Countering Denial of Service Attacks
Upcoming SlideShare
Loading in...5
×
 

Countering Denial of Service Attacks

on

  • 283 views

Distributed Denial of Service (DDoS) attacks aim at sabotaging web services using malware controlled botnets

Distributed Denial of Service (DDoS) attacks aim at sabotaging web services using malware controlled botnets

Statistics

Views

Total Views
283
Views on SlideShare
282
Embed Views
1

Actions

Likes
0
Downloads
14
Comments
0

1 Embed 1

http://www.wipro.com 1

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Countering Denial of Service Attacks Countering Denial of Service Attacks Presentation Transcript

  • Countering Denial of Service Attacks Global Infrastructure Services 1 © 2014 WIPRO LTD | WWW.WIPRO.COM | CONFIDENTIAL
  • Agenda What is DDoS? DDoS Attack Types Mitigation : In Premises & Edge Level Incident Response Measures Conclusion 2 © 2014 WIPRO LTD | WWW.WIPRO.COM | CONFIDENTIAL
  • Introduction The threat posed by DDoS attacks 3 © 2014 WIPRO LTD | WWW.WIPRO.COM | CONFIDENTIAL
  • What is DDoS? Attacker Handler Handler  Distributed Denial of Service (DDoS) attacks aim at sabotaging web services using malware controlled botnets  Outages cause large scale customer defections Zombies (Compromised Machines)  Banks hit by 26 attacks in 2012. Average loss $17M  BFSI, ISPs, data centers, ecommerce sites are particularly susceptible  Attacks increasing rapidly in number, duration, bandwidth. Target Server(s) DDoS Attack Mechanism 4 © 2014 WIPRO LTD | WWW.WIPRO.COM | CONFIDENTIAL
  • DDoS Attack Types Volume Based Attacks • Floods bandwidth of target server • Units: bits per second (bps) • Examples: • TCP flood • ICMP flood • UDP flood Protocol Based Attacks • Directly occupies target server’s resources • Units: packets per second • Examples: • Ping flood • Smurf attack • SYN flood Application Layer Attacks • Server crash caused by application layer vulnerabilities • Units: requests per second • Examples: • Hash DoS attack • Teardrop attack Challenges  Rising threat: Attacks becoming stronger and more numerous  Greater variety: Different server parts targeted with combinations of several attack strategies  Mitigation Gap: Only ~20% of organizations have a strategy 5 © 2014 WIPRO LTD | WWW.WIPRO.COM | CONFIDENTIAL
  • Mitigation Strategies Prevention and Cure 6 © 2014 WIPRO LTD | WWW.WIPRO.COM | CONFIDENTIAL
  • In Premises  Uses firewalls & intrusion prevention systems  Secures a firm’s servers and applications  Protection against small scale attacks  However, bandwidth left vulnerable  Larger attacks can still clog the network 7 © 2014 WIPRO LTD | WWW.WIPRO.COM | CONFIDENTIAL
  • At Edge Level  Implemented at internet service provider (ISP) level  Protects bandwidth against malicious traffic  Continuous analysis required to ensure legitimate traffic is not affected  Should be used in conjunction with inpremises implementation 8 © 2014 WIPRO LTD | WWW.WIPRO.COM | CONFIDENTIAL
  • Incident Response  Prepare Preparation  Compile list of DDoS services at provider level  Enumerate business trends and IT risks Identification  Identify & Analyze  Detect the attack and engage with stakeholders  Identify root cause and extent of damage Mitigation  Mitigate  Contain the attack, initiate remedial measures  Post incident analysis Post incident analysis  Plug gaps in preparation, support and skills  Continuous Improvement Improvement 9  Review mitigation strategy based on the incident  Run risk simulations and augment technology © 2014 WIPRO LTD | WWW.WIPRO.COM | CONFIDENTIAL
  • Conclusion 10 © 2014 WIPRO LTD | WWW.WIPRO.COM | CONFIDENTIAL
  • Conclusion  Qualitative aspect – DDoS gains prominence  Companies are increasingly using online channels for customer engagement.  Hence, they have become sensitive to cyber threats like DDoS  Quantitative aspect – mitigation cost vs benefits  DDoS attacks are becoming more varied and their potential impact on profitability is increasing.  It makes business sense to have a robust DDoS mitigation policy and infrastructure. 11 © 2014 WIPRO LTD | WWW.WIPRO.COM | CONFIDENTIAL
  • For more details please visit the link below: http://www.wipro.com/Documents/resource-center/diffusingdenial-of-service.pdf 12 © 2014 WIPRO LTD | WWW.WIPRO.COM | CONFIDENTIAL
  • About Wipro Wipro Ltd. (NYSE:WIT) is a leading Information Technology, Consulting and Outsourcing company that delivers solutions to enable its clients do business better. Wipro delivers winning business outcomes through its deep industry experience and a 360 degree view of "Business through Technology"; helping clients create successful and adaptive businesses. A company recognized globally for its comprehensive portfolio of services, a practitioner's approach to delivering innovation and an organization wide commitment to sustainability; Wipro has over 140,000 employees and clients across 61 countries. For more information, please visit www.wipro.com 13 © 2014 WIPRO LTD | WWW.WIPRO.COM | CONFIDENTIAL
  • Thank You ©Wipro Limited, 2014. All rights reserved. For more information visit www.wipro.com No part of this document may be reproduced in whole or in part without the written permission of the authors. Wipro is not liable for any business outcome based on the views presented in this document. For specific implementation clients should take advise from their client engagement manager. 14 © 2014 WIPRO LTD | WWW.WIPRO.COM | CONFIDENTIAL