© 2014 WIPRO LTD | WWW.WIPRO.COM | CONFIDENTIAL 1 Countering Denial of Service Attacks Global Infrastructure Services
May 08, 2015
© 2014 WIPRO LTD | WWW.WIPRO.COM | CONFIDENTIAL 1
Countering Denial
of Service Attacks
Global Infrastructure Services
© 2014 WIPRO LTD | WWW.WIPRO.COM | CONFIDENTIAL 2
Agenda
What is DDoS?
DDoS Attack Types
Mitigation : In Premises & Edge Level
Incident Response Measures
Conclusion
© 2014 WIPRO LTD | WWW.WIPRO.COM | CONFIDENTIAL 3
Introduction
The threat posed by DDoS attacks
© 2014 WIPRO LTD | WWW.WIPRO.COM | CONFIDENTIAL 4
What is DDoS?
Distributed Denial of Service
(DDoS) attacks aim at
sabotaging web services
using malware controlled
botnets
Outages cause large scale
customer defections
Banks hit by 26 attacks in
2012. Average loss $17M
BFSI, ISPs, data centers,
ecommerce sites are
particularly susceptible
Attacks increasing rapidly in
number, duration, bandwidth.
Handler
Target Server(s)
Attacker
Zombies (Compromised Machines)
DDoS Attack Mechanism
Handler
© 2014 WIPRO LTD | WWW.WIPRO.COM | CONFIDENTIAL 5
Challenges
Rising threat: Attacks becoming stronger and more numerous
Greater variety: Different server parts targeted with combinations of several attack strategies
Mitigation Gap: Only ~20% of organizations have a strategy
DDoS Attack Types
Volume Based Attacks
• Floods bandwidth of target server
• Units: bits per second (bps)
• Examples:
• TCP flood
• ICMP flood
• UDP flood
Protocol Based Attacks
• Directly occupies target server’s resources
• Units: packets per second
• Examples:
• Ping flood
• Smurf attack
• SYN flood
Application Layer Attacks
• Server crash caused by application layer vulnerabilities
• Units: requests per second
• Examples:
• Hash DoS attack
• Teardrop attack
© 2014 WIPRO LTD | WWW.WIPRO.COM | CONFIDENTIAL 6
Mitigation Strategies
Prevention and Cure
© 2014 WIPRO LTD | WWW.WIPRO.COM | CONFIDENTIAL 7
In Premises
Uses firewalls & intrusion prevention systems
Secures a firm’s servers and applications
Protection against small scale attacks
However, bandwidth left vulnerable
Larger attacks can still clog the network
© 2014 WIPRO LTD | WWW.WIPRO.COM | CONFIDENTIAL 8
At Edge Level
Implemented at internet service provider (ISP)
level
Protects bandwidth against malicious traffic
Continuous analysis required to ensure
legitimate traffic is not affected
Should be used in conjunction with in-
premises implementation
© 2014 WIPRO LTD | WWW.WIPRO.COM | CONFIDENTIAL 9
Incident Response
Prepare
Compile list of DDoS services at provider level
Enumerate business trends and IT risks
Identify & Analyze
Detect the attack and engage with stakeholders
Identify root cause and extent of damage
Mitigate
Contain the attack, initiate remedial measures
Post incident analysis
Plug gaps in preparation, support and skills
Continuous Improvement
Review mitigation strategy based on the incident
Run risk simulations and augment technology
Preparation
Identification
Mitigation
Post incident analysis
Improvement
© 2014 WIPRO LTD | WWW.WIPRO.COM | CONFIDENTIAL 10
Conclusion
© 2014 WIPRO LTD | WWW.WIPRO.COM | CONFIDENTIAL 11
Conclusion
Qualitative aspect – DDoS gains prominence
Companies are increasingly using online channels for customer
engagement.
Hence, they have become sensitive to cyber threats like DDoS
Quantitative aspect – mitigation cost vs benefits
DDoS attacks are becoming more varied and their potential impact on
profitability is increasing.
It makes business sense to have a robust DDoS mitigation policy and
infrastructure.
© 2014 WIPRO LTD | WWW.WIPRO.COM | CONFIDENTIAL 12
For more details please visit the link below:
http://www.wipro.com/Documents/resource-center/diffusing-
denial-of-service.pdf
© 2014 WIPRO LTD | WWW.WIPRO.COM | CONFIDENTIAL 13
About Wipro
Wipro Ltd. (NYSE:WIT) is a leading Information
Technology, Consulting and Outsourcing company
that delivers solutions to enable its clients do
business better. Wipro delivers winning business
outcomes through its deep industry experience and
a 360 degree view of "Business through
Technology"; helping clients create successful and
adaptive businesses. A company recognized
globally for its comprehensive portfolio of services,
a practitioner's approach to delivering innovation
and an organization wide commitment to
sustainability; Wipro has over 140,000 employees
and clients across 61 countries.
For more information, please visit www.wipro.com
© 2014 WIPRO LTD | WWW.WIPRO.COM | CONFIDENTIAL 14
Thank You ©Wipro Limited, 2014. All rights reserved.
For more information visit www.wipro.com
No part of this document may be reproduced in
whole or in part without the written permission of the
authors.
Wipro is not liable for any business outcome based
on the views presented in this document. For specific
implementation clients should take advise from their
client engagement manager.