But again, layer 4 traffic is really the vehicle for providing these attacks.” Down on the lower graph, we see Microsoft reporting the other way around, the majority of the traffic they're seeing is TCP - UDP plays is a slightly lesser role. … So the vast majority of what they're seeing are layer four protocol attacks. “Kaspersky was reporting last year that over 50% of their traffic was UDP traffic, that (these) were UDP attacks. See where Sollins addresses UDP attacks specifically: We see that there are a number of different kinds of attacks that are happening.” “They're very hard to recognize … we have, in this space, a large collection of companies that have stepped up to actually try to provide mitigation to the victims, if they can't do it themselves. “These are attacks where the traffic itself looks completely legitimate,” she says. Mentioning a priori mitigation and the need to evaluate attacks, she also points out the scale of the problem – with hundreds of thousands of bots in powerful botnets, she points out, stopping volumetric attacks can be difficult. She starts off with an anecdotal experience where she was involved in mitigating an attack. In her MIT talk, Karen Sollins addresses how to go on the offense against DDoS attackers. CISA is warning about the ubiquity of UDP attacks, and you can see more evidence of this trend at places like the Cloudflare blog.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |