How ADS can cure DDoS attacks
According to the 2015 H1 Green Alliance technology DDoS Threat Report, today's large-volume network attacks are gradually showing a growth trend. The recent launch of hammer technology and the failure of Apple's official website in September 12 confirmed this. What is DDoS attack? How can we defend against DDoS attacks? The author of this article uses a series of cartoon pictures to give a vivid demonstration.
Sad Press Conference
On the evening of August 25, 2015, the hammer mobile phone ushered in the most sad press conference in history. In addition to early leaks of all product information, even the e-commerce websites on the day of the press conference were under DDoS attacks, making it impossible for customers to take a few hours. It is reported that the DDoS attack traffic was dozens of GB, and the staff had been struggling to repair the attack that night ......
Coincidentally, when Apple opened its pre-purchase iPhone 6 s in September 12, it was even sad and thrilling.
Because of his shopping mall, the products that are ready to be snapped up are painted !!! Lost in connection for 104 minutes !!! The effect is equivalent to a large-scale DDoS attack. The corresponding CDN service provider was helpless for a while, and access could only be forcibly restricted. This affects hundreds of millions of businesses!
These large-volume DDoS attacks also confirm the point in the 2015 H1 RPA DDoS Threat Report: large-volume attacks are on the rise.
What is DDoS?
Let's give you an example. Suppose you have a store and the business is good!
At this time, Old Wang, who had a poor business in the next house, stared at you (well, don't mind, he may not be surnamed Wang ),
So he hired a group of troublemakers.
Then you will find that a large number of guests are coming from the store. You are totally overwhelmed, and they are always asking you to ask this question. looking at things from the east to the west, you just don't need to buy things. Even worse, you can't leave it alone!
The real customers are no longer connected to the store! This is the so-called DDoS attack-a group of illegal traffic from "malicious access", "blocking stores", "occupying space", and "teasing shop assistants. They are initiated by hackers through a botnet host with a Trojan backdoor in advance, but they are installed with almost the same data as normal access, this prevents NF or other protection devices from identifying illegal data traffic.
Then, the solution at this time is to ask a "discerning person" to help clean up the site. Specifically, it is to use a certain anti-DDoS tool to precisely identify these illegal traffic, such as the ADS of lumon technology.
How does this tool precisely identify illegal traffic?
1. Anti-spoofing: It verifies the correctness of the packet address and port, and performs reverse detection.
2. Protocol Stack behavior mode analysis: each data packet type must comply with RFC requirements, as if each data packet must have a complete specification, as long as it does not comply with the specification, ADS automatically identifies and filters data.
3. Protection for specific applications: Illegal traffic always has some specific characteristics. This is like even if you are in a customer group, your behavior will reveal your motivation, for example, if you repeatedly ask the clerk the same question and do the same action, you will still be discovered.
4. Analysis of user behavior patterns: real data is randomly accessed. This is like the customer's behavior after entering the store is random, or they can look at the product, inquire for an inquiry, or compare it back and forth, or, when talking to the clerk, the illegal traffic will go to a certain point on a large scale in a step-by-step manner, which will also be recognized by ADS.
5. Dynamic fingerprint recognition: valid traffic data will have corresponding encryption algorithms. This is like each data must be verified by a private password before it enters the server, if you can't tell the password or the password is incorrect, ADS will directly drop you OUT.
6. bandwidth control: when the actual access data is too large, ADS can limit its maximum output traffic to reduce the pressure on downstream network systems. With this function, apple doesn't have to be so busy.
Postscript
As DDoS attack tools become more common and powerful, security risks on the Internet are increasing, and customers' business systems are increasingly dependent on the network. It is foreseeable that the number of DDoS attack events will continue to grow, the attack scale will be larger, and the loss severity will be higher. So do you understand "DDos attack?