Palestrante: Prof. Dr. João Gondim (CIC/IE/UnB)

Título: Mirror Saturation in Amplified Reflection DDoS

Data: 23 de agosto de 2019

Local: Sala Multiuso CIC 

Horário: 14h

Resumo: Over the last six years, there have been two major game changers in DDoS attacks: amplified reflection and IoT. Together, they motivated well-founded security concerns relating to IoT's offered attack surface, and how it could potentialize DDoS. In order to assess those concerns, the feasibility of IoT device abuse as reflectors was evaluated. Attacks abusing two protocols were tested showing a pattern: reflector saturates without sustaining maximum amplification rates, for very low injection rates (between 10 and 100 probe/sec). Hence, if on the one hand IoT devices, in general, would not be good reflectors, they would be good injectors. An attacker could thus use more injectors while maintaining low injection rates. This indicates how mitigation requirements should evolve as it would certainly require greater coordination from the attacker but tends to hamper detection. It is expected higher sophistication in DDoS attack execution, as in carpet bombing and pulse attacks, with the evolution of C2 incorporating orchestration and attack coordination.

Profa Célia Ghedini Ralha (Este endereço de email está sendo protegido de spambots. Você precisa do JavaScript ativado para vê-lo.)

Coordenadora dos Seminários de Pós-Graduação em Informática 2019-2