Anatomy of Denial of Service Mitigation Testing

Presented at DEF CON 10 (2002), Aug. 3, 2002, 5 p.m. (50 minutes)

DOC has had the privilege of working on a project that was focused on looking at new product technologies relating to DOS and DDOS mitigation. Several commercial companies were formed who's entire focus was to find solutions to DOS and DDOS issues. Different types of detection were used in each product from pure rate analysis to statistical analysis and anomaly detection. This talk will focus on the testing methodology, testing results, lessons learned, and thoughts on the direction that this technology will be moving.

Presenters:

• Gregory S. Miles Ph.D., CISSP, IAM AKA 'DOC' - CIO, Security Horizon, Inc
  DOC has over 15 years of information technology and security experience in the USAF, Defense Information System Agency (DISA), commercial and manufacturing industries. DOC is CIO for Security Horizon, Inc, a security professional services firm with HQ is Colorado Springs. His focus there has been on Organizational focused activities to include security assessments, policy and procedure development, and project management. He is also an authorized instructor of the NSA INFOSEC Assessment Methodology. DOC has built and managed Computer Incident Response Teams (CIRT) and provided extensive technical and project management skills related to information security. He has served as Director, CyberCrime Response, responsible for CIRT, Computer Forensics, and Training responsibilities. He has served as an INFOSEC Program Manager, where he was responsible for establishing and supporting the worldwide security program for the U.S. Defense Information Systems Agency's Field Security Operations, to include Computer Emergency Response Teams (CERT) in 5 locations worldwide. Greg also served as a Senior INFOSEC Engineer, supporting NASA's efforts with the Earth Observing System. DOC served 6 years in the U.S. Air Force with a concentration in Information and Security. He has authored articles for security periodicals and websites, to include "The International CyberCrime Journal, DuckTank (now Security Horizon), and Small Business Marketing Ideas. DOC has been a previous technical speaker at the BlackHat Briefings and APCO conventions.

Links:

• https://defcon.org/html/defcon-10/defcon-10-speakers.html#gregmiles
• https://infocon.org/cons/DEF CON/DEF CON 10/DEF CON 10 video/DEF CON 10 - Greg Miles - DDoS Mitigation.mp4
• https://www.youtube.com/watch?v=iur2YD6aDsE

Similar Presentations:

• VB2017 / The (testing) world turned upside down
• Still Hacking Anyway (SHA2017) / DDoS attack and defense: for the lulz
• Black Hat USA 2013 / Universal DDoS Mitigation Bypass