Homeland Security Wants to End DDoS Attacks

Megalith

Megalith

24-bit/48kHz
Staff member
Joined
Aug 20, 2006
Messages
13,000
Denial-of-service attacks, otherwise known as the scourge of the Internet, are getting more frequent and sophisticated than ever. The Department of Homeland Security's Cyber Security Division (CSD) is funding a couple of efforts they hope will at least alleviate, if not ideally terminate, such attempts that cripple service. One idea involves a dynamic, peer-to-peer network of service providers that will collaborate to shut down perceived attacks, and some researchers have already demonstrated the capability to withstand a 250 Gbps attack as they work toward defenses for a one Tbps attack.

…the DHS hopes "to bring about an end to the scourge of DDoS attacks." There's still work to do, but it's great to see the DHS leading a coordinated effort because something needs to be done. Last year, DDoS protection provider Imperva Incapsula reported helping its customers fend off an average of 445 attacks every week. Their intensity increased dramatically, too, up from around 200Gbps in 2015 to 470Gbps in 2016. Add in a report from Verisign that named the three biggest targets of DDoS attacks as cloud and IT service providers (49% of all attacks), the public sector (32%), and banks (9%), and it becomes very clear why we need the DDoSD project to succeed.
 
Galvin said:
Didn't think this was possible
Click to expand...

For the most part they are trying to automate what they already do manually in order to fight off a DDOS attack. The faster they can react to it the easier it is to shut down. Furthermore, if the packet traces can be followed back to source machines then the traffic they are generating can be routed to the bit bucket at the closest source, a major undertaking if you can't find a way to automate it.

Of course they better think ahead, and they probably will, but if it were me, I would be looking at a way to turn their automated system against themselves. ie ... I create an attack against a target and make the attack look like it is coming from the machines that you really want to attack and let their own defense system shut down the real targets.
 
lcpiper said:
For the most part they are trying to automate what they already do manually in order to fight off a DDOS attack. The faster they can react to it the easier it is to shut down. Furthermore, if the packet traces can be followed back to source machines then the traffic they are generating can be routed to the bit bucket at the closest source, a major undertaking if you can't find a way to automate it.

Of course they better think ahead, and they probably will, but if it were me, I would be looking at a way to turn their automated system against themselves. ie ... I create an attack against a target and make the attack look like it is coming from the machines that you really want to attack and let their own defense system shut down the real targets.
Click to expand...

If you are going to go all malware/virusy, why not just make something that kills the network connections since that is the end goal anyway?

I would think it would be really hard to spoof incoming attacks to make it look like an attack is coming from somewhere it isn't.
 
cyclone3d said:
If you are going to go all malware/virusy, why not just make something that kills the network connections since that is the end goal anyway?

I would think it would be really hard to spoof incoming attacks to make it look like an attack is coming from somewhere it isn't.
Click to expand...

Ummm, I wasn't going all malware virusy, I'm not sure how you get that.

As for it being really hard to spoof incoming attacks, why would that be hard?

You create your traffic that you want to send to a target machine in order to make it look like a DDos attack, the intention is to solicit an automated response, but you modify the source data in the traffic so it looks like it came from the machines that you actually wanted to target. This directs the automated response at the real targets you wanted to attack. Why do you think that is so hard?
 
The problem is, Big Data.

Bag Data companies are convinced that they have a new product to sell, analytic data or the products of analytic data. The have the processing power to handle Big Data projects, their problem is collecting the data. I was at NetApp's annual Insight conference in Vegas last year and the CEO of 3D Robotics, https://3dr.com/ https://store.3dr.com/ , Chris Anderson gave a talk on Big Data and drones, he was explaining how drones and other platforms can all become sensors providing data for Big Data products. They have this concept that drones and other devices including all the IoT devices can be leveraged to "feed" the Big Data appetite.

Hypothetical: You and two other guys in your neighborhood are drone hobbyists. All of you bought drones that have integrated sensor packages and although you think the sensors like wind speed, temperature, barametric pressure, etc, are all really neat and they give your HUD some nice things to look at. What you don't know is that the data is also being passed on to the companies that you bought your drones from and it's being used for weather tracking apps and long term big-data weather projects.

You and your neighbors are paying for their sensor platform and operating it for them.

You are not going to get a check back but they do thank you.
 
You must log in or register to reply here.
Back
Top