Investment analysis assignment

DDoS Quick Guide comprises public domain material from the U.S. Department of Homeland Security.

DDoS Quick Guide

DISCLAIMER: This advisory is provided “as is” for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. The DHS does not endorse any commercial product or service, referenced in this advisory or otherwise. Further dissemination of this advisory is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see http://www.us-cert.gov/tlp/.

Attack Possibilities by OSI Layer

OSI Layer Protocol Data Unit (PDU)

Layer Description

Protocols Examples of Denial of Service

Techniques at Each Level

Potential Impact of DoS

Attack

Mitigation Options for Attack Type

Application Layer (7)

Data Message and packet creation

begins. DB access is on

this level. End- user protocols

such as FTP, SMTP, Telnet, and RAS work at this layer

Uses the Protocols FTP, HTTP, POP3, & SMTP and its device is the

Gateway

PDF GET requests, HTTP

GET, HTTP POST, =

website forms (login,

uploading photo/video,

submitting feedback)

Reach resource limits of services

Resource starvation

Application monitoring is

the practice of monitoring

software applications

using a dedicated set of algorithms, technologies,

and approaches to

detect zero day and application layer (Layer 7 attacks). Once

identified these attacks can be stopped and

traced back to a specific

source more easily than

other types of DDoS attacks

Presentation Layer (6)

Data Translates the data format

from sender to receiver

Uses the Protocols

Compression & Encryption

Malformed SSL Requests --

Inspecting SSL encryption packets is resource intensive.

Attackers use SSL to tunnel

HTTP attacks to target the

server

The affected systems could stop accepting

SSL connections or automatically

restart

To mitigate, consider

options like offloading the SSL from the

origin infrastructure and inspecting the application traffic for signs

of attacks traffic or

violations of policy at an applications

1

https://www.us-cert.gov/sites/default/files/publications/DDoS%20Quick%20Guide.pdf
OSI Layer Protocol Data Unit (PDU)

Layer Description

Protocols Examples of Denial of Service

Techniques at Each Level

Potential Impact of DoS

Attack

Mitigation Options for Attack Type

delivery platform (ADP).

A good ADP will also ensure

that your traffic is then reencrypted

and forwarded back to the

origin infrastructure

with unencrypted content only