|
Content Assessment: Stressed Out? Towards Remediating DDoS Attacks
Information - 90%
Insight - 90%
Relevance - 85%
Objectivity - 95%
Authority - 95%
91%
Excellent
A short percentage-based assessment of the qualitative benefit of the post highlighting the research by Arturs Lavrenovs from NATO CCDCOE on DDoS remediation.
Editor’s Note: From time to time, ComplexDiscovery highlights publicly available or privately purchasable announcements, content updates, and research from data discovery and legal discovery providers, research organizations, and ComplexDiscovery community members. While ComplexDiscovery regularly highlights this information, it does not assume any responsibility for content assertions.
To submit recommendations for consideration and inclusion in ComplexDiscovery’s data and legal discovery-centric service, product, or research announcements, contact us today.
Research Report from CCDCOE* (Arturs Lavrenovs)
Towards Remediating DDoS Attacks
Research Abstract
The Internet infrastructure has been struggling with distributed denial of service (DDoS) attacks for more than two decades. This paper reviews aspects of current remediation strategies for reflected amplified DDoS attacks and identifies elements that are insufficiently researched which might be hindering remediation efforts. It identifies additional actors who should be playing a role in these efforts and reviews their incentives and motivation. The issue has long been whether it is possible to remediate abused protocols faster than the protocols get deprecated while devices using them remain functional until the end of their life. It now appears that it is. The Memcache protocol attack capacity was only 319 Mbps in May 2020 but it was 1.7 Tbps only two years previously. Thus it can be considered fully remediated. The paper examines why this was a successful remediation effort and whether it could be applied to other commonly abused protocols by using the reflector capacity measurement methodology. In contrast, the longterm abused DNS protocol has not seen a significant drop in capacity, which is lingering around 27.5 Tbps.
Research Extract
Addressing the DDoS problem in 2020 has become more important than ever. The global pandemic almost instantly shifted the whole education system and jobs that can be done online to the home. Accessing different remote systems has become a necessity for all those affected. DDoS attacks against many organizations could previously have had only a limited negative effect and reputational damage and the daily operations of employees and students could continue in person or via locally accessible systems. Now the attack can stop all work and education for remote users relying on the targeted system. This has become a reality; DDoS attacks against an elearning platform by a single high school student disrupted access to online classes for a week for 170,000 users (Freed, 2020). What could be the worldwide economical impact if a new recordbreaking DDoS attack targets the largest online collaboration tools?
Complete Report: Towards Remediating DDoS Attacks (PDF) Mouseover to Read Embedded Research
Towards Remediating DDoS Attacks – Arturs Lavrenovs – CCDCOE* NATO Cooperative Cyber Defence Center of Excellence – Cyber Defence Library
Note: The NATO Cooperative Cyber Defence Center of Excellence has a mission to support member nations and NATO with unique interdisciplinary expertise in the field of cyber defence research, training and exercises covering the focus areas of technology, strategy, operations, and law.
Additional Reading
- [Annual Update] The Intersection of International Law and Cyber Operations: An Interactive Cyber Law Toolkit
- Cybersecurity Challenges for Artificial Intelligence: Considering the AI Lifecycle
Source: ComplexDiscovery