Can we defeat DDoS using analytics?

Can we defeat DDoS using analytics?

Can we defeat DDoS using analytics?

Distributed Denial of Service (DDoS) attacks have been in the news recently with one particular prominent incident garnering national attention in the past week. Whilst the jury is still out on the nature and cause of that alleged attack it should be remembered that DDoS attacks have been occurring for many years. In fact, you could say that students calling the White House on masse in the 60’s, to protest against President Johnson’s involvement in the Vietnam war was an attempt to flood the switchboard of the White House and prevent telephone communications, was an early DDoS attack.

Yet we now live in a connected era where there are billions of devices connected to the internet and these can be commandeered to participate in a DoS attack. Attacks can be coordinated by foreign countries against another countries’ infrastructure, by organised criminal groups or even by a kid down the road in his bedroom on his laptop. Of course the sophistication of these attacks vary widely and state sponsored attacks are generally well funded and executed by highly skilled teams of individuals.

Read Also:
How to empower Employees with constant access to information

So are we ever going to see an end to these types of attacks? Most probably not. Instead, expect to see more and more of these attacks as they mutate and find new ways to flood foreign networks. Major events held online are going to be obvious targets for DDoS attacks because of the kudos the attackers can claim within their communities. However, you should assume any site or service connected to the net could be a target.

It is very hard to defend against these attacks because of the many different ways in which hackers may strike. Distinguishing between legitimate and malicious traffic is a complex task. Setting up filtering by hand is often impossible due to the large number of hosts involved in the attack.

Each organisation has multiple front-end points connected to the internet including email, web and name servers. But there’s also a range of back-end servers that are also at risk such as databases simply through hitting the front end functions that then impose a high load on the back-end sources. So our first problem area is to identify each of the potential attack points in our organisation. Secondly attackers may use new methods or modify existing attacks to circumvent established defence mechanisms. Static defences do not work if a yet-unknown attack is used. Instead our systems need to adapt to new types of attack.

Read Also:
Making the move from Predictive Modelling to Machine Learning

Also keep in mind that there still is a proportion of bona fide service requests to use the service. This makes it harder to inspect the traffic and to work out a classification scheme for traffic filtering.

 



Big Data Innovation Summit London

30
Mar
2017
Big Data Innovation Summit London

$200 off with code DATA200

Read Also:
Has Cognitive Computing Arrived?

Data Innovation Summit 2017

30
Mar
2017
Data Innovation Summit 2017

30% off with code 7wData

Read Also:
How big data is having a 'mind-blowing' impact on medicine

Enterprise Data World 2017

2
Apr
2017
Enterprise Data World 2017

$200 off with code 7WDATA

Read Also:
How big data is having a 'mind-blowing' impact on medicine

Data Visualisation Summit San Francisco

19
Apr
2017
Data Visualisation Summit San Francisco

$200 off with code DATA200

Read Also:
How to empower Employees with constant access to information

Chief Analytics Officer Europe

25
Apr
2017
Chief Analytics Officer Europe

15% off with code 7WDCAO17

Read Also:
GDPR and Evolutionary Master/ Reference Data Management
Read Also:
Five Steps for Using Analytics to Transform Your Business

Leave a Reply

Your email address will not be published. Required fields are marked *