In session at the Black Hat USA conference in Las Vegas, F5 Networks researchers outlined the challenges of morphing DDoS attacks and announced the release of a new open source tool called SODA in an effort to help test defenses for attack resilience.
SODA is an acronym for Simulation of DDoS Attacks and provides multiple traffic generation tools to simplify DDoS protection testing. The inspiration for SODA came from a July 2018, attack against encrypted email provider cby an aggressive form of Distributed Denial of Service (DDoS) attack that was constantly morphing its' tactics. The attack and its unique approach to disruption inspired F5 Networks researchers to figure out how to help organizations better defend themselves against the new type of DDoS.
Mudit Tyagi, Architect, Security Products, F5 Networks, explained that the attack vectors used in the Protonmail morphing DDoS attack included common attack methodology including UDP and syn floods.
"What made the attack so complex to defend against that the attacker kept on changing the attack, they kept on morphing," he said.
Tyagi added that after the Protonmail attack, his team took it upon themselves to figure out how to catch morphing attacks. The first step was to build a tool that could simulate morphing attacks, so organizations could test their own defences to see what would happen and what might be lacking. The end result of that effort is SODA.
No tags.
