North Texas ISSA Monthly Meeting for August 2015

Multi-vector DDOS Attacks: Detection and Mitigation

Speaker: Paul Mazzucco, Chief Security Officer at TierPoint

Speaker Bio: Paul Mazzucco is a veteran of the IT security market and expert in data center security. A Certified Ethical Hacker (CEH), he answers to the FBI, the United States Secret Service, Pennsylvania Electronic Crimes Task Force (PAECT), and the United States Computer Emergency Readiness Team (U.S. CERT).

Presentation Title: Multi-Vector DDOS Attacks: Detection and Mitigation

Presentation Description: 2014 saw an average of 28 DDoS attacks every hour, and 40% of those business who suffered a DDoS attack saw their Internet connectivity completely “saturated” (in other words, the attack didn’t just degrade performance, it took the organization completely offline). As network providers improve their ability to protect against these attacks, criminals are stepping up, too. Today 81% of DDoS attacks are multi-vector, combining volumetric, application-layer and state exhaustion techniques. This session will dive into the seven network layers in the Open System Interconnection (OSI) model, describe how DDoS attacks are perpetrated against each layer, and offer advice for how to mitigate against these complex intrusions.