www.bonsaiframework.com
Page tree

Versions Compared

Old Version 21

changes.mady.by.user Tin Pham

Saved on

compared with

New Version 22

changes.mady.by.user Tin Pham

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Overview

Research into scenario of low traffic application unintentional DOS and mitigation services.

Types of Attacks

http://www.cyberdefensemagazine.com/choosing-a-ddos-mitigation-solution-the-cloud-based-approach/#sthash.XIwsFI8a.dpbs

...

Application Layer Attacks – The attackers target HTTP trying to exhaust the resource limits of Web services. Application Layer Attacks target specific Web applications flooding them with a huge quantity of requests that saturate target’s resources. Application Layer attacks are hard to detect because they don’t necessarily involve large volumes of traffic and require fewer network connections with respect to other types of DDoS techniques. Some example of Application Layer DDoS attacks is Slowloris, and DDoS attacks that target Apache, Windows, or OpenBSD vulnerabilities. Application Layer Attacks magnitude is measured in Requests per second.

Layer 7

http://ddosattackprotection.org/blog/layer-7-ddos-attack/

...

Attack sample protected using WAF

Akamai

Kona Site Defender: Kona Site Defender is designed to improve the security posture of the Customer’s Sites and Applications, and reduce the likelihood and impact of security events by mitigating attacks in the Akamai network prior to reaching the Customer’s origin infrastructure. Kona Site Defender includes configurable functionality designed to help protect Customer Sites by reducing the risk and impact of attacks at the network and application layers. Kona Site Defender provides rate control protections to mitigate the risk of Denial of Service and Distributed Denial of Service attacks as well as common attack methodologies such as SQL Injection, Cross-Site Scripting, Trojan backdoors, and malicious bots. Kona Site Defender provides tools that enable the definition and enforcement of security policies specific to client IP, HTTP method and other request parameters. Kona Site Defender is also designed to provide protection from burst charges associated with unexpected or malicious traffic spikes. Kona Site Defender includes Kona Web Application Firewall, Site Shield, Site Failover, Access Control, Security Monitor, Compliance Management and DDoS Fee Protection

...

Rate Controls provides protection against application layer DDoS attacks by monitoring and controlling the rate of requests against the Akamai Edge servers and the customer origin. Rate categories can be incorporated as WAF rules enabling the customer to dynamically alert and/or block clients exhibiting excessive request rate behaviors. Statistics are collected for 3 request phases: client request; forward request; and forward response.

HTTP Analysis

ScotiaOnline Login under the covers view after button is clicked.

...

Request header containing information about the http request and the browser agent,

 

 

 

 

 

 

 








References

Amazon White Paper- https://d0.awsstatic.com/whitepapers/DDoS_White_Paper_June2015.pdf