Wednesday, May 20, 2015

DDOS PROTECTION FOR SHORT DURATION DDOS ATTACKS




 Picture Source : Google Images

The ultimate goal of a DDoS attack is to bring down the targeted site by flooding it with fake requests, usually from multiple locations.

Thousands of DDoS attacks take place every day and typically these attacks last for a number of days.

But not all of these attacks take days before they die down. There are also short duration DDoS attacks that only take a few minutes. These short duration attacks have the same modus operandi where attackers coordinate and launch the attack full throttle.

These short duration DDoS attacks are becoming more and more talked about and are happening more often as their frequency has increased in comparison to full blown DDoS attacks that last way longer.

An early trend that has been spotted with these short bursts of DDoS attacks is that apparently they’re carried out primarily to divert site owner’s attention.

In this article, we would like to address what happens when this type of attack targets a site and
possible protections from it.

Recently, a well known bank’s two domains were targeted by these short bursts. It only lasted for a few minutes but consumed a bandwidth at the rate of dozens of gigabytes per second. It was gathered that the first and second attacks were reconnaissance attacks, executed to evaluate which of the two domains was more vulnerable. It was clear that the second domain was more susceptible since it was hit much harder in the third and final attack.

Attackers leverage short-duration attacks to evaluate which companies and organizations are easiest to infiltrate.

One must be prepared for short term as well as longer more conventional DDoS attacks but with the short duration DDoS attack the thing is that you are left with a very small window of reaction time. The best possible protection from it rather than trying to sort it out while it has already begun is to make sure that professional people be made responsible to make sure that it shouldn’t happen in the first place. As a professional DDoS mitigation outfit would certainly take necessary precautions to either stop it in the bud or let least minimum damage occur if any.

Organisations managing multiple web domains must have the ability to centralise incoming data, preferably by working with the same security vendor across all their domains. This enables them to predict attacks by analysing trends and patterns across their sites.

One more advantage of having a professional team of DDoS mitigation experts is that they use data from their various customers in order to predict potential attacks in advance.

DDoS mitigation experts identify the patterns early on while an unsuspecting customer thinks that the attack is over, these experts know that this may actually be a sign for a much larger attack coming through as they prepare for it in advance.

Keeping in view how these new short duration DDoS attacks are forming patterns, new services and tools are being used by DDoS mitigation services as they aggregate attack information from other cases and ultimately predict and avoid a possibly massive attack that is about to come.