DDoS Black and White "Kungfu" Revealed

Presented at DEF CON 20 (2012), July 28, 2012, 3 p.m. (50 minutes)

Enterprises currently dump millions of bucks to defense against DDoS, some trading firms here are paying for fear to the DDoS attack from China about 5K to 100K USD per day and InfoSec teams believe their solutions are perfect already. Are those controls effective and unbreakable? In the first part of the presentation, we would like to show our studies and carry out over 10 types of DDoS test against various big firms and organizations to see whether their defense is effective, showing how stupid and smart they are. Various interesting case studies will be briefed :) In the second part of the presentation, we will detail our proposed defense model to against Application-Level attacks. We have already checked with other vendors and researchers about our model, it is still not yet deployed and hopefully we could put this as an open source project in the future. Hopefully, you will enjoy this fun session with us and learn whether your organization could survive even under DDoS attack.

Presenters:

• Alan "Avenir" Chung - Researcher, VXRL
  Alan "Avenir" Chung has more than 8 years working experience on Network Security. He currently is working as a Security Consultant for a Professional Service provider. Alan specializes in Firewall, IDS/IPS, network analysis, pen-test, etc. Alan's research interests are Honeypots, Computer Forensics, Telecommunication etc.
• Kelvin "Captain" Wong - Researcher, VXRL
  Kevin "Captain" Wong works in law enforcement and deals with various reported criminal cases about DDoS and network intrusion as well as computer forensics, he is the real frontline investigator fighting with the criminals and suspects.
• Tony "MT" Miu - Researcher, VXRL
  Tony "MT" Miu has worked in an anti-DDoS company for over a few years. He has expertise in network security and always needs to tackle new DDoS attacks against his company's clients. The task is clearly critical. He knows lots of dark side of attacks and MT is the major leader of both DDoS Kungfu and defense model projects.
• Anthony "Darkfloyd" Lai - Security Researcher, Valkyrie-X Security Research Group (VXRL)
  Anthony "Darkfloyd" Lai focuses on reverse engineering and malware analysis as well as penetration testing. His interest is always falling on CTF and analyzing targeted attacks. He has spoken in Black Hat USA 2010, DEF CON 18 and 19, AVTokyo 2011, Hack In Taiwan 2010 and 2011 and Codegate 2012. His most recent presentation at DEF CON was about APT Secrets in Asia. Recently, he has worked with MT, Captain and Avenir on DDoS research projects. Meanwhile, he is always studying targeted attacks from mainland China and it would be fun for him to get another attack perspective from these studies. Twitter: @anthonation

Links:

• https://defcon.org/html/defcon-20/dc-20-speakers.html#Lai

Similar Presentations:

• Still Hacking Anyway (SHA2017) / DDoS attack and defense: for the lulz
• DEF CON 22 (2014) / Don't DDoS Me Bro: Practical DDoS Defense
• HOPE Number Nine (2012) / Activist DDoS Attacks: When Analogies and Metaphors Fail