denial of Service Attacks NITIN BISHT 140231 CSE lll 1
o Introduction to DDoS o How it Works o Aim of DDoS Attack o Types of DDoS o DDoS Symptoms o DDoS Mitigation o Famous DDoS Attacks Table of Content 2
 A Distributed Denial of Service (DDoS) attack is an attempt to make an online service unavailable by overwhelming it with traffic from multiple sources.  In the United States, the people that take part in DDoS attacks are charged with legal offenses at the federal level, both criminally and civilly. Introduction 3
 The average DDoS attack is about 50 gbps.  DDoS Duration :- not defined  Targets :- Gaming industries , banks , news websites Introduction 4
 In a DoS attack, a hacker uses a single Internet connection to either exploit a software vulnerability or flood a target with fake requests—usually in an attempt to exhaust server resources .  On the other hand, distributed denial of service (DDoS) attacks are launched from multiple connected devices that are distributed across the Internet. DDoS VS DoS 5
 In a typical DDoS attack, the hacker begins by exploiting a computer system and making it the DDoS master.  The attack master system identifies other vulnerable systems and gains control over them by either infecting the systems with malware or through bypassing the authentication controls . How DDoS attack works 6
 The attacker creates a command-and- control server to command the network of bots, also called a botnet.  The person in control of a botnet is sometimes referred to as the botmaster.  Their main aim is to prevent legitimate users from accessing a system or site. How DDoS attack works 7
DDoS attack 8
DDoS Attack Report 9
Common reason for DDoS attacks are: 1.Expression of anger and criticism. 2.Training ground for other attacks. 3.Distraction from other malicious actions. 4.Anticompetitive business practices. 5.Means to extract money. 6.To disrupt operation of private or government enterprise. AIM OF A DDoS ATTACK 10
There are broadly 3 types of DDoS attacks :- Network or Volume centric attack – 64% Protocol attacks – 20% Ap Application layer attack - 16% Types of DDoS attacks 11
 These attacks use bots and botnets to flood the network layers with a substantial amount of seemingly legitimate traffic.  This consumes an excessive amount of bandwidth within or outside of the network and causes network operations to become extremely slow or to not work at all. Network or Volume Centric 12
 These kinds of attacks are more difficult to mitigate than attacks from a single source  Volumetric attacks come in a variety of forms, including: • User Datagram Protocol (UDP) Floods • ICMP floods ( Internet Control Message Protocol) Network or Volume Centric 13
 Random ports on a server are flooded with UDP packets, causing the server to repeatedly check for and respond to non-existent applications at the ports.  As a result, the system is unable to respond to legitimate applications. UDP Floods 14
 A server is flooded with ICMP echo requests from multiple spoofed IP addresses.  As the targeted server processes and replies to these phony requests, it is eventually overloaded and unable to process valid ICMP echo requests. ICMP Floods 15
 The goal of an application layer attack is to exhaust resources by consuming too much.  They target the layer that manages HTTP and SMTP communication.  They target web application packets in order to disrupt the transmission of data between hosts.  They attack on apache ,windows web servor , as they are more vulnerable. Application – layer attack 16
 These type of attacks are more sophisticated and are gaining in popularity than other types of DDoS attacks.  For example:- an HTTP Flood – the most common application-layer attack – uses botnets to force a target to expend an excessive amount of resources when responding to a HTTP request Application – layer attack 17
 HTTP floods and other application-layer DDoS attacks mimic human-user behavior making them much more difficult to detect than other types of attacks.  Web based email apps, WordPress, Joomla, and forum software are good examples of application specific targets. Application – layer attack 18
 Protocol attacks target the connection state tables in firewalls, web application servers, and other infrastructure components.  One of the most common state-exhaustion attacks was the ping of death, in which a 65,536-byte ping packet is defragmented and sent to a target server as fast as possible. Protocol attack 19
 Once the target reassembles the large packet, a buffer overload typically occurs.  In the likely scenario that the target attempts to respond to the pings, even more bandwidth is consumed, eventually causing the targeted system to crash. Protocol attack 20
DDoS Attack 21
• DDoS attacks are the single largest threat to our Internet and the Internet of Things. • The more our world becomes connected and dependent on the Internet, the more opportunities to get exploited by these types of attack. DDoS Attack 22
 There was a 180% percent increase in the total number of DDoS attacks in 2016 compared to 2015.  The online gaming sector is currently the most susceptible to attack, accounting for 50% of all DDoS attacks.  Software and technology companies -25%  Internet and telecoms companies - 5% of the total attack. FACTS 23
 3 Most Famous DDoS Attacks I. Scientologist Church Gets Hit Hard By Anonymous! II. Hong Kong’s Democracy Movement Attack III.The New Year Attack ! IV.DDoS in India Famous Attack 24
• This attack took place on January 8, 2008 . • It was attacked by hacker group Anonymous. • The DDoS attack was meant to be a protest against the Church of Scientology’s philosophies and practices. • The program was able to shut down the Scientologist church website momentarily. • The program that was deployed was used to fight for Wikileaks. Scientologist Church 25
• It started in June 2014, in Hong Kong to bring destruction to the Chinese government . This movement is called Occupy Central. • Occupy Central used this DDoS attack against the Chinese government because they wanted a one man one vote system when electing officials to represent political office. • This all led Occupy Central to push their DDoS attack forward and brought down a major political website. Hong Kong’s Democracy Attack 26
• It took place on December 31,2015. • New World Hacking took responsibly for this huge DDoS attack. • They were capable of disrupting BBC’s global website, along with Donald Trumps website as well. • The tool that was used to deploy these attacks is called BangStresser. The New Year Attack 27
• It took place on November ,2016. • It was one of the biggest attack ever done on an ISP. • The attack was of a huge magnitude of 200 gigabytes per second. • This is the reason behind the recent slowing down of the internet experienced by users around Mumbai. • An FIR was filed against the DDoS attack with the Mumbai police. The DDoS Attack in India 28
The United States Computer Emergency Readiness Team(US-CERT) has identified symptoms of a denial-of-service attack to include: unusually slow network performance unavailability of a particular web site inability to access any web site dramatic increase in the number of spam emails received (this type of DoS attack is considered an e-mail bomb). SYMPTOMS 29
DDoS Mitigation 30
 DDoS mitigation is a set of techniques or tools for resisting the impact of DDoS attacks on networks attached to the Internet by protecting the target and relay networks.  DDoS mitigation also requires identifying incoming traffic to separate human traffic from human-like bots and hijacked web browsers.  The process is done by comparing signatures and examining different attributes of the traffic, including IP addresses, cookie variations, HTTP headers, and JavaScript footprints. DDoS Mitigation 31
DDoS Mitigation 32
 Best practices for DDoS mitigation include having both anti-DDoS technology and anti- DDoS emergency response services such as Incapsula, Akamai, CloudFlare or Radware.  DDoS mitigation is also available through cloud- based providers.  User must install anti-virus.  User must install firewall. DDoS Mitigation 33
 Myths: Enterprises believe they are fully protected with only cloud based DDoS mitigation.  Facts: Cloud based DDoS mitigation only protects against large, volumetric attacks, and fails to provide adequate protection against low and slow application layer attacks DDoS Myths 34
 Myths: We will not become a target. Our business is too small.  Facts: DDoS attacks do not discriminate. Any organization, big or small, is in danger or experiencing the risks associated with a DDoS attack. DDoS Myths 35
 Myths: My Internet Service Provider (ISP) is protecting me from DDoS attacks.  Facts: ISP’s lack the ability to detect, analyze and mitigate DDoS attacks and other cyber threats DDoS Myths 36
THANK YOU ! 37

More Related Content

PPTX
Denial of Service Attacks (DoS/DDoS)
byGaurav Sharma
 
PPTX
DoS or DDoS attack
bystollen_fusion
 
PPTX
Denial of service
bygarishma bhatia
 
PPT
DDoS Attacks
byJignesh Patel
 
PPTX
Dos attack
byManjushree Mashal
 
PPTX
DDoS ATTACKS
byAnil Antony
 
PPTX
Basics of Denial of Service Attacks
byHansa Nidushan
 
PPTX
DDoS - Distributed Denial of Service
byEr. Shiva K. Shrestha
 
Denial of Service Attacks (DoS/DDoS)
byGaurav Sharma
 
DoS or DDoS attack
bystollen_fusion
 
Denial of service
bygarishma bhatia
 
DDoS Attacks
byJignesh Patel
 
Dos attack
byManjushree Mashal
 
DDoS ATTACKS
byAnil Antony
 
Basics of Denial of Service Attacks
byHansa Nidushan
 
DDoS - Distributed Denial of Service
byEr. Shiva K. Shrestha
 

What's hot

PPT
DDOS Attack
byAhmed Salama
 
PPTX
Cyber attack
byManjushree Mashal
 
PPTX
Cyber security
byManjushree Mashal
 
PPTX
Malware
byAnoushka Srivastava
 
PPTX
Ransomware attack
byAmna
 
PDF
Email security presentation
bySubhradeepMaji
 
PPTX
Introduction to cyber security amos
byAmos Oyoo
 
PDF
Network Security Presentation
byAllan Pratt MBA
 
PPTX
Web application attacks
byhruth
 
PPTX
Trusted systems
byahmad abdelhafeez
 
PPTX
Malware & Anti-Malware
byArpit Mittal
 
PPTX
Vulnerabilities in modern web applications
byNiyas Nazar
 
PPT
Internet Security
byMitesh Gupta
 
PPTX
Burp suite
bySOURABH DESHMUKH
 
PPTX
Cross Site Scripting ( XSS)
byAmit Tyagi
 
PPTX
Types of attacks
byVivek Gandhi
 
PPTX
Cia security model
byImran Ahmed
 
PPTX
Network security
byquest university nawabshah
 
PPTX
Virtualization in cloud computing
byMohammad Ilyas Malik
 
PPT
Intrusion detection system ppt
bySheetal Verma
 
DDOS Attack
byAhmed Salama
 
Cyber attack
byManjushree Mashal
 
Cyber security
byManjushree Mashal
 
Malware
byAnoushka Srivastava
 
Ransomware attack
byAmna
 
Email security presentation
bySubhradeepMaji
 
Introduction to cyber security amos
byAmos Oyoo
 
Network Security Presentation
byAllan Pratt MBA
 
Web application attacks
byhruth
 
Trusted systems
byahmad abdelhafeez
 
Malware & Anti-Malware
byArpit Mittal
 
Vulnerabilities in modern web applications
byNiyas Nazar
 
Internet Security
byMitesh Gupta
 
Burp suite
bySOURABH DESHMUKH
 
Cross Site Scripting ( XSS)
byAmit Tyagi
 
Types of attacks
byVivek Gandhi
 
Cia security model
byImran Ahmed
 
Network security
byquest university nawabshah
 
Virtualization in cloud computing
byMohammad Ilyas Malik
 
Intrusion detection system ppt
bySheetal Verma
 

Similar to DDoS Attack PPT by Nitin Bisht

PDF
Whitepaper on DDoS Mitigation
byGaurav Bhatia
 
PDF
A041201010
byijceronline
 
PDF
Ix3615551559
byIJERA Editor
 
PPTX
Blue Modern Futuristic Cyber Security Presentation (1).pptx
byfancybear340
 
PPTX
DDOS ATTACKS
byShaurya Gogia
 
PDF
Fortinet_FortiDDoS_Introduction
byswang2010
 
PPTX
Denial of Service (DoS) and Distributed DoS (DDoS) Attacks
bySwarup Saw
 
PDF
denialofservice.pdfdos attacck basic details with interactive design
byperfetbyedshareen
 
PPTX
ARBOR PRESENTATION - SHARING SESSION - 1.pptx
byAlfianDzulfikarKhabi
 
PDF
A10 issa d do s 5-2014
byRaleigh ISSA
 
PDF
ECE560 Denial of Service Attacks Fall2020.pdf
byTuulTriyason
 
PDF
Distributed Denial of Services (DDoS) Attacks Conceptual Intro
bySakthiSaravananShanm
 
ODP
DDoS - unstoppable menace
byAravind Anbazhagan
 
PDF
546 220-228
byidescitation
 
PDF
A vivacious approach to detect and prevent d do s attack
byeSAT Publishing House
 
PPTX
Unleash the Hammer on Denial-of-Service: Conquer DDos Attacks!
byPriyadharshiniHemaku
 
PDF
A REVIEW ON DDOS PREVENTION AND DETECTION METHODOLOGY
byijasa
 
PDF
International Journal of Computational Science and Information Technology (I...
byijcsity
 
PPTX
Session for InfoSecGirls - New age threat management vol 1
byInfoSec Girls
 
ODP
DDoS - unstoppable menace
byAravind Anbazhagan
 
Whitepaper on DDoS Mitigation
byGaurav Bhatia
 
A041201010
byijceronline
 
Ix3615551559
byIJERA Editor
 
Blue Modern Futuristic Cyber Security Presentation (1).pptx
byfancybear340
 
DDOS ATTACKS
byShaurya Gogia
 
Fortinet_FortiDDoS_Introduction
byswang2010
 
Denial of Service (DoS) and Distributed DoS (DDoS) Attacks
bySwarup Saw
 
denialofservice.pdfdos attacck basic details with interactive design
byperfetbyedshareen
 
ARBOR PRESENTATION - SHARING SESSION - 1.pptx
byAlfianDzulfikarKhabi
 
A10 issa d do s 5-2014
byRaleigh ISSA
 
ECE560 Denial of Service Attacks Fall2020.pdf
byTuulTriyason
 
Distributed Denial of Services (DDoS) Attacks Conceptual Intro
bySakthiSaravananShanm
 
DDoS - unstoppable menace
byAravind Anbazhagan
 
546 220-228
byidescitation
 
A vivacious approach to detect and prevent d do s attack
byeSAT Publishing House
 
Unleash the Hammer on Denial-of-Service: Conquer DDos Attacks!
byPriyadharshiniHemaku
 
A REVIEW ON DDOS PREVENTION AND DETECTION METHODOLOGY
byijasa
 
International Journal of Computational Science and Information Technology (I...
byijcsity
 
Session for InfoSecGirls - New age threat management vol 1
byInfoSec Girls
 
DDoS - unstoppable menace
byAravind Anbazhagan
 

Recently uploaded

PPTX
network and communication on focus ppt .
bySakshiMarakana
 
PPT
TOPIC 1& 2 Plant.ppt Introduction to Construction Safety
byericoppong35
 
PDF
20It2005securitylabmanualforthefollowingyear
byKevinjr22
 
PDF
2nd International Conference on AI, Machine Learning and Data Science (AIMDS ...
byIJDKP
 
PDF
Best Popular Sites to Buy Verified Binance Accounts Are ....pdf
byusaold smm1
 
PDF
Call For Papers-12th International Conference on Networks, Mobile Communicati...
byIJCI JOURNAL
 
PPTX
Mastering Asynchronous Communication with Queues.pptx
byAdalberto Toledo
 
PDF
USING GEN AI AGENTS WITH GAE AND VAE TO ENHANCE RESILIENCE OF US MARKETS
byrinzindorjej
 
PDF
Setting Up a React Project Using Vite – Step-by-Step Guide.pdf
byJaydeep Kale
 
PPTX
sem7 major project 123456779765433212234
byashwinsawant1403
 
PPTX
Lightning and switching over voltages ppt
byvadlaprasanna796
 
PPTX
Control system Basics, MODEL-BASED SYSTEM DESIGN, Easy understanding,
byBhagavathyP
 
PDF
Certified Cloud Security Professional (CCSP): Unit 5
byVICTOR MAESTRE RAMIREZ
 
PDF
OpenInfra Europe 2025: OVN traffic flow & Troubleshooting
byVadim Ponomarev
 
PDF
Redefining the Sky with AI-Powered Autonomous Drones
byRiku Nagano
 
PDF
Bharat Heavy electrical Limited Welding procedure code
bynanupatruniravisanka
 
PPTX
Class 2 of Module 2 - Strings in Python Syllabus, VIT
byVijayanthVijay
 
PDF
High performance liquid chromatography.pdf
byatharvjpk21
 
PPTX
Class 3 of Module 2 - Strings in Python Syllabus, VIT
byVijayanthVijay
 
PPTX
Presentation¹11111111111111111111111.pptx
byluvdarven
 
network and communication on focus ppt .
bySakshiMarakana
 
TOPIC 1& 2 Plant.ppt Introduction to Construction Safety
byericoppong35
 
20It2005securitylabmanualforthefollowingyear
byKevinjr22
 
2nd International Conference on AI, Machine Learning and Data Science (AIMDS ...
byIJDKP
 
Best Popular Sites to Buy Verified Binance Accounts Are ....pdf
byusaold smm1
 
Call For Papers-12th International Conference on Networks, Mobile Communicati...
byIJCI JOURNAL
 
Mastering Asynchronous Communication with Queues.pptx
byAdalberto Toledo
 
USING GEN AI AGENTS WITH GAE AND VAE TO ENHANCE RESILIENCE OF US MARKETS
byrinzindorjej
 
Setting Up a React Project Using Vite – Step-by-Step Guide.pdf
byJaydeep Kale
 
sem7 major project 123456779765433212234
byashwinsawant1403
 
Lightning and switching over voltages ppt
byvadlaprasanna796
 
Control system Basics, MODEL-BASED SYSTEM DESIGN, Easy understanding,
byBhagavathyP
 
Certified Cloud Security Professional (CCSP): Unit 5
byVICTOR MAESTRE RAMIREZ
 
OpenInfra Europe 2025: OVN traffic flow & Troubleshooting
byVadim Ponomarev
 
Redefining the Sky with AI-Powered Autonomous Drones
byRiku Nagano
 
Bharat Heavy electrical Limited Welding procedure code
bynanupatruniravisanka
 
Class 2 of Module 2 - Strings in Python Syllabus, VIT
byVijayanthVijay
 
High performance liquid chromatography.pdf
byatharvjpk21
 
Class 3 of Module 2 - Strings in Python Syllabus, VIT
byVijayanthVijay
 
Presentation¹11111111111111111111111.pptx
byluvdarven
 

DDoS Attack PPT by Nitin Bisht

  • 1.
    Distributed Denial of ServiceAttacks NITIN BISHT 140231 CSE lll 1
  • 2.
    o Introduction toDDoS o How it Works o Aim of DDoS Attack o Types of DDoS o DDoS Symptoms o DDoS Mitigation o Famous DDoS Attacks Table of Content 2
  • 3.
     A DistributedDenial of Service (DDoS) attack is an attempt to make an online service unavailable by overwhelming it with traffic from multiple sources.  In the United States, the people that take part in DDoS attacks are charged with legal offenses at the federal level, both criminally and civilly. Introduction 3
  • 4.
     The averageDDoS attack is about 50 gbps.  DDoS Duration :- not defined  Targets :- Gaming industries , banks , news websites Introduction 4
  • 5.
     In aDoS attack, a hacker uses a single Internet connection to either exploit a software vulnerability or flood a target with fake requests—usually in an attempt to exhaust server resources .  On the other hand, distributed denial of service (DDoS) attacks are launched from multiple connected devices that are distributed across the Internet. DDoS VS DoS 5
  • 6.
     In atypical DDoS attack, the hacker begins by exploiting a computer system and making it the DDoS master.  The attack master system identifies other vulnerable systems and gains control over them by either infecting the systems with malware or through bypassing the authentication controls . How DDoS attack works 6
  • 7.
     The attackercreates a command-and- control server to command the network of bots, also called a botnet.  The person in control of a botnet is sometimes referred to as the botmaster.  Their main aim is to prevent legitimate users from accessing a system or site. How DDoS attack works 7
  • 8.
  • 9.
  • 10.
    Common reason forDDoS attacks are: 1.Expression of anger and criticism. 2.Training ground for other attacks. 3.Distraction from other malicious actions. 4.Anticompetitive business practices. 5.Means to extract money. 6.To disrupt operation of private or government enterprise. AIM OF A DDoS ATTACK 10
  • 11.
    There are broadly3 types of DDoS attacks :- Network or Volume centric attack – 64% Protocol attacks – 20% Ap Application layer attack - 16% Types of DDoS attacks 11
  • 12.
     These attacksuse bots and botnets to flood the network layers with a substantial amount of seemingly legitimate traffic.  This consumes an excessive amount of bandwidth within or outside of the network and causes network operations to become extremely slow or to not work at all. Network or Volume Centric 12
  • 13.
     These kindsof attacks are more difficult to mitigate than attacks from a single source  Volumetric attacks come in a variety of forms, including: • User Datagram Protocol (UDP) Floods • ICMP floods ( Internet Control Message Protocol) Network or Volume Centric 13
  • 14.
     Random portson a server are flooded with UDP packets, causing the server to repeatedly check for and respond to non-existent applications at the ports.  As a result, the system is unable to respond to legitimate applications. UDP Floods 14
  • 15.
     A serveris flooded with ICMP echo requests from multiple spoofed IP addresses.  As the targeted server processes and replies to these phony requests, it is eventually overloaded and unable to process valid ICMP echo requests. ICMP Floods 15
  • 16.
     The goalof an application layer attack is to exhaust resources by consuming too much.  They target the layer that manages HTTP and SMTP communication.  They target web application packets in order to disrupt the transmission of data between hosts.  They attack on apache ,windows web servor , as they are more vulnerable. Application – layer attack 16
  • 17.
     These typeof attacks are more sophisticated and are gaining in popularity than other types of DDoS attacks.  For example:- an HTTP Flood – the most common application-layer attack – uses botnets to force a target to expend an excessive amount of resources when responding to a HTTP request Application – layer attack 17
  • 18.
     HTTP floodsand other application-layer DDoS attacks mimic human-user behavior making them much more difficult to detect than other types of attacks.  Web based email apps, WordPress, Joomla, and forum software are good examples of application specific targets. Application – layer attack 18
  • 19.
     Protocol attackstarget the connection state tables in firewalls, web application servers, and other infrastructure components.  One of the most common state-exhaustion attacks was the ping of death, in which a 65,536-byte ping packet is defragmented and sent to a target server as fast as possible. Protocol attack 19
  • 20.
     Once thetarget reassembles the large packet, a buffer overload typically occurs.  In the likely scenario that the target attempts to respond to the pings, even more bandwidth is consumed, eventually causing the targeted system to crash. Protocol attack 20
  • 21.
  • 22.
    • DDoS attacksare the single largest threat to our Internet and the Internet of Things. • The more our world becomes connected and dependent on the Internet, the more opportunities to get exploited by these types of attack. DDoS Attack 22
  • 23.
     There wasa 180% percent increase in the total number of DDoS attacks in 2016 compared to 2015.  The online gaming sector is currently the most susceptible to attack, accounting for 50% of all DDoS attacks.  Software and technology companies -25%  Internet and telecoms companies - 5% of the total attack. FACTS 23
  • 24.
     3 MostFamous DDoS Attacks I. Scientologist Church Gets Hit Hard By Anonymous! II. Hong Kong’s Democracy Movement Attack III.The New Year Attack ! IV.DDoS in India Famous Attack 24
  • 25.
    • This attacktook place on January 8, 2008 . • It was attacked by hacker group Anonymous. • The DDoS attack was meant to be a protest against the Church of Scientology’s philosophies and practices. • The program was able to shut down the Scientologist church website momentarily. • The program that was deployed was used to fight for Wikileaks. Scientologist Church 25
  • 26.
    • It startedin June 2014, in Hong Kong to bring destruction to the Chinese government . This movement is called Occupy Central. • Occupy Central used this DDoS attack against the Chinese government because they wanted a one man one vote system when electing officials to represent political office. • This all led Occupy Central to push their DDoS attack forward and brought down a major political website. Hong Kong’s Democracy Attack 26
  • 27.
    • It tookplace on December 31,2015. • New World Hacking took responsibly for this huge DDoS attack. • They were capable of disrupting BBC’s global website, along with Donald Trumps website as well. • The tool that was used to deploy these attacks is called BangStresser. The New Year Attack 27
  • 28.
    • It tookplace on November ,2016. • It was one of the biggest attack ever done on an ISP. • The attack was of a huge magnitude of 200 gigabytes per second. • This is the reason behind the recent slowing down of the internet experienced by users around Mumbai. • An FIR was filed against the DDoS attack with the Mumbai police. The DDoS Attack in India 28
  • 29.
    The United StatesComputer Emergency Readiness Team(US-CERT) has identified symptoms of a denial-of-service attack to include: unusually slow network performance unavailability of a particular web site inability to access any web site dramatic increase in the number of spam emails received (this type of DoS attack is considered an e-mail bomb). SYMPTOMS 29
  • 30.
  • 31.
     DDoS mitigationis a set of techniques or tools for resisting the impact of DDoS attacks on networks attached to the Internet by protecting the target and relay networks.  DDoS mitigation also requires identifying incoming traffic to separate human traffic from human-like bots and hijacked web browsers.  The process is done by comparing signatures and examining different attributes of the traffic, including IP addresses, cookie variations, HTTP headers, and JavaScript footprints. DDoS Mitigation 31
  • 32.
  • 33.
     Best practicesfor DDoS mitigation include having both anti-DDoS technology and anti- DDoS emergency response services such as Incapsula, Akamai, CloudFlare or Radware.  DDoS mitigation is also available through cloud- based providers.  User must install anti-virus.  User must install firewall. DDoS Mitigation 33
  • 34.
     Myths: Enterprises believethey are fully protected with only cloud based DDoS mitigation.  Facts: Cloud based DDoS mitigation only protects against large, volumetric attacks, and fails to provide adequate protection against low and slow application layer attacks DDoS Myths 34
  • 35.
     Myths: We willnot become a target. Our business is too small.  Facts: DDoS attacks do not discriminate. Any organization, big or small, is in danger or experiencing the risks associated with a DDoS attack. DDoS Myths 35
  • 36.
     Myths: My InternetService Provider (ISP) is protecting me from DDoS attacks.  Facts: ISP’s lack the ability to detect, analyze and mitigate DDoS attacks and other cyber threats DDoS Myths 36
  • 37.