SlideShare a Scribd company logo
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
How we approach DDoS threat research
Threat landscape in 2024
Customer case study: Ukraine, 2022
Agenda
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
DDoS threat research
Protect Amazon infrastructure and customers,
making AWS an unattractive target for
cyber threats
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Our approach
Analyze inbound and outbound internet traffic
Convert research into actionable threat intelligence for our customers
Disrupt the capability of unauthorized users to repeatedly and easily target us
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Leverage AWS’s reach and scale to detect threats
600+ points of presence
(POP) across 100+ cities in
50 countries
Exabytes of data
analyzed every 60 sec.
Thousands of DDoS attacks
mitigated every day
100+ billion AWS-managed rules
requests processed per day
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
0
20,000
40,000
60,000
80,000
100,000
120,000
9/1/22 10/1/22 11/1/22 12/1/22 1/1/23 2/1/23 3/1/23 4/1/23 5/1/23 6/1/23 7/1/23 8/1/23
DDoS
Events
Month
AWS Shield DDoS events detected per month
DDoS isn’t going away
56%
Application layer
40%
YoY growth
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
From video games to critical public infrastructure
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Proxy-based L7 DDoS attacks
Proxy
Proxy driver Target
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Botnets
Command &
control
Bots
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Tracking DDoS infrastructure
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Known offenders
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Known offenders
1.2.3.4
2.3.4.5
3.4.5.6
4.5.6.7
AnyAuthority ELB
AnyCompany NLB
AnyOrganization CloudFront Distribution
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Known offenders
1.2.3.4
2.3.4.5
3.4.5.6
4.5.6.7
AnyAuthority ELB
AnyCompany NLB
AnyOrganization CloudFront Distribution
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Tracking known offenders
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Available as a Managed Rule for AWS WAF
Amazon CloudFront
AWSManagedIPReputationList
Elastic Load Balancing (ELB) Amazon API Gateway
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Internal success stories
Amazon CloudFront AWS Management Console
Amazon.com
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWS Shield automatic mitigation
AWS Shield
detects attack
AWS Shield
deploys L7KO
AWS Shield
analyzes
traffic
AWS Shield
deploys
attack
signature
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved.
MadPot
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Global-scale threat intelligence
using the AWS Cloud
10k+ sensors deployed globally
Observes 100M+ potential threat
interactions daily
500,000activities classified as
malicious daily
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
MadPot (Honeypot) network
Amazon GuardDuty
AWS Shield
AWS WAF
Internet
MadPot
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
We are making a difference
https://www.theregister.com/2023/
10/02/aws_security_madpot/
AWS stirs the MadPot –
busting bot baddies and
eastern espionage
Security exec Mark Ryland spills the tea
on hush-hush threat intel tool
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Takedown
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Proxy-based L7 DDoS Attacks
Proxy driver Target
🍯
Proxy honeypot
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Top talking networks by proxy drivers
Linode Hetzner Online
Digital Ocean
FranTech Solutions
SoftLayer
Technologies
Interserver
Psychz Networks
Scaleway
Dedioutlet-
network-phx DediPath
myLoc
manage
d IT AG
Akamai
Connect
ed Cloud
Edgevirt
Choopa,
LLC
Kamater
a Inc
Hetzner
Online
GmbH
Aggros
Operati
ons…
Worl
dStre
am…
Relia
bleSit
e.N…
Wind
str…
Ad…
Re…
AE…
Or… H… M… A… V…
RW
-…
O…
C…
R…
D…
T… M… L… C… L…
Pe
b…
i…
D…
L…
I…
1… M… N…
D…
S…
C…
1…
W…
D…
U…
R
C
Z A Y T
S C E P I A
H
D
H
C
C
C S C A P
S
u
T
U
H S T C
A
S
C
N 3 B
C T C
D
Linode Hetzner Online Digital Ocean FranTech Solutions
SoftLayer Technologies Interserver Psychz Networks Scaleway
Dedioutlet-network-phx DediPath myLoc managed IT AG Akamai Connected Cloud
Edgevirt Choopa, LLC Kamatera Inc Hetzner Online GmbH
Aggros Operations Ltd. WorldStream B.V. ReliableSite.Net LLC Windstream Communications
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Botnet C2 Case Study
free.bot.c2
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Botnet C2 Case Study
0
5
10
15
20
25
30
35
40
5/14/23
12:00
5/14/23
13:00
5/14/23
14:00
5/14/23
15:00
5/14/23
16:00
5/14/23
17:00
5/14/23
18:00
5/14/23
19:00
5/14/23
20:00
5/14/23
21:00
5/14/23
22:00
5/14/23
23:00
5/15/23
0:00
5/15/23
1:00
5/15/23
2:00
5/15/23
3:00
5/15/23
4:00
5/15/23
5:00
5/15/23
6:00
5/15/23
7:00
5/15/23
8:00
5/15/23
9:00
5/15/23
10:00
5/15/23
11:00
5/15/23
13:00
5/15/23
14:00
5/15/23
15:00
5/15/23
16:00
5/15/23
17:00
5/15/23
18:00
5/15/23
19:00
5/15/23
20:00
5/15/23
21:00
5/15/23
22:00
5/15/23
23:00
5/16/23
0:00
5/16/23
1:00
5/16/23
2:00
5/16/23
3:00
5/16/23
4:00
5/16/23
5:00
5/16/23
6:00
5/16/23
7:00
5/16/23
8:00
5/16/23
9:00
5/16/23
10:00
5/16/23
11:00
5/16/23
12:00
5/16/23
13:00
5/16/23
14:00
5/16/23
15:00
5/16/23
16:00
5/16/23
17:00
5/16/23
18:00
5/16/23
19:00
5/16/23
20:00
5/16/23
21:00
5/16/23
22:00
5/16/23
23:00
5/17/23
0:00
5/17/23
1:00
5/17/23
2:00
5/17/23
3:00
5/17/23
4:00
5/17/23
5:00
5/17/23
6:00
5/17/23
7:00
5/17/23
8:00
5/17/23
9:00
5/17/23
10:00
DDoS Attacks per Hour Orchestrated by C2
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Botnet C2 Case Study
0 50 100 150 200 250 300 350
China Telecom
xTom
Hangzhou Alibaba Advertising Co.,Ltd.
China Unicom
China Mobile
Tencent cloud computing
China Telecom Guangdong
Overland Storage
xTom Hong Kong Limited
VMISS
Plus Provedor De Internet Ltda
OVH SAS
OVH Hosting
Metfone
Amazon.com
Level 3 Communications
Web Lacerda Provedor De Internet Ltda
Akamai Technologies
DDoS Attacks by Targeted Networks Orchestrated by C2
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Botnet C2 Case Study
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Botnet C2 Case Study
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Proxy driver takedown
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Proxy driver takedown
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Proxy driver takedown
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Threat Landscape Per Industry
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
P A R I S O L Y M P I C S
34
Threat Landscape Olympics
The Olympics is a known WW target of massive and systemic
cyberattacks
• London 2012 : 200 million cyberattacks
• Rio 2016 : 400 million cyberattacks
• Tokyo 2020 : 450 million cyberattacks
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
P A R I S O L Y M P I C S
35
Threat Landscape Olympics
We expect eight to 12 times the Tokyo numbers of cyber
attacks ”
• Mr. Franz Regul
• CISO of the Paris Olympic organizing committee
I have no doubt whatsoever that Russia would try to target the
Paris Olympics
“
”
Emmanuel Macron
President of France
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
R E T A I L
36
Threat Landscape
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Threat Data
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Last 12 months statistics
212k 842 Gbps
155 M RPS 221 M PPS
Total
Attacks
Largest request
flood attack
Largest bandwidth
heavy attack
Largest packet
attack
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. 39
Infrastructure and Application (HTTP) layer DDoS events
application
infrastructure
2021
2020 2022 2024
Count
of
events
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. 40
2024 – DDoS events in the numbers
Infrastructure DDoS events
360 thousands events
detected in 2024
-1.0% YoY decrease
Application (HTTP) DDoS
events
526 thousands events
detected in 2024
52.1% YoY increase
63,000 61,000
136,000
100,000
Q1 Q2 Q3 Q4
Infrastructure
Layer
DDoS
events
Quarter
Infrastructure DDoS Events 2024
100000
118000
143000
164000
Q1 Q2 Q3 Q4
Application
DDoS
events
Quarter
Application (HTTP) DDoS Events 2024
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
0 20,000,000 40,000,000 60,000,000 80,000,000 100,000,000 120,000,000 140,000,000 160,000,000 180,000,000
2023
2022
2021
2020
2019
Request Per Second
Year
1.5M rps
41
Largest Request Flood Events, As seen by AWS, by year
2.9M rps
4.3M rps
8.4M rps
155M rps
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. 42
Infrastructure Layer DDoS Events in 2024 – Distribution by top vectors
30.6%
25.0%
15.5%
11.0%
7.7%
6.0%
2.7%
0.0%
5.0%
10.0%
15.0%
20.0%
25.0%
30.0%
35.0%
S
Y
N
_
F
L
O
O
D
D
N
S
_
R
E
F
L
E
C
T
I
O
N
S
S
D
P
_
R
E
F
L
E
C
T
I
O
N
N
T
P
_
R
E
F
L
E
C
T
I
O
N
M
E
M
C
A
C
H
E
D
_
R
E
F
L
E
C
T
I
O
N
S
N
M
P
_
R
E
F
L
E
C
T
I
O
N
G
E
N
E
R
I
C
_
U
D
P
_
R
E
F
L
E
C
T
I
O
N
Share
of
all
events
Event Vectors
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. 43
Infrastructure Layer DDoS Events in 2022 vs 2024 – top emerging events
401.3%
349.2%
122.2%
105.7%
91.0%
24.9%
8.8%
0%
50%
100%
150%
200%
250%
300%
350%
400%
450%
R
I
P
_
R
E
F
L
E
C
T
I
O
N
H
T
T
P
_
R
E
F
L
E
C
T
I
O
N
R
E
Q
U
E
S
T
_
F
L
O
O
D
D
N
S
_
R
E
F
L
E
C
T
I
O
N
U
D
S
_
R
E
F
L
E
C
T
I
O
N
G
E
N
E
R
I
C
_
U
D
P
_
R
E
F
L
E
C
T
I
O
N
N
T
P
_
R
E
F
L
E
C
T
I
O
N
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. 44
Quarterly P99 Request per second, by year
0
20,000
40,000
60,000
80,000
100,000
120,000
140,000
160,000
180,000
200,000
Q1 Q2 Q3 Q4
2019
2020
2021
2022
2023
P99 Request per second
19.9% YoY increase
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
DDoS from the Front Row
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark.
Customer responsibility
• Design resilient architectures:
§ Use AWS services with better protection against DDoS attacks
§ Reduce the attack surface
§ Build scalable applications
• Use application level security controls such as AWS WAF.
• Ensure observability and monitor the traffic to understand baseline
• Detect anomaly, prepare run book for incident response which involves
platform support
46
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark.
Protecting web applications
47
Private subnet
Amazon CloudFront
Amazon Route 53
AWS WAF
AWS Cloud
Public subnet
ALB
AWS Edge Services Region
AWS WAF Compute Capacity
Amazon S3
VPC
Shield Advanced
protected resource
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark.
Protecting on-premise applications
48
Private subnet
Amazon CloudFront
Amazon Route 53
AWS WAF
AWS Cloud
Public subnet
Application Load
Balancer
AWS Edge Services Region
Corporate data center
TGW
Customer
Gateway
DX/VPN
Internet
Compute Capacity
Shield Advanced
protected resource
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark.
AWS Shield Advanced Features
49
AWS Shield
Advanced
Near real-time
events visibility
and alerting
24/7 Support of
AWS Shield
Response Team
Health-based
detection and
proactive event
response
Infrastructure
and application
protection (L3-7)
Application attack
detection and
automatic mitigation
with AWS WAF
Cost protection
for scaling during
an attack
Amazon
Route53
Amazon
CloudFront
AWS Global
Accelerator
Elastic Load
Balancing
Elastic IP
Protected Resources
AWS Firewall Manager
for Centralized
Management
AWS WAF for
Application protection
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark.
February 15th, 2022
50
On the 15-16th February a number of Ukrainian websites were taken offline due to Distributed Denial-of-
Service (DDoS) attacks. The impacted sites included Banks, Government and Military websites.
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark.
Attack profile
51
• Mirai botnet (actually – forked “Katana” network)
• Mikrotiks, Avtech network cameras, etc
• Not just DDoS:
• Fake SMS messages about ATM issues
• A denial of service attack against the .gov.ua
DNS servers; and
• A BGP hijacking attack against the
Privatbank IP space causing difficulties
routing traffic to their network.
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark.
Customer ingress architecture
52
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark.
Chronology
53
Feb 15.02
12:00 - attack started (first wave)
18:00 - customer reaches out AWS account team
18:20 - internal escalation inside AWS
19:26 - customer case created
19:46 - AWS war room created
22:00 - WAF configured for mobile endpoint
23:00 - WAF configured for web endpoint
Feb 16.02
00:00 - attack peak (first wave)
3:00 - attack stopped (first wave)
10:00 - attack start (second wave)
11:50 - Shield Advanced activated
12:00 - attack stopped (second wave)
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark.
GA overloaded -> AWS outage in GRU (Brazil)
54
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. 55
Firewall Appliances gave up and started leaking
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark.
WAF to the rescue
56
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark.
WAF to the rescue
57
• Block Brazil traffic
• Reputation list - block
• Core rule set
• Rate-limit - 2000 requests
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark.
WAF to the rescue
58
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark.
WAF to the rescue
59
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark.
So, why do we still need Shield Advanced?
Shield Advanced enabled
60
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark.
L3/L4 attacks
61
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark.
Stats
62
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark.
Stats
63
Wave 1:
mobile:
1.5Mrps - total blocked
1.266Mrps - rate-limited - most efficient rule
333Krps - county block (Brazil)
web:
20Gbps - incoming bandwidth
1.6Mrps - total blocked
1.17Mrps - rate-limited - most efficient rule
333Krps - county block (Brazil)
Wave 2:
mobile:
not affected
web:
40Gbps - incoming bandwidth
3.6Mrps - total blocked
2.6Mrps - rate-limited - most efficient rule
666Krps - county block (Brazil)
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark.
It’s not over yet…
64
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Thank you!
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Please complete the
session survey

More Related Content

Similar to "Frontline Battles with DDoS: Best practices and Lessons Learned", Igor Ivaniuk

AWS networking fundamentals
AWS networking fundamentalsAWS networking fundamentals
AWS networking fundamentals
Amazon Web Services
 
Amazon VPC: Security at the Speed Of Light (NET313) - AWS re:Invent 2018
Amazon VPC: Security at the Speed Of Light (NET313) - AWS re:Invent 2018Amazon VPC: Security at the Speed Of Light (NET313) - AWS re:Invent 2018
Amazon VPC: Security at the Speed Of Light (NET313) - AWS re:Invent 2018
Amazon Web Services
 
AWS networking fundamentals - SVC303 - Santa Clara AWS Summit
AWS networking fundamentals - SVC303 - Santa Clara AWS SummitAWS networking fundamentals - SVC303 - Santa Clara AWS Summit
AWS networking fundamentals - SVC303 - Santa Clara AWS Summit
Amazon Web Services
 
A Self-Defending Border - Protect Your Web-Facing Workloads with AWS Security...
A Self-Defending Border - Protect Your Web-Facing Workloads with AWS Security...A Self-Defending Border - Protect Your Web-Facing Workloads with AWS Security...
A Self-Defending Border - Protect Your Web-Facing Workloads with AWS Security...
Amazon Web Services
 
AWS CZSK Webinář 2019.05: Jak chránit vaše webové aplikace před DDoS útoky
AWS CZSK Webinář 2019.05: Jak chránit vaše webové aplikace před DDoS útokyAWS CZSK Webinář 2019.05: Jak chránit vaše webové aplikace před DDoS útoky
AWS CZSK Webinář 2019.05: Jak chránit vaše webové aplikace před DDoS útoky
Vladimir Simek
 
Innovate - Cybersecurity: A Drive Force Behind Cloud Adoption
Innovate - Cybersecurity: A Drive Force Behind Cloud AdoptionInnovate - Cybersecurity: A Drive Force Behind Cloud Adoption
Innovate - Cybersecurity: A Drive Force Behind Cloud Adoption
Amazon Web Services
 
How to Architect and Bring to Market SaaS on AWS GovCloud (US)
How to Architect and Bring to Market SaaS on AWS GovCloud (US)How to Architect and Bring to Market SaaS on AWS GovCloud (US)
How to Architect and Bring to Market SaaS on AWS GovCloud (US)
Amazon Web Services
 
AWS Networking Fundamentals - SVC304 - Anaheim AWS Summit
AWS Networking Fundamentals - SVC304 - Anaheim AWS SummitAWS Networking Fundamentals - SVC304 - Anaheim AWS Summit
AWS Networking Fundamentals - SVC304 - Anaheim AWS Summit
Amazon Web Services
 
Orchestrate Perimeter Security Across Distributed Applications (SEC326) - AWS...
Orchestrate Perimeter Security Across Distributed Applications (SEC326) - AWS...Orchestrate Perimeter Security Across Distributed Applications (SEC326) - AWS...
Orchestrate Perimeter Security Across Distributed Applications (SEC326) - AWS...
Amazon Web Services
 
Automating DDos and WAF responses - AWS Summit Cape Town 2018
Automating DDos and WAF responses - AWS Summit Cape Town 2018Automating DDos and WAF responses - AWS Summit Cape Town 2018
Automating DDos and WAF responses - AWS Summit Cape Town 2018
Amazon Web Services
 
Security & Identity: the Continuous Mitigation & Diagnostic Journey on AWS
Security & Identity: the Continuous Mitigation & Diagnostic Journey on AWSSecurity & Identity: the Continuous Mitigation & Diagnostic Journey on AWS
Security & Identity: the Continuous Mitigation & Diagnostic Journey on AWS
Amazon Web Services
 
AWS Networking Fundamentals
AWS Networking FundamentalsAWS Networking Fundamentals
AWS Networking Fundamentals
Amazon Web Services
 
Fundamentals of AWS networking - SVC303 - Atlanta AWS Summit
Fundamentals of AWS networking - SVC303 - Atlanta AWS SummitFundamentals of AWS networking - SVC303 - Atlanta AWS Summit
Fundamentals of AWS networking - SVC303 - Atlanta AWS Summit
Amazon Web Services
 
Plan Advanced AWS Networking Architectures - SRV323 - Chicago AWS Summit
Plan Advanced AWS Networking Architectures - SRV323 - Chicago AWS SummitPlan Advanced AWS Networking Architectures - SRV323 - Chicago AWS Summit
Plan Advanced AWS Networking Architectures - SRV323 - Chicago AWS Summit
Amazon Web Services
 
SRV204 Creating Your Virtual Data Center: VPC Fundamentals and Connectivity ...
 SRV204 Creating Your Virtual Data Center: VPC Fundamentals and Connectivity ... SRV204 Creating Your Virtual Data Center: VPC Fundamentals and Connectivity ...
SRV204 Creating Your Virtual Data Center: VPC Fundamentals and Connectivity ...
Amazon Web Services
 
Edge immersion days module 2 - protect your application at the edge using a...
Edge immersion days   module 2 - protect your application at the edge using a...Edge immersion days   module 2 - protect your application at the edge using a...
Edge immersion days module 2 - protect your application at the edge using a...
RoiElbaz1
 
Planificación de arquitecturas de red de AWS - MXO211 - Mexico City Summit
Planificación de arquitecturas de red de AWS - MXO211 - Mexico City SummitPlanificación de arquitecturas de red de AWS - MXO211 - Mexico City Summit
Planificación de arquitecturas de red de AWS - MXO211 - Mexico City Summit
Amazon Web Services
 
Building a Hybrid Cloud Architecture Utilizing AWS Landing Zones
Building a Hybrid Cloud Architecture Utilizing AWS Landing ZonesBuilding a Hybrid Cloud Architecture Utilizing AWS Landing Zones
Building a Hybrid Cloud Architecture Utilizing AWS Landing Zones
Tom Laszewski
 
Find all the threats: AWS threat detection and mitigation - SEC302 - Santa Cl...
Find all the threats: AWS threat detection and mitigation - SEC302 - Santa Cl...Find all the threats: AWS threat detection and mitigation - SEC302 - Santa Cl...
Find all the threats: AWS threat detection and mitigation - SEC302 - Santa Cl...
Amazon Web Services
 
AWS SSA Webinar 11 - Getting started on AWS: Security
AWS SSA Webinar 11 - Getting started on AWS: SecurityAWS SSA Webinar 11 - Getting started on AWS: Security
AWS SSA Webinar 11 - Getting started on AWS: Security
Cobus Bernard
 

Similar to "Frontline Battles with DDoS: Best practices and Lessons Learned", Igor Ivaniuk (20)

AWS networking fundamentals
AWS networking fundamentalsAWS networking fundamentals
AWS networking fundamentals
 
Amazon VPC: Security at the Speed Of Light (NET313) - AWS re:Invent 2018
Amazon VPC: Security at the Speed Of Light (NET313) - AWS re:Invent 2018Amazon VPC: Security at the Speed Of Light (NET313) - AWS re:Invent 2018
Amazon VPC: Security at the Speed Of Light (NET313) - AWS re:Invent 2018
 
AWS networking fundamentals - SVC303 - Santa Clara AWS Summit
AWS networking fundamentals - SVC303 - Santa Clara AWS SummitAWS networking fundamentals - SVC303 - Santa Clara AWS Summit
AWS networking fundamentals - SVC303 - Santa Clara AWS Summit
 
A Self-Defending Border - Protect Your Web-Facing Workloads with AWS Security...
A Self-Defending Border - Protect Your Web-Facing Workloads with AWS Security...A Self-Defending Border - Protect Your Web-Facing Workloads with AWS Security...
A Self-Defending Border - Protect Your Web-Facing Workloads with AWS Security...
 
AWS CZSK Webinář 2019.05: Jak chránit vaše webové aplikace před DDoS útoky
AWS CZSK Webinář 2019.05: Jak chránit vaše webové aplikace před DDoS útokyAWS CZSK Webinář 2019.05: Jak chránit vaše webové aplikace před DDoS útoky
AWS CZSK Webinář 2019.05: Jak chránit vaše webové aplikace před DDoS útoky
 
Innovate - Cybersecurity: A Drive Force Behind Cloud Adoption
Innovate - Cybersecurity: A Drive Force Behind Cloud AdoptionInnovate - Cybersecurity: A Drive Force Behind Cloud Adoption
Innovate - Cybersecurity: A Drive Force Behind Cloud Adoption
 
How to Architect and Bring to Market SaaS on AWS GovCloud (US)
How to Architect and Bring to Market SaaS on AWS GovCloud (US)How to Architect and Bring to Market SaaS on AWS GovCloud (US)
How to Architect and Bring to Market SaaS on AWS GovCloud (US)
 
AWS Networking Fundamentals - SVC304 - Anaheim AWS Summit
AWS Networking Fundamentals - SVC304 - Anaheim AWS SummitAWS Networking Fundamentals - SVC304 - Anaheim AWS Summit
AWS Networking Fundamentals - SVC304 - Anaheim AWS Summit
 
Orchestrate Perimeter Security Across Distributed Applications (SEC326) - AWS...
Orchestrate Perimeter Security Across Distributed Applications (SEC326) - AWS...Orchestrate Perimeter Security Across Distributed Applications (SEC326) - AWS...
Orchestrate Perimeter Security Across Distributed Applications (SEC326) - AWS...
 
Automating DDos and WAF responses - AWS Summit Cape Town 2018
Automating DDos and WAF responses - AWS Summit Cape Town 2018Automating DDos and WAF responses - AWS Summit Cape Town 2018
Automating DDos and WAF responses - AWS Summit Cape Town 2018
 
Security & Identity: the Continuous Mitigation & Diagnostic Journey on AWS
Security & Identity: the Continuous Mitigation & Diagnostic Journey on AWSSecurity & Identity: the Continuous Mitigation & Diagnostic Journey on AWS
Security & Identity: the Continuous Mitigation & Diagnostic Journey on AWS
 
AWS Networking Fundamentals
AWS Networking FundamentalsAWS Networking Fundamentals
AWS Networking Fundamentals
 
Fundamentals of AWS networking - SVC303 - Atlanta AWS Summit
Fundamentals of AWS networking - SVC303 - Atlanta AWS SummitFundamentals of AWS networking - SVC303 - Atlanta AWS Summit
Fundamentals of AWS networking - SVC303 - Atlanta AWS Summit
 
Plan Advanced AWS Networking Architectures - SRV323 - Chicago AWS Summit
Plan Advanced AWS Networking Architectures - SRV323 - Chicago AWS SummitPlan Advanced AWS Networking Architectures - SRV323 - Chicago AWS Summit
Plan Advanced AWS Networking Architectures - SRV323 - Chicago AWS Summit
 
SRV204 Creating Your Virtual Data Center: VPC Fundamentals and Connectivity ...
 SRV204 Creating Your Virtual Data Center: VPC Fundamentals and Connectivity ... SRV204 Creating Your Virtual Data Center: VPC Fundamentals and Connectivity ...
SRV204 Creating Your Virtual Data Center: VPC Fundamentals and Connectivity ...
 
Edge immersion days module 2 - protect your application at the edge using a...
Edge immersion days   module 2 - protect your application at the edge using a...Edge immersion days   module 2 - protect your application at the edge using a...
Edge immersion days module 2 - protect your application at the edge using a...
 
Planificación de arquitecturas de red de AWS - MXO211 - Mexico City Summit
Planificación de arquitecturas de red de AWS - MXO211 - Mexico City SummitPlanificación de arquitecturas de red de AWS - MXO211 - Mexico City Summit
Planificación de arquitecturas de red de AWS - MXO211 - Mexico City Summit
 
Building a Hybrid Cloud Architecture Utilizing AWS Landing Zones
Building a Hybrid Cloud Architecture Utilizing AWS Landing ZonesBuilding a Hybrid Cloud Architecture Utilizing AWS Landing Zones
Building a Hybrid Cloud Architecture Utilizing AWS Landing Zones
 
Find all the threats: AWS threat detection and mitigation - SEC302 - Santa Cl...
Find all the threats: AWS threat detection and mitigation - SEC302 - Santa Cl...Find all the threats: AWS threat detection and mitigation - SEC302 - Santa Cl...
Find all the threats: AWS threat detection and mitigation - SEC302 - Santa Cl...
 
AWS SSA Webinar 11 - Getting started on AWS: Security
AWS SSA Webinar 11 - Getting started on AWS: SecurityAWS SSA Webinar 11 - Getting started on AWS: Security
AWS SSA Webinar 11 - Getting started on AWS: Security
 

More from Fwdays

"What does it really mean for your system to be available, or how to define w...
"What does it really mean for your system to be available, or how to define w..."What does it really mean for your system to be available, or how to define w...
"What does it really mean for your system to be available, or how to define w...
Fwdays
 
"Microservices and multitenancy - how to serve thousands of databases in one ...
"Microservices and multitenancy - how to serve thousands of databases in one ..."Microservices and multitenancy - how to serve thousands of databases in one ...
"Microservices and multitenancy - how to serve thousands of databases in one ...
Fwdays
 
"Scaling RAG Applications to serve millions of users", Kevin Goedecke
"Scaling RAG Applications to serve millions of users",  Kevin Goedecke"Scaling RAG Applications to serve millions of users",  Kevin Goedecke
"Scaling RAG Applications to serve millions of users", Kevin Goedecke
Fwdays
 
"NATO Hackathon Winner: AI-Powered Drug Search", Taras Kloba
"NATO Hackathon Winner: AI-Powered Drug Search",  Taras Kloba"NATO Hackathon Winner: AI-Powered Drug Search",  Taras Kloba
"NATO Hackathon Winner: AI-Powered Drug Search", Taras Kloba
Fwdays
 
"Black Monday: The Story of 5.5 Hours of Downtime", Dmytro Dziubenko
"Black Monday: The Story of 5.5 Hours of Downtime", Dmytro Dziubenko"Black Monday: The Story of 5.5 Hours of Downtime", Dmytro Dziubenko
"Black Monday: The Story of 5.5 Hours of Downtime", Dmytro Dziubenko
Fwdays
 
"Reaching 3_000_000 HTTP requests per second — conclusions from participation...
"Reaching 3_000_000 HTTP requests per second — conclusions from participation..."Reaching 3_000_000 HTTP requests per second — conclusions from participation...
"Reaching 3_000_000 HTTP requests per second — conclusions from participation...
Fwdays
 
"$10 thousand per minute of downtime: architecture, queues, streaming and fin...
"$10 thousand per minute of downtime: architecture, queues, streaming and fin..."$10 thousand per minute of downtime: architecture, queues, streaming and fin...
"$10 thousand per minute of downtime: architecture, queues, streaming and fin...
Fwdays
 
"Choosing proper type of scaling", Olena Syrota
"Choosing proper type of scaling", Olena Syrota"Choosing proper type of scaling", Olena Syrota
"Choosing proper type of scaling", Olena Syrota
Fwdays
 
"What I learned through reverse engineering", Yuri Artiukh
"What I learned through reverse engineering", Yuri Artiukh"What I learned through reverse engineering", Yuri Artiukh
"What I learned through reverse engineering", Yuri Artiukh
Fwdays
 
"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi
Fwdays
 
"Micro frontends: Unbelievably true life story", Dmytro Pavlov
"Micro frontends: Unbelievably true life story", Dmytro Pavlov"Micro frontends: Unbelievably true life story", Dmytro Pavlov
"Micro frontends: Unbelievably true life story", Dmytro Pavlov
Fwdays
 
"Objects validation and comparison using runtime types (io-ts)", Oleksandr Suhak
"Objects validation and comparison using runtime types (io-ts)", Oleksandr Suhak"Objects validation and comparison using runtime types (io-ts)", Oleksandr Suhak
"Objects validation and comparison using runtime types (io-ts)", Oleksandr Suhak
Fwdays
 
"JavaScript. Standard evolution, when nobody cares", Roman Savitskyi
"JavaScript. Standard evolution, when nobody cares", Roman Savitskyi"JavaScript. Standard evolution, when nobody cares", Roman Savitskyi
"JavaScript. Standard evolution, when nobody cares", Roman Savitskyi
Fwdays
 
"How Preply reduced ML model development time from 1 month to 1 day",Yevhen Y...
"How Preply reduced ML model development time from 1 month to 1 day",Yevhen Y..."How Preply reduced ML model development time from 1 month to 1 day",Yevhen Y...
"How Preply reduced ML model development time from 1 month to 1 day",Yevhen Y...
Fwdays
 
"GenAI Apps: Our Journey from Ideas to Production Excellence",Danil Topchii
"GenAI Apps: Our Journey from Ideas to Production Excellence",Danil Topchii"GenAI Apps: Our Journey from Ideas to Production Excellence",Danil Topchii
"GenAI Apps: Our Journey from Ideas to Production Excellence",Danil Topchii
Fwdays
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
Fwdays
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
Fwdays
 
"What is a RAG system and how to build it",Dmytro Spodarets
"What is a RAG system and how to build it",Dmytro Spodarets"What is a RAG system and how to build it",Dmytro Spodarets
"What is a RAG system and how to build it",Dmytro Spodarets
Fwdays
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
Fwdays
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
Fwdays
 

More from Fwdays (20)

"What does it really mean for your system to be available, or how to define w...
"What does it really mean for your system to be available, or how to define w..."What does it really mean for your system to be available, or how to define w...
"What does it really mean for your system to be available, or how to define w...
 
"Microservices and multitenancy - how to serve thousands of databases in one ...
"Microservices and multitenancy - how to serve thousands of databases in one ..."Microservices and multitenancy - how to serve thousands of databases in one ...
"Microservices and multitenancy - how to serve thousands of databases in one ...
 
"Scaling RAG Applications to serve millions of users", Kevin Goedecke
"Scaling RAG Applications to serve millions of users",  Kevin Goedecke"Scaling RAG Applications to serve millions of users",  Kevin Goedecke
"Scaling RAG Applications to serve millions of users", Kevin Goedecke
 
"NATO Hackathon Winner: AI-Powered Drug Search", Taras Kloba
"NATO Hackathon Winner: AI-Powered Drug Search",  Taras Kloba"NATO Hackathon Winner: AI-Powered Drug Search",  Taras Kloba
"NATO Hackathon Winner: AI-Powered Drug Search", Taras Kloba
 
"Black Monday: The Story of 5.5 Hours of Downtime", Dmytro Dziubenko
"Black Monday: The Story of 5.5 Hours of Downtime", Dmytro Dziubenko"Black Monday: The Story of 5.5 Hours of Downtime", Dmytro Dziubenko
"Black Monday: The Story of 5.5 Hours of Downtime", Dmytro Dziubenko
 
"Reaching 3_000_000 HTTP requests per second — conclusions from participation...
"Reaching 3_000_000 HTTP requests per second — conclusions from participation..."Reaching 3_000_000 HTTP requests per second — conclusions from participation...
"Reaching 3_000_000 HTTP requests per second — conclusions from participation...
 
"$10 thousand per minute of downtime: architecture, queues, streaming and fin...
"$10 thousand per minute of downtime: architecture, queues, streaming and fin..."$10 thousand per minute of downtime: architecture, queues, streaming and fin...
"$10 thousand per minute of downtime: architecture, queues, streaming and fin...
 
"Choosing proper type of scaling", Olena Syrota
"Choosing proper type of scaling", Olena Syrota"Choosing proper type of scaling", Olena Syrota
"Choosing proper type of scaling", Olena Syrota
 
"What I learned through reverse engineering", Yuri Artiukh
"What I learned through reverse engineering", Yuri Artiukh"What I learned through reverse engineering", Yuri Artiukh
"What I learned through reverse engineering", Yuri Artiukh
 
"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi
 
"Micro frontends: Unbelievably true life story", Dmytro Pavlov
"Micro frontends: Unbelievably true life story", Dmytro Pavlov"Micro frontends: Unbelievably true life story", Dmytro Pavlov
"Micro frontends: Unbelievably true life story", Dmytro Pavlov
 
"Objects validation and comparison using runtime types (io-ts)", Oleksandr Suhak
"Objects validation and comparison using runtime types (io-ts)", Oleksandr Suhak"Objects validation and comparison using runtime types (io-ts)", Oleksandr Suhak
"Objects validation and comparison using runtime types (io-ts)", Oleksandr Suhak
 
"JavaScript. Standard evolution, when nobody cares", Roman Savitskyi
"JavaScript. Standard evolution, when nobody cares", Roman Savitskyi"JavaScript. Standard evolution, when nobody cares", Roman Savitskyi
"JavaScript. Standard evolution, when nobody cares", Roman Savitskyi
 
"How Preply reduced ML model development time from 1 month to 1 day",Yevhen Y...
"How Preply reduced ML model development time from 1 month to 1 day",Yevhen Y..."How Preply reduced ML model development time from 1 month to 1 day",Yevhen Y...
"How Preply reduced ML model development time from 1 month to 1 day",Yevhen Y...
 
"GenAI Apps: Our Journey from Ideas to Production Excellence",Danil Topchii
"GenAI Apps: Our Journey from Ideas to Production Excellence",Danil Topchii"GenAI Apps: Our Journey from Ideas to Production Excellence",Danil Topchii
"GenAI Apps: Our Journey from Ideas to Production Excellence",Danil Topchii
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
"What is a RAG system and how to build it",Dmytro Spodarets
"What is a RAG system and how to build it",Dmytro Spodarets"What is a RAG system and how to build it",Dmytro Spodarets
"What is a RAG system and how to build it",Dmytro Spodarets
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 

Recently uploaded

Amul milk launches in US: Key details of its new products ...
Amul milk launches in US: Key details of its new products ...Amul milk launches in US: Key details of its new products ...
Amul milk launches in US: Key details of its new products ...
chetankumar9855
 
WhatsApp Spy Online Trackers and Monitoring Apps
WhatsApp Spy Online Trackers and Monitoring AppsWhatsApp Spy Online Trackers and Monitoring Apps
WhatsApp Spy Online Trackers and Monitoring Apps
HackersList
 
Calgary MuleSoft Meetup APM and IDP .pptx
Calgary MuleSoft Meetup APM and IDP .pptxCalgary MuleSoft Meetup APM and IDP .pptx
Calgary MuleSoft Meetup APM and IDP .pptx
ishalveerrandhawa1
 
TrustArc Webinar - 2024 Data Privacy Trends: A Mid-Year Check-In
TrustArc Webinar - 2024 Data Privacy Trends: A Mid-Year Check-InTrustArc Webinar - 2024 Data Privacy Trends: A Mid-Year Check-In
TrustArc Webinar - 2024 Data Privacy Trends: A Mid-Year Check-In
TrustArc
 
Tirana Tech Meetup - Agentic RAG with Milvus, Llama3 and Ollama
Tirana Tech Meetup - Agentic RAG with Milvus, Llama3 and OllamaTirana Tech Meetup - Agentic RAG with Milvus, Llama3 and Ollama
Tirana Tech Meetup - Agentic RAG with Milvus, Llama3 and Ollama
Zilliz
 
Best Practices for Effectively Running dbt in Airflow.pdf
Best Practices for Effectively Running dbt in Airflow.pdfBest Practices for Effectively Running dbt in Airflow.pdf
Best Practices for Effectively Running dbt in Airflow.pdf
Tatiana Al-Chueyr
 
“Deploying Large Language Models on a Raspberry Pi,” a Presentation from Usef...
“Deploying Large Language Models on a Raspberry Pi,” a Presentation from Usef...“Deploying Large Language Models on a Raspberry Pi,” a Presentation from Usef...
“Deploying Large Language Models on a Raspberry Pi,” a Presentation from Usef...
Edge AI and Vision Alliance
 
(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf
(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf
(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf
Priyanka Aash
 
Use Cases & Benefits of RPA in Manufacturing in 2024.pptx
Use Cases & Benefits of RPA in Manufacturing in 2024.pptxUse Cases & Benefits of RPA in Manufacturing in 2024.pptx
Use Cases & Benefits of RPA in Manufacturing in 2024.pptx
SynapseIndia
 
High Profile Girls call Service Pune 000XX00000 Provide Best And Top Girl Ser...
High Profile Girls call Service Pune 000XX00000 Provide Best And Top Girl Ser...High Profile Girls call Service Pune 000XX00000 Provide Best And Top Girl Ser...
High Profile Girls call Service Pune 000XX00000 Provide Best And Top Girl Ser...
bhumivarma35300
 
EuroPython 2024 - Streamlining Testing in a Large Python Codebase
EuroPython 2024 - Streamlining Testing in a Large Python CodebaseEuroPython 2024 - Streamlining Testing in a Large Python Codebase
EuroPython 2024 - Streamlining Testing in a Large Python Codebase
Jimmy Lai
 
WhatsApp Image 2024-03-27 at 08.19.52_bfd93109.pdf
WhatsApp Image 2024-03-27 at 08.19.52_bfd93109.pdfWhatsApp Image 2024-03-27 at 08.19.52_bfd93109.pdf
WhatsApp Image 2024-03-27 at 08.19.52_bfd93109.pdf
ArgaBisma
 
Opencast Summit 2024 — Opencast @ University of Münster
Opencast Summit 2024 — Opencast @ University of MünsterOpencast Summit 2024 — Opencast @ University of Münster
Opencast Summit 2024 — Opencast @ University of Münster
Matthias Neugebauer
 
Evolution of iPaaS - simplify IT workloads to provide a unified view of data...
Evolution of iPaaS - simplify IT workloads to provide a unified view of  data...Evolution of iPaaS - simplify IT workloads to provide a unified view of  data...
Evolution of iPaaS - simplify IT workloads to provide a unified view of data...
Torry Harris
 
WPRiders Company Presentation Slide Deck
WPRiders Company Presentation Slide DeckWPRiders Company Presentation Slide Deck
WPRiders Company Presentation Slide Deck
Lidia A.
 
Dublin_mulesoft_meetup_Mulesoft_Salesforce_Integration (1).pptx
Dublin_mulesoft_meetup_Mulesoft_Salesforce_Integration (1).pptxDublin_mulesoft_meetup_Mulesoft_Salesforce_Integration (1).pptx
Dublin_mulesoft_meetup_Mulesoft_Salesforce_Integration (1).pptx
Kunal Gupta
 
Implementations of Fused Deposition Modeling in real world
Implementations of Fused Deposition Modeling  in real worldImplementations of Fused Deposition Modeling  in real world
Implementations of Fused Deposition Modeling in real world
Emerging Tech
 
The Role of IoT in Australian Mobile App Development - PDF Guide
The Role of IoT in Australian Mobile App Development - PDF GuideThe Role of IoT in Australian Mobile App Development - PDF Guide
The Role of IoT in Australian Mobile App Development - PDF Guide
Shiv Technolabs
 
Data Integration Basics: Merging & Joining Data
Data Integration Basics: Merging & Joining DataData Integration Basics: Merging & Joining Data
Data Integration Basics: Merging & Joining Data
Safe Software
 
High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...
High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...
High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...
aslasdfmkhan4750
 

Recently uploaded (20)

Amul milk launches in US: Key details of its new products ...
Amul milk launches in US: Key details of its new products ...Amul milk launches in US: Key details of its new products ...
Amul milk launches in US: Key details of its new products ...
 
WhatsApp Spy Online Trackers and Monitoring Apps
WhatsApp Spy Online Trackers and Monitoring AppsWhatsApp Spy Online Trackers and Monitoring Apps
WhatsApp Spy Online Trackers and Monitoring Apps
 
Calgary MuleSoft Meetup APM and IDP .pptx
Calgary MuleSoft Meetup APM and IDP .pptxCalgary MuleSoft Meetup APM and IDP .pptx
Calgary MuleSoft Meetup APM and IDP .pptx
 
TrustArc Webinar - 2024 Data Privacy Trends: A Mid-Year Check-In
TrustArc Webinar - 2024 Data Privacy Trends: A Mid-Year Check-InTrustArc Webinar - 2024 Data Privacy Trends: A Mid-Year Check-In
TrustArc Webinar - 2024 Data Privacy Trends: A Mid-Year Check-In
 
Tirana Tech Meetup - Agentic RAG with Milvus, Llama3 and Ollama
Tirana Tech Meetup - Agentic RAG with Milvus, Llama3 and OllamaTirana Tech Meetup - Agentic RAG with Milvus, Llama3 and Ollama
Tirana Tech Meetup - Agentic RAG with Milvus, Llama3 and Ollama
 
Best Practices for Effectively Running dbt in Airflow.pdf
Best Practices for Effectively Running dbt in Airflow.pdfBest Practices for Effectively Running dbt in Airflow.pdf
Best Practices for Effectively Running dbt in Airflow.pdf
 
“Deploying Large Language Models on a Raspberry Pi,” a Presentation from Usef...
“Deploying Large Language Models on a Raspberry Pi,” a Presentation from Usef...“Deploying Large Language Models on a Raspberry Pi,” a Presentation from Usef...
“Deploying Large Language Models on a Raspberry Pi,” a Presentation from Usef...
 
(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf
(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf
(CISOPlatform Summit & SACON 2024) Digital Personal Data Protection Act.pdf
 
Use Cases & Benefits of RPA in Manufacturing in 2024.pptx
Use Cases & Benefits of RPA in Manufacturing in 2024.pptxUse Cases & Benefits of RPA in Manufacturing in 2024.pptx
Use Cases & Benefits of RPA in Manufacturing in 2024.pptx
 
High Profile Girls call Service Pune 000XX00000 Provide Best And Top Girl Ser...
High Profile Girls call Service Pune 000XX00000 Provide Best And Top Girl Ser...High Profile Girls call Service Pune 000XX00000 Provide Best And Top Girl Ser...
High Profile Girls call Service Pune 000XX00000 Provide Best And Top Girl Ser...
 
EuroPython 2024 - Streamlining Testing in a Large Python Codebase
EuroPython 2024 - Streamlining Testing in a Large Python CodebaseEuroPython 2024 - Streamlining Testing in a Large Python Codebase
EuroPython 2024 - Streamlining Testing in a Large Python Codebase
 
WhatsApp Image 2024-03-27 at 08.19.52_bfd93109.pdf
WhatsApp Image 2024-03-27 at 08.19.52_bfd93109.pdfWhatsApp Image 2024-03-27 at 08.19.52_bfd93109.pdf
WhatsApp Image 2024-03-27 at 08.19.52_bfd93109.pdf
 
Opencast Summit 2024 — Opencast @ University of Münster
Opencast Summit 2024 — Opencast @ University of MünsterOpencast Summit 2024 — Opencast @ University of Münster
Opencast Summit 2024 — Opencast @ University of Münster
 
Evolution of iPaaS - simplify IT workloads to provide a unified view of data...
Evolution of iPaaS - simplify IT workloads to provide a unified view of  data...Evolution of iPaaS - simplify IT workloads to provide a unified view of  data...
Evolution of iPaaS - simplify IT workloads to provide a unified view of data...
 
WPRiders Company Presentation Slide Deck
WPRiders Company Presentation Slide DeckWPRiders Company Presentation Slide Deck
WPRiders Company Presentation Slide Deck
 
Dublin_mulesoft_meetup_Mulesoft_Salesforce_Integration (1).pptx
Dublin_mulesoft_meetup_Mulesoft_Salesforce_Integration (1).pptxDublin_mulesoft_meetup_Mulesoft_Salesforce_Integration (1).pptx
Dublin_mulesoft_meetup_Mulesoft_Salesforce_Integration (1).pptx
 
Implementations of Fused Deposition Modeling in real world
Implementations of Fused Deposition Modeling  in real worldImplementations of Fused Deposition Modeling  in real world
Implementations of Fused Deposition Modeling in real world
 
The Role of IoT in Australian Mobile App Development - PDF Guide
The Role of IoT in Australian Mobile App Development - PDF GuideThe Role of IoT in Australian Mobile App Development - PDF Guide
The Role of IoT in Australian Mobile App Development - PDF Guide
 
Data Integration Basics: Merging & Joining Data
Data Integration Basics: Merging & Joining DataData Integration Basics: Merging & Joining Data
Data Integration Basics: Merging & Joining Data
 
High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...
High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...
High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...
 

"Frontline Battles with DDoS: Best practices and Lessons Learned", Igor Ivaniuk

  • 1. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 2. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. How we approach DDoS threat research Threat landscape in 2024 Customer case study: Ukraine, 2022 Agenda
  • 3. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. DDoS threat research Protect Amazon infrastructure and customers, making AWS an unattractive target for cyber threats © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 4. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Our approach Analyze inbound and outbound internet traffic Convert research into actionable threat intelligence for our customers Disrupt the capability of unauthorized users to repeatedly and easily target us
  • 5. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Leverage AWS’s reach and scale to detect threats 600+ points of presence (POP) across 100+ cities in 50 countries Exabytes of data analyzed every 60 sec. Thousands of DDoS attacks mitigated every day 100+ billion AWS-managed rules requests processed per day
  • 6. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. 0 20,000 40,000 60,000 80,000 100,000 120,000 9/1/22 10/1/22 11/1/22 12/1/22 1/1/23 2/1/23 3/1/23 4/1/23 5/1/23 6/1/23 7/1/23 8/1/23 DDoS Events Month AWS Shield DDoS events detected per month DDoS isn’t going away 56% Application layer 40% YoY growth
  • 7. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. From video games to critical public infrastructure
  • 8. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Proxy-based L7 DDoS attacks Proxy Proxy driver Target
  • 9. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Botnets Command & control Bots
  • 10. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Tracking DDoS infrastructure
  • 11. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Known offenders © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 12. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Known offenders 1.2.3.4 2.3.4.5 3.4.5.6 4.5.6.7 AnyAuthority ELB AnyCompany NLB AnyOrganization CloudFront Distribution
  • 13. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Known offenders 1.2.3.4 2.3.4.5 3.4.5.6 4.5.6.7 AnyAuthority ELB AnyCompany NLB AnyOrganization CloudFront Distribution
  • 14. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Tracking known offenders
  • 15. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Available as a Managed Rule for AWS WAF Amazon CloudFront AWSManagedIPReputationList Elastic Load Balancing (ELB) Amazon API Gateway
  • 16. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Internal success stories Amazon CloudFront AWS Management Console Amazon.com
  • 17. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. AWS Shield automatic mitigation AWS Shield detects attack AWS Shield deploys L7KO AWS Shield analyzes traffic AWS Shield deploys attack signature
  • 18. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. MadPot
  • 19. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Global-scale threat intelligence using the AWS Cloud 10k+ sensors deployed globally Observes 100M+ potential threat interactions daily 500,000activities classified as malicious daily
  • 20. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. MadPot (Honeypot) network Amazon GuardDuty AWS Shield AWS WAF Internet MadPot
  • 21. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. We are making a difference https://www.theregister.com/2023/ 10/02/aws_security_madpot/ AWS stirs the MadPot – busting bot baddies and eastern espionage Security exec Mark Ryland spills the tea on hush-hush threat intel tool
  • 22. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Takedown © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 23. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Proxy-based L7 DDoS Attacks Proxy driver Target 🍯 Proxy honeypot
  • 24. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Top talking networks by proxy drivers Linode Hetzner Online Digital Ocean FranTech Solutions SoftLayer Technologies Interserver Psychz Networks Scaleway Dedioutlet- network-phx DediPath myLoc manage d IT AG Akamai Connect ed Cloud Edgevirt Choopa, LLC Kamater a Inc Hetzner Online GmbH Aggros Operati ons… Worl dStre am… Relia bleSit e.N… Wind str… Ad… Re… AE… Or… H… M… A… V… RW -… O… C… R… D… T… M… L… C… L… Pe b… i… D… L… I… 1… M… N… D… S… C… 1… W… D… U… R C Z A Y T S C E P I A H D H C C C S C A P S u T U H S T C A S C N 3 B C T C D Linode Hetzner Online Digital Ocean FranTech Solutions SoftLayer Technologies Interserver Psychz Networks Scaleway Dedioutlet-network-phx DediPath myLoc managed IT AG Akamai Connected Cloud Edgevirt Choopa, LLC Kamatera Inc Hetzner Online GmbH Aggros Operations Ltd. WorldStream B.V. ReliableSite.Net LLC Windstream Communications
  • 25. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Botnet C2 Case Study free.bot.c2
  • 26. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Botnet C2 Case Study 0 5 10 15 20 25 30 35 40 5/14/23 12:00 5/14/23 13:00 5/14/23 14:00 5/14/23 15:00 5/14/23 16:00 5/14/23 17:00 5/14/23 18:00 5/14/23 19:00 5/14/23 20:00 5/14/23 21:00 5/14/23 22:00 5/14/23 23:00 5/15/23 0:00 5/15/23 1:00 5/15/23 2:00 5/15/23 3:00 5/15/23 4:00 5/15/23 5:00 5/15/23 6:00 5/15/23 7:00 5/15/23 8:00 5/15/23 9:00 5/15/23 10:00 5/15/23 11:00 5/15/23 13:00 5/15/23 14:00 5/15/23 15:00 5/15/23 16:00 5/15/23 17:00 5/15/23 18:00 5/15/23 19:00 5/15/23 20:00 5/15/23 21:00 5/15/23 22:00 5/15/23 23:00 5/16/23 0:00 5/16/23 1:00 5/16/23 2:00 5/16/23 3:00 5/16/23 4:00 5/16/23 5:00 5/16/23 6:00 5/16/23 7:00 5/16/23 8:00 5/16/23 9:00 5/16/23 10:00 5/16/23 11:00 5/16/23 12:00 5/16/23 13:00 5/16/23 14:00 5/16/23 15:00 5/16/23 16:00 5/16/23 17:00 5/16/23 18:00 5/16/23 19:00 5/16/23 20:00 5/16/23 21:00 5/16/23 22:00 5/16/23 23:00 5/17/23 0:00 5/17/23 1:00 5/17/23 2:00 5/17/23 3:00 5/17/23 4:00 5/17/23 5:00 5/17/23 6:00 5/17/23 7:00 5/17/23 8:00 5/17/23 9:00 5/17/23 10:00 DDoS Attacks per Hour Orchestrated by C2
  • 27. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Botnet C2 Case Study 0 50 100 150 200 250 300 350 China Telecom xTom Hangzhou Alibaba Advertising Co.,Ltd. China Unicom China Mobile Tencent cloud computing China Telecom Guangdong Overland Storage xTom Hong Kong Limited VMISS Plus Provedor De Internet Ltda OVH SAS OVH Hosting Metfone Amazon.com Level 3 Communications Web Lacerda Provedor De Internet Ltda Akamai Technologies DDoS Attacks by Targeted Networks Orchestrated by C2
  • 28. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Botnet C2 Case Study
  • 29. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Botnet C2 Case Study
  • 30. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Proxy driver takedown
  • 31. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Proxy driver takedown
  • 32. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Proxy driver takedown
  • 33. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Threat Landscape Per Industry
  • 34. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. P A R I S O L Y M P I C S 34 Threat Landscape Olympics The Olympics is a known WW target of massive and systemic cyberattacks • London 2012 : 200 million cyberattacks • Rio 2016 : 400 million cyberattacks • Tokyo 2020 : 450 million cyberattacks
  • 35. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. P A R I S O L Y M P I C S 35 Threat Landscape Olympics We expect eight to 12 times the Tokyo numbers of cyber attacks ” • Mr. Franz Regul • CISO of the Paris Olympic organizing committee I have no doubt whatsoever that Russia would try to target the Paris Olympics “ ” Emmanuel Macron President of France
  • 36. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. R E T A I L 36 Threat Landscape
  • 37. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Threat Data
  • 38. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Last 12 months statistics 212k 842 Gbps 155 M RPS 221 M PPS Total Attacks Largest request flood attack Largest bandwidth heavy attack Largest packet attack
  • 39. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. 39 Infrastructure and Application (HTTP) layer DDoS events application infrastructure 2021 2020 2022 2024 Count of events
  • 40. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. 40 2024 – DDoS events in the numbers Infrastructure DDoS events 360 thousands events detected in 2024 -1.0% YoY decrease Application (HTTP) DDoS events 526 thousands events detected in 2024 52.1% YoY increase 63,000 61,000 136,000 100,000 Q1 Q2 Q3 Q4 Infrastructure Layer DDoS events Quarter Infrastructure DDoS Events 2024 100000 118000 143000 164000 Q1 Q2 Q3 Q4 Application DDoS events Quarter Application (HTTP) DDoS Events 2024
  • 41. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. 0 20,000,000 40,000,000 60,000,000 80,000,000 100,000,000 120,000,000 140,000,000 160,000,000 180,000,000 2023 2022 2021 2020 2019 Request Per Second Year 1.5M rps 41 Largest Request Flood Events, As seen by AWS, by year 2.9M rps 4.3M rps 8.4M rps 155M rps
  • 42. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. 42 Infrastructure Layer DDoS Events in 2024 – Distribution by top vectors 30.6% 25.0% 15.5% 11.0% 7.7% 6.0% 2.7% 0.0% 5.0% 10.0% 15.0% 20.0% 25.0% 30.0% 35.0% S Y N _ F L O O D D N S _ R E F L E C T I O N S S D P _ R E F L E C T I O N N T P _ R E F L E C T I O N M E M C A C H E D _ R E F L E C T I O N S N M P _ R E F L E C T I O N G E N E R I C _ U D P _ R E F L E C T I O N Share of all events Event Vectors
  • 43. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. 43 Infrastructure Layer DDoS Events in 2022 vs 2024 – top emerging events 401.3% 349.2% 122.2% 105.7% 91.0% 24.9% 8.8% 0% 50% 100% 150% 200% 250% 300% 350% 400% 450% R I P _ R E F L E C T I O N H T T P _ R E F L E C T I O N R E Q U E S T _ F L O O D D N S _ R E F L E C T I O N U D S _ R E F L E C T I O N G E N E R I C _ U D P _ R E F L E C T I O N N T P _ R E F L E C T I O N
  • 44. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. 44 Quarterly P99 Request per second, by year 0 20,000 40,000 60,000 80,000 100,000 120,000 140,000 160,000 180,000 200,000 Q1 Q2 Q3 Q4 2019 2020 2021 2022 2023 P99 Request per second 19.9% YoY increase
  • 45. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. DDoS from the Front Row
  • 46. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Customer responsibility • Design resilient architectures: § Use AWS services with better protection against DDoS attacks § Reduce the attack surface § Build scalable applications • Use application level security controls such as AWS WAF. • Ensure observability and monitor the traffic to understand baseline • Detect anomaly, prepare run book for incident response which involves platform support 46
  • 47. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Protecting web applications 47 Private subnet Amazon CloudFront Amazon Route 53 AWS WAF AWS Cloud Public subnet ALB AWS Edge Services Region AWS WAF Compute Capacity Amazon S3 VPC Shield Advanced protected resource
  • 48. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Protecting on-premise applications 48 Private subnet Amazon CloudFront Amazon Route 53 AWS WAF AWS Cloud Public subnet Application Load Balancer AWS Edge Services Region Corporate data center TGW Customer Gateway DX/VPN Internet Compute Capacity Shield Advanced protected resource
  • 49. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. AWS Shield Advanced Features 49 AWS Shield Advanced Near real-time events visibility and alerting 24/7 Support of AWS Shield Response Team Health-based detection and proactive event response Infrastructure and application protection (L3-7) Application attack detection and automatic mitigation with AWS WAF Cost protection for scaling during an attack Amazon Route53 Amazon CloudFront AWS Global Accelerator Elastic Load Balancing Elastic IP Protected Resources AWS Firewall Manager for Centralized Management AWS WAF for Application protection
  • 50. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. February 15th, 2022 50 On the 15-16th February a number of Ukrainian websites were taken offline due to Distributed Denial-of- Service (DDoS) attacks. The impacted sites included Banks, Government and Military websites.
  • 51. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Attack profile 51 • Mirai botnet (actually – forked “Katana” network) • Mikrotiks, Avtech network cameras, etc • Not just DDoS: • Fake SMS messages about ATM issues • A denial of service attack against the .gov.ua DNS servers; and • A BGP hijacking attack against the Privatbank IP space causing difficulties routing traffic to their network.
  • 52. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Customer ingress architecture 52
  • 53. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Chronology 53 Feb 15.02 12:00 - attack started (first wave) 18:00 - customer reaches out AWS account team 18:20 - internal escalation inside AWS 19:26 - customer case created 19:46 - AWS war room created 22:00 - WAF configured for mobile endpoint 23:00 - WAF configured for web endpoint Feb 16.02 00:00 - attack peak (first wave) 3:00 - attack stopped (first wave) 10:00 - attack start (second wave) 11:50 - Shield Advanced activated 12:00 - attack stopped (second wave)
  • 54. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. GA overloaded -> AWS outage in GRU (Brazil) 54
  • 55. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. 55 Firewall Appliances gave up and started leaking
  • 56. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. WAF to the rescue 56
  • 57. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. WAF to the rescue 57 • Block Brazil traffic • Reputation list - block • Core rule set • Rate-limit - 2000 requests
  • 58. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. WAF to the rescue 58
  • 59. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. WAF to the rescue 59
  • 60. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. So, why do we still need Shield Advanced? Shield Advanced enabled 60
  • 61. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. L3/L4 attacks 61
  • 62. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Stats 62
  • 63. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. Stats 63 Wave 1: mobile: 1.5Mrps - total blocked 1.266Mrps - rate-limited - most efficient rule 333Krps - county block (Brazil) web: 20Gbps - incoming bandwidth 1.6Mrps - total blocked 1.17Mrps - rate-limited - most efficient rule 333Krps - county block (Brazil) Wave 2: mobile: not affected web: 40Gbps - incoming bandwidth 3.6Mrps - total blocked 2.6Mrps - rate-limited - most efficient rule 666Krps - county block (Brazil)
  • 64. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark. It’s not over yet… 64
  • 65. © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Thank you! © 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Please complete the session survey