Absrtact: Gur Shatz, co-founder and CEO of Incapsula Company, which provides DDoS protection and Web site security, has just published a trend analysis article on DDoS (Distributed denial of service) attacks, which says 2014-year DDoS attacks are showing greater, faster, stronger
Incapsula, co-founder and CEO of the company, which provides DDoS protection and Web site security, CDN and so on, has just published a trend analysis article on DDoS (Distributed denial of service) attacks, which says 2014-year DDoS attacks are showing greater, faster, stronger, Smarter trend.
Incapsula has been tracking the trend of DDoS in recent years, and they found that DDoS attacks have soared since 2014, with a 240% increase in DDoS attacks this year compared with the same period last year.
DDoS attacks are generally divided into network layer (4 layer) attack and application layer (7 layer) attack two kinds. The 2014 continued the rapid growth of network-level DDoS attacks, with nearly 1/3 of the attack traffic exceeding 20Gbps (which was the highest attack traffic last year), or even more than 100Gbps, 200Gbps. This is because the use of new DDoS attacks, such as large flood attacks and DNS amplification, and NTP amplification, can generate huge attack traffic, in which large flood attacks are still the most important types of DDoS attacks, which occupy 51.5% of the traffic over 5Gbps attacks.
Multi-directional attack
In order to deceive the targeted protection methods, the DDoS in recent years presents a multi-directional characteristic. More than 80% of DDoS attacks employ multiple attacks. The most recent multi-directional multiple attacks are the combination of a general flood attack packet with a large flood attack pack (more than 250 bytes), which accounts for about 75% of the DDoS attacks with attack traffic exceeding 20Gbps.
Zombies Get Smarter
There are many indications that DDoS bots are becoming more complex. For example, in the 2013, some browser-based zombies have been challenged by JavaScript and cookies, both of which are the most common security challenges for filtering zombies.
The smart trend of the 2014 continues, and zombies have even been able to mimic standard browsers. A 29% bot can attack more than 50 targets per month, and now 29.9 of DDoS bots can accept and save cookies. In addition, 1% of bot can execute JavaScript. Although this percentage does not seem high, the fact that the implementation of Jacascript has evolved to a new level of zombie intelligence.
Incapsula also studied the origins of DDoS attacks. The study found that India (9.59%), China (9.2%), Iran (7.99%), Indonesia (4.29%) and the United States (4.26%) were the sources of 5 DDoS attacks. Of course, this intelligence illustrates the source of resources used by attackers these countries do not show that attackers are people in these countries because zombies can be manipulated remotely.
The devil is taller than a foot road. When an attacker has refurbished his or her own means of attack, the defenders also need to polish their fake eyes and fortify their shields in order to cope with the increasingly serious security challenges.