Can we defeat DDoS using analytics?

Can we defeat DDoS using analytics?

Can we defeat DDoS using analytics?

Distributed Denial of Service (DDoS) attacks have been in the news recently with one particular prominent incident garnering national attention in the past week. Whilst the jury is still out on the nature and cause of that alleged attack it should be remembered that DDoS attacks have been occurring for many years. In fact, you could say that students calling the White House on masse in the 60’s, to protest against President Johnson’s involvement in the Vietnam war was an attempt to flood the switchboard of the White House and prevent telephone communications, was an early DDoS attack.

Yet we now live in a connected era where there are billions of devices connected to the internet and these can be commandeered to participate in a DoS attack. Attacks can be coordinated by foreign countries against another countries’ infrastructure, by organised criminal groups or even by a kid down the road in his bedroom on his laptop. Of course the sophistication of these attacks vary widely and state sponsored attacks are generally well funded and executed by highly skilled teams of individuals.

Read Also:
4 Ways BI Can Help Prevent Harm in Healthcare

So are we ever going to see an end to these types of attacks? Most probably not. Instead, expect to see more and more of these attacks as they mutate and find new ways to flood foreign networks. Major events held online are going to be obvious targets for DDoS attacks because of the kudos the attackers can claim within their communities. However, you should assume any site or service connected to the net could be a target.

It is very hard to defend against these attacks because of the many different ways in which hackers may strike. Distinguishing between legitimate and malicious traffic is a complex task. Setting up filtering by hand is often impossible due to the large number of hosts involved in the attack.

Each organisation has multiple front-end points connected to the internet including email, web and name servers. But there’s also a range of back-end servers that are also at risk such as databases simply through hitting the front end functions that then impose a high load on the back-end sources. So our first problem area is to identify each of the potential attack points in our organisation. Secondly attackers may use new methods or modify existing attacks to circumvent established defence mechanisms. Static defences do not work if a yet-unknown attack is used. Instead our systems need to adapt to new types of attack.

Read Also:
Advanced Analytics in Audit

Also keep in mind that there still is a proportion of bona fide service requests to use the service. This makes it harder to inspect the traffic and to work out a classification scheme for traffic filtering.

 



Chief Analytics Officer Europe

25
Apr
2017
Chief Analytics Officer Europe

15% off with code 7WDCAO17

Read Also:
Who Will Own Your Data If the Tech Bubble Bursts?

Chief Analytics Officer Spring 2017

2
May
2017
Chief Analytics Officer Spring 2017

15% off with code MP15

Read Also:
Getting in Front on Data: Enhance Data Quality for All Your Data Roles

Big Data and Analytics for Healthcare Philadelphia

17
May
2017
Big Data and Analytics for Healthcare Philadelphia

$200 off with code DATA200

Read Also:
The hidden danger of big data

SMX London

23
May
2017
SMX London

10% off with code 7WDATASMX

Read Also:
Analytics or BI? Centralized or federated data? Geisinger's CDO shares insights

Data Science Congress 2017

5
Jun
2017
Data Science Congress 2017

20% off with code 7wdata_DSC2017

Read Also:
Clinician Sharing of Data a Top Reason for Data Breaches
Read Also:
The Importance of Data Governance

Leave a Reply

Your email address will not be published. Required fields are marked *