Explore a comprehensive analysis of DDoS mitigation bypass techniques in this 56-minute Black Hat USA 2013 conference talk. Delve into the weaknesses found in common DDoS mitigation technologies, from basic malformed traffic checks to traffic profiling and rate limiting. Discover how researchers developed a proof-of-concept attack tool capable of bypassing all existing commercial DDoS mitigation solutions. Learn about the extensive survey of DDoS mitigation technologies, their countermeasure techniques, and how to defeat each of them through traffic characteristic emulation. Examine the "combo attack" methodology that allows access to backend systems by bypassing multiple layers of protection. Gain insights into the testing results against specific DDoS mitigation products and popular protected websites. Conclude with a discussion on proposed next-generation mitigation techniques to counter these advanced attack methodologies.
Overview
Syllabus
Black Hat USA 2013 - Universal DDoS Mitigation Bypass
Taught by
Black Hat