Editor’s Note: From time to time, ComplexDiscovery highlights publicly available or privately purchasable announcements, content updates, and research from data discovery and legal discovery providers, research organizations, and ComplexDiscovery community members. While ComplexDiscovery regularly highlights this information, it does not assume any responsibility for content assertions.

To submit recommendations for consideration and inclusion in ComplexDiscovery’s data and legal discovery-centric service, product, or research announcements, contact us today.

Research Report from CCDCOE* (Arturs Lavrenovs)

Towards Remediating DDoS Attacks

Research Abstract

The Internet infrastructure has been struggling with distributed denial­of­service (DDoS) attacks for more than two decades. This paper reviews aspects of current remediation strategies for reflected amplified DDoS attacks and identifies elements that are insufficiently researched which might be hindering remediation efforts. It identifies additional actors who should be playing a role in these efforts and reviews their incentives and motivation. The issue has long been whether it is possible to remediate abused protocols faster than the protocols get deprecated while devices using them remain functional until the end of their life. It now appears that it is. The Memcache protocol attack capacity was only 319 Mbps in May 2020 but it was 1.7 Tbps only two years previously. Thus it can be considered fully remediated. The paper examines why this was a successful remediation effort and whether it could be applied to other commonly abused protocols by using the reflector capacity measurement methodology. In contrast, the long­term abused DNS protocol has not seen a significant drop in capacity, which is lingering around 27.5 Tbps.

Research Extract

Addressing the DDoS problem in 2020 has become more important than ever. The global pandemic almost instantly shifted the whole education system and jobs that can be done online to the home. Accessing different remote systems has become a necessity for all those affected. DDoS attacks against many organizations could previously have had only a limited negative effect and reputational damage and the daily operations of employees and students could continue in person or via locally accessible systems. Now the attack can stop all work and education for remote users relying on the targeted system. This has become a reality; DDoS attacks against an e­learning platform by a single high school student disrupted access to online classes for a week for 170,000 users (Freed, 2020). What could be the worldwide economical impact if a new record­breaking DDoS attack targets the largest online collaboration tools?


Complete Report: Towards Remediating DDoS Attacks (PDF) Mouseover to Read Embedded Research

Towards Remediating DDoS Attacks – Arturs Lavrenovs – CCDCOE

Read the original article.

NATO Cooperative Cyber Defence Center of Excellence – Cyber Defence Library

Note: The NATO Cooperative Cyber Defence Center of Excellent has a mission to support member nations and NATO with unique interdisciplinary expertise in the field of cyber defence research, training and exercises covering the focus areas of technology, strategy, operations, and law.


Additional Reading

Source: ComplexDiscovery

The post Stressed Out? Towards Remediating DDoS Attacks appeared first on ComplexDiscovery.