1. Defending Against Distributed Denial-of-Service Attacks A DDoS attack can eas

Question

1. Defending Against Distributed Denial-of-Service Attacks A DDoS attack can easily cost an organization tens of thousands of dollars per minute in lost revenue and worker productivity. In addition, in the fallout from such an attack, an organization may find its customers switching to competitors due to a loss of confidence resulting from the bad publicity. Financial and travel service firms and various e-commerce Web sites are frequent targets of DDoS attacks. During the fall of 2012, powerful DDoS attacks were directed at the Web servers of several major U.S. banks. The DDoS attack directed 65 Gbps of data traffic at each bank server—the network equivalent of an F5 hurricane—effectively making the server inaccessible to customers. The attack repeated itself at one bank after another. Over the course of a few weeks, Bank of America, Capital One, JPMorgan Chase, PNC Financial Services, Regions Financial, Sun Trust, US Bank, and Wells Fargo were all hit. Particularly alarming is that the banks were not able to completely fend off the attacks—the attackers simply stopped on their own to avoid being iden- tified. The parties responsible for these attacks have not been positively identified, but suspects include Hamas, an Islamic group called the Izz ad-Din Al-Qassam Cyber Fighters, the hacktivist group Anonymous, cybercriminals based in Eastern Europe, and hackers in Saudi Arabia and Iran.44 SpaFinder is a spa and wellness company that sells spa, wellness, and beauty gift cards and rewards programs that draw millions of clients to its global network of spas, fitness studios, and wellness practitioners.45 A recent DDoS attack hit SpaFinder’s 24/7 call center, making it impossible for customers to access the Web site to view content, make purchases, redeem gift certificates, or spend rewards points. SpaFinder’s Web hosting service was unable to deal with the attack. In desperation, SpaFinder technical support people contacted a DDoS mitigation service company that was able to get their site back up and running in less than 24 hours.46 DDoS mitigation service organizations monitor clients’ network equipment for signs of a DDoS attack. If such an attack is detected, all traffic is rerouted from the client Web site to the service provider over a dedicated high-speed network link for traffic “scrubbing.” This process allows the service provider to use powerful servers to inspect the data traffic for anomalies. All legitimate traffic is forwarded back to the customer for routine processing; all attack traffic is dropped. In addition to contracting with a DDoS mitigation service provider, security experts recom- mend that organizations (1) develop and practice a standard operating procedure to follow in the event of a DDoS attack; (2) maintain contact information for their ISP and hosting providers that includes names and phone numbers for whoever should be contacted during a DDoS attack and what information they will need; and (3) prioritize network services to identify what services could be turned off or blocked if needed to limit the effects of the attack.47 Discussion Questions: Outline a quantitative approach for justifying the use of a DDoS mitigation service to protect an e-commerce company such as SpaFinder. Can you identify any nonfinancial reasons to subscribe to a DDoS mitigation service? If so, what are they? Identify three potential kinds of DDoS attackers of an e-commerce company such as SpaFinder. What would be the motive for each of these attackers? Do research on the Web to find three DDoS mitigation service providers. How are their services similar? How are they different? Which DDoS service provider do you think is the best?

Explanation / Answer

The term ‘DDoS mitigation’ refers to the process of successfully protecting a target from a distributed denial of service (DDoS) attack. DDoS typically has 4 stages: detection, diversion, filtering, analysis. A DDoS mitigation service is requires for a number of reasons : human involvement is always cumbersome, time taken to mitigate decreases, system recovery with minimal cost,etc.

Nonfinancial reasons to subscribe to a DDoS mitigation service:

Kinds of DDoS attackers:

DDoS mitigation service providers:

Incapsula: This tool can mitigate any kind of DDoS attack from layer 3,4,7. It provides both always-on & on-demand service for DDoS attacks. It provides trial to it’s business & enterprise plans. They have “under attack” team to contact in case of any service neeed.

Akamai: It is one of the best solutions present to provide security & CDN. It has set the record to mitigate 620 Gbps attack. AKAMAI’s KONA DDoS Defender can help you to stop the DoS/DDoS attacks from an edge of the network. It is built on AKAMAI intelligent platform to provide website protection. Cloud-based solution mitigates all types of known attacks including encrypted traffic. AKAMAI network is well geographically located with 1300 network locations in more than 100 countries. AKAMAI does provide infrastructure protection to the entire data center as Prolexic routed or connect product.

Cloudflare: It has two plans, under pro plan it provides basic protection whereas under enterprise plan it provides protection against all layer 3,4,7 attacks. Cloudflare offers flat rate pricing that means no matter how big attacks, you will always pay the same fixed fee every month. CloudFlare network is present in 102 data center with over 10 Tbps capacity capable of handling any distributed denial of service attacks.

Related Questions

Navigate

• Browse (All)
• Browse 1
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.