Bypassing ISP and Enterprise Anti-DDoS with 90's technology

Presented at RVAsec 2018, June 7, 2018, 11 a.m. (50 minutes)

Stressers/Booter services is providing "DDoS as A Service" and they are getting more and more powerfull, measured in amount of traffic, but the current resources they use could be improved, and optimized, and perform a much more dangerous and advanced attack patterns that can bypass large Anti-DDoS solutions through pre-analysis and data-mining with  big data analysis and OSINT informaiton as source. The research will show a framework on how attackers can optimize attacks based on a combination of big-data analysis and pre-attack analysis, that will show that terabit attacks are not necessarily needed, and why 90's technology is prefered over IoT Worms and other fancy gadgets.

Presenters:

• Dennis Rand - eCrimeLabs
  Dennis Rand is a security researcher from Denmark. He specializes in vulnerability research, network analysis, penetration testing and incident response. Dennis has over seventeen years of experience in various security roles including researcher, consultanting, and simply loves breaking stuff. In his spare time (Of what is left), he loves to observe and capture the world through photography.

Links:

• https://rvasec2018.sched.com/event/EgBq/bypassing-isp-and-enterprise-anti-ddos-with-90s-technology

Similar Presentations:

• Still Hacking Anyway (SHA2017) / DDoS attack and defense: for the lulz
• Black Hat USA 2013 / Denying Service to DDoS Protection Services
• DEF CON 22 (2014) / Don't DDoS Me Bro: Practical DDoS Defense